[PATCH v2 0/3] arm64: use hierarchical XN permissions for all page tables

Ard Biesheuvel ardb at kernel.org
Mon Mar 8 18:15:32 GMT 2021 

This series tweaks the page table population code to set the UXNTable and
PXNTable bits as appropriate when page tables are being allocated and linked
into a page table hierarchy. On table entries that cover the linear region,
both PXN and UXN are set; for other page tables, either the UXN or PXN
attribute is set on all table entries, depending on whether the hierarchy in
question is used by the kernel or by user space.

Doing so removes the ability for lower level mappings to grant executable
permissions which are never needed by code that works as intended. And given
that swapper's PGD level is mapped r/o and can only be updated via the fixmap
API, the restrictions on kernel mappings cannot be trivially reverted by poking
writable memory.

Note that newer cores may permit hierarchical permission checks to be disabled,
so that the bits can be repurposed as software bits. However, we currently do
not make use of that feature, nor do we intend to, given that software bits in
table descriptors are not in short supply anyway.

This does not address a known exploit or vulnerability, but it applies the
principle of least privilege in a way that does not result in any space
or runtime overhead.

Changes since v1:
- clean up some more occurrences of P?D_xxx mismatches (#1)
- split the PXN and UXN macro definitions so we can apply them independently
- add patch #3 to apply PXNTable xor UXNTable permissions to all user and
  kernel mappings, respectively

Cc: maz at kernel.org
Cc: catalin.marinas at arm.com
Cc: will at kernel.org
Cc: mark.rutland at arm.com
Cc: anshuman.khandual at arm.com
Cc: qperret at google.com
Cc: kernel-team at android.com

Ard Biesheuvel (3):
  arm64: mm: add missing P4D definitions and use them consistently
  arm64: mm: use XN table mapping attributes for the linear region
  arm64: mm: use XN table mapping attributes for user/kernel mappings

 arch/arm64/include/asm/pgalloc.h       | 19 +++++++-----
 arch/arm64/include/asm/pgtable-hwdef.h | 15 ++++++++++
 arch/arm64/mm/kasan_init.c             |  4 +--
 arch/arm64/mm/mmu.c                    | 31 ++++++++++++++------
 4 files changed, 51 insertions(+), 18 deletions(-)

-- 
2.30.1

More information about the linux-arm-kernel mailing list