From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.2 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 869B1C433E0 for ; Mon, 8 Mar 2021 18:17:25 +0000 (UTC) Received: from desiato.infradead.org (desiato.infradead.org [90.155.92.199]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 1A9066518A for ; Mon, 8 Mar 2021 18:17:25 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 1A9066518A Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=desiato.20200630; h=Sender:Content-Transfer-Encoding :Content-Type:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:Cc:To:From: Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender :Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Owner; bh=ZAT4caEM4nSNQj+/LFzfPZoyseJ+4R8LfGR7N+popZk=; b=jpSyBKOZtqt7aq2u5LsRrGoCs/ HiDnhCVsJiagQMMjQio1v8Dx9+SwrHWHn6NrD1npqxT9k+n9E4vzWOhI2X4ErjfngRgrxmUmTS7sX iD3Ubg5UAmTgcSAzjj2BT10j1iZCwZZIr9jVNsflpDsCs1fBM/AULS0ZVCzBBA3se62XP4J58nsBz nHBqnfnuzIZ1m6ePTP29Nvsobv9MGWXYeGeBMO7pA/vCW7ZVS/qKYjr6xy4maW2ife9jo+47q/2+B 0UmwPafGGHAkbTDlbFlh8b9bdNVpWXdbwwgTJn1PtPsN8upvSs4yhuYhtFtb7xO/z9lwDdum7ZNXr yFe7At/A==; Received: from localhost ([::1] helo=desiato.infradead.org) by desiato.infradead.org with esmtp (Exim 4.94 #2 (Red Hat Linux)) id 1lJKQ2-001e1k-RU; Mon, 08 Mar 2021 18:15:50 +0000 Received: from mail.kernel.org ([198.145.29.99]) by desiato.infradead.org with esmtps (Exim 4.94 #2 (Red Hat Linux)) id 1lJKPy-001dzn-5u for linux-arm-kernel@lists.infradead.org; Mon, 08 Mar 2021 18:15:48 +0000 Received: by mail.kernel.org (Postfix) with ESMTPSA id 0C81F6518A; Mon, 8 Mar 2021 18:15:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1615227343; bh=Ga67Libfw6N+Hw8iTi9kXoPdaOQI+fS0LMU7VouGhVk=; h=From:To:Cc:Subject:Date:From; b=gkIci1MCNgSAixefDWvVj4ktQaZWK3EZdc+mTD2iXcO2afLYDN7AfI1xdq76vJcBM P49m38Aai4KAvo6yp1xudHKzDtcJmnPUQ1LohkpCVfsNu6xnCTZSVKGNY+qnbkWHUw xDbP4sN+LPh2TQLHAHez0XjSBU+XyUWaVz6dqsyQtHMlfbdvMgfSvug5syMHIVhPYY lnbZbharWbA1KRErsqP12nuPdqxW1pGR+cN+53765RNJoPW3E8NVYehA9Cvuw4666C yYLs8i585nw1Bd4FqYKJs9K2BETy4N/a9eynVYkSbu5U2FJggj0fFK4EE+zMH8mi9Q rmfFD4EraBTQQ== From: Ard Biesheuvel To: linux-arm-kernel@lists.infradead.org Cc: Ard Biesheuvel , maz@kernel.org, catalin.marinas@arm.com, will@kernel.org, mark.rutland@arm.com, anshuman.khandual@arm.com, qperret@google.com, kernel-team@android.com Subject: [PATCH v2 0/3] arm64: use hierarchical XN permissions for all page tables Date: Mon, 8 Mar 2021 19:15:32 +0100 Message-Id: <20210308181535.16230-1-ardb@kernel.org> X-Mailer: git-send-email 2.30.1 MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210308_181546_453600_ACEC8D13 X-CRM114-Status: GOOD ( 11.73 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org This series tweaks the page table population code to set the UXNTable and PXNTable bits as appropriate when page tables are being allocated and linked into a page table hierarchy. On table entries that cover the linear region, both PXN and UXN are set; for other page tables, either the UXN or PXN attribute is set on all table entries, depending on whether the hierarchy in question is used by the kernel or by user space. Doing so removes the ability for lower level mappings to grant executable permissions which are never needed by code that works as intended. And given that swapper's PGD level is mapped r/o and can only be updated via the fixmap API, the restrictions on kernel mappings cannot be trivially reverted by poking writable memory. Note that newer cores may permit hierarchical permission checks to be disabled, so that the bits can be repurposed as software bits. However, we currently do not make use of that feature, nor do we intend to, given that software bits in table descriptors are not in short supply anyway. This does not address a known exploit or vulnerability, but it applies the principle of least privilege in a way that does not result in any space or runtime overhead. Changes since v1: - clean up some more occurrences of P?D_xxx mismatches (#1) - split the PXN and UXN macro definitions so we can apply them independently - add patch #3 to apply PXNTable xor UXNTable permissions to all user and kernel mappings, respectively Cc: maz@kernel.org Cc: catalin.marinas@arm.com Cc: will@kernel.org Cc: mark.rutland@arm.com Cc: anshuman.khandual@arm.com Cc: qperret@google.com Cc: kernel-team@android.com Ard Biesheuvel (3): arm64: mm: add missing P4D definitions and use them consistently arm64: mm: use XN table mapping attributes for the linear region arm64: mm: use XN table mapping attributes for user/kernel mappings arch/arm64/include/asm/pgalloc.h | 19 +++++++----- arch/arm64/include/asm/pgtable-hwdef.h | 15 ++++++++++ arch/arm64/mm/kasan_init.c | 4 +-- arch/arm64/mm/mmu.c | 31 ++++++++++++++------ 4 files changed, 51 insertions(+), 18 deletions(-) -- 2.30.1 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel