mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-10-01 01:35:54 -04:00
71 lines
2.7 KiB
Diff
71 lines
2.7 KiB
Diff
From 5a0fdfada3a2aa50d7b947a2e958bf00cbe0d830 Mon Sep 17 00:00:00 2001
|
|
From: Catalin Marinas <catalin.marinas@arm.com>
|
|
Date: Fri, 16 May 2014 16:44:32 +0100
|
|
Subject: Revert "arm64: Introduce execute-only page access permissions"
|
|
|
|
This reverts commit bc07c2c6e9ed125d362af0214b6313dca180cb08.
|
|
|
|
While the aim is increased security for --x memory maps, it does not
|
|
protect against kernel level reads. Until SECCOMP is implemented for
|
|
arm64, revert this patch to avoid giving a false idea of execute-only
|
|
mappings.
|
|
|
|
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
|
|
---
|
|
arch/arm64/include/asm/pgtable.h | 11 +++++------
|
|
1 file changed, 5 insertions(+), 6 deletions(-)
|
|
|
|
(limited to 'arch/arm64/include/asm/pgtable.h')
|
|
|
|
diff --git a/arch/arm64/include/asm/pgtable.h b/arch/arm64/include/asm/pgtable.h
|
|
index e4c60d6..aa150ed 100644
|
|
--- a/arch/arm64/include/asm/pgtable.h
|
|
+++ b/arch/arm64/include/asm/pgtable.h
|
|
@@ -86,13 +86,12 @@ extern void __pgd_error(const char *file, int line, unsigned long val);
|
|
#define PAGE_COPY_EXEC __pgprot(_PAGE_DEFAULT | PTE_USER | PTE_NG | PTE_PXN)
|
|
#define PAGE_READONLY __pgprot(_PAGE_DEFAULT | PTE_USER | PTE_NG | PTE_PXN | PTE_UXN)
|
|
#define PAGE_READONLY_EXEC __pgprot(_PAGE_DEFAULT | PTE_USER | PTE_NG | PTE_PXN)
|
|
-#define PAGE_EXECONLY __pgprot(_PAGE_DEFAULT | PTE_NG | PTE_PXN)
|
|
|
|
#define __P000 PAGE_NONE
|
|
#define __P001 PAGE_READONLY
|
|
#define __P010 PAGE_COPY
|
|
#define __P011 PAGE_COPY
|
|
-#define __P100 PAGE_EXECONLY
|
|
+#define __P100 PAGE_READONLY_EXEC
|
|
#define __P101 PAGE_READONLY_EXEC
|
|
#define __P110 PAGE_COPY_EXEC
|
|
#define __P111 PAGE_COPY_EXEC
|
|
@@ -101,7 +100,7 @@ extern void __pgd_error(const char *file, int line, unsigned long val);
|
|
#define __S001 PAGE_READONLY
|
|
#define __S010 PAGE_SHARED
|
|
#define __S011 PAGE_SHARED
|
|
-#define __S100 PAGE_EXECONLY
|
|
+#define __S100 PAGE_READONLY_EXEC
|
|
#define __S101 PAGE_READONLY_EXEC
|
|
#define __S110 PAGE_SHARED_EXEC
|
|
#define __S111 PAGE_SHARED_EXEC
|
|
@@ -137,8 +136,8 @@ extern struct page *empty_zero_page;
|
|
#define pte_write(pte) (!!(pte_val(pte) & PTE_WRITE))
|
|
#define pte_exec(pte) (!(pte_val(pte) & PTE_UXN))
|
|
|
|
-#define pte_valid_ng(pte) \
|
|
- ((pte_val(pte) & (PTE_VALID | PTE_NG)) == (PTE_VALID | PTE_NG))
|
|
+#define pte_valid_user(pte) \
|
|
+ ((pte_val(pte) & (PTE_VALID | PTE_USER)) == (PTE_VALID | PTE_USER))
|
|
|
|
static inline pte_t pte_wrprotect(pte_t pte)
|
|
{
|
|
@@ -192,7 +191,7 @@ extern void __sync_icache_dcache(pte_t pteval, unsigned long addr);
|
|
static inline void set_pte_at(struct mm_struct *mm, unsigned long addr,
|
|
pte_t *ptep, pte_t pte)
|
|
{
|
|
- if (pte_valid_ng(pte)) {
|
|
+ if (pte_valid_user(pte)) {
|
|
if (!pte_special(pte) && pte_exec(pte))
|
|
__sync_icache_dcache(pte, addr);
|
|
if (pte_dirty(pte) && pte_write(pte))
|
|
--
|
|
cgit v1.1
|
|
|