Page MenuHomeFreeBSD
Differential D32081

Add the arm64 table attributes and use them
ClosedPublic
Actions

Authored by andrew on Sep 23 2021, 3:14 PM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Mar 17, 5:48 AM
Unknown Object (File)
Sat, Mar 7, 8:22 PM
Unknown Object (File)
Fri, Mar 6, 1:45 AM
Unknown Object (File)
Fri, Mar 6, 1:31 AM
Unknown Object (File)
Wed, Mar 4, 10:27 AM
Unknown Object (File)
Feb 8 2026, 12:39 PM
Unknown Object (File)
Feb 8 2026, 4:05 AM
Unknown Object (File)
Feb 3 2026, 5:51 AM
View All Files
Subscribers
emaste
imp

Details

Reviewers
alc
kib
markj
mhorne
manu
Group Reviewers
arm64
Commits
rG2b2cef987353: Add the arm64 table attributes and use them
rGf6de51d3e031: Add the arm64 table attributes and use them
Summary

Add the table page table attributes on arm64 and use them to add
restrictions to the block and page entries below them. This ensures
we are unable to increase the permissions in these last level entries
without also changing them in the upper levels.

Use the attributes to ensure the kernel can't execute from userspace
memory and vice versa, userspace has no access to read or write kernel
memory, and that the DMAP region is non-executable.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

andrew created this revision.Sep 23 2021, 3:14 PM
Herald added a reviewer: manu. · View Herald TranscriptSep 23 2021, 3:14 PM
Herald added subscribers: emaste, imp. · View Herald Transcript
andrew requested review of this revision.Sep 23 2021, 3:14 PM
Harbormaster completed remote builds in B41672: Diff 95568.Sep 23 2021, 3:14 PM
markj added inline comments.Sep 24 2021, 2:32 PM
sys/arm64/arm64/pmap.c
1885
1888

I would suggest adding a note to the effect that this is done for bootstrap L0 entries in locore. And maybe we should assert it in pmap_bootstrap().

kib added a comment.Sep 25 2021, 3:46 AM

Where are bits 59/60 described in the ARMARM?

alc added inline comments.Sep 25 2021, 6:04 PM
sys/arm64/include/pte.h
41
andrew added a comment.Sep 27 2021, 10:19 AM
In D32081#725184, @kib wrote:

Where are bits 59/60 described in the ARMARM?

The bits are defined as UXNTable and PXNTable in D5.3.3 Memory attribute fields in the VMSAv8-64 translation table format descriptors under the Next-level attributes in stage 1 VMSAv8-64 Table descriptors header (at least in G.b). This also points to Hierarchical control of instruction fetching in D5.4.6 Access permissions for instruction execution.

andrew updated this revision to Diff 95779.Sep 27 2021, 12:45 PM

Update from feedback

Harbormaster completed remote builds in B41783: Diff 95779.Sep 27 2021, 12:45 PM
kib accepted this revision.Sep 28 2021, 5:44 PM
This revision is now accepted and ready to land.Sep 28 2021, 5:44 PM
alc accepted this revision.Sep 28 2021, 5:59 PM
alc added inline comments.
sys/arm64/arm64/pmap.c
1877

A stylistic suggestion: Use l0e instead of l0. A few lines later, in the same function, we use the same variable name, l0, as a pointer instead of a value. In general, I'd like to suggest that going forward new or revised code use names of the form l0p or l0e.

Closed by commit rGf6de51d3e031: Add the arm64 table attributes and use them (authored by andrew). · Explain WhySep 29 2021, 4:56 PM
This revision was automatically updated to reflect the committed changes.
andrew added a commit: rGf6de51d3e031: Add the arm64 table attributes and use them.
andrew added a commit: rG2b2cef987353: Add the arm64 table attributes and use them.Oct 25 2021, 1:55 PM

Revision Contents
Changeset List

PathSize
sys/
arm64/
arm64/
1 line
25 lines
include/
9 lines

Diff 95957

View Options

sys/arm64/arm64/locore.S

Loading...
View Options

sys/arm64/arm64/pmap.c

Loading...
View Options

sys/arm64/include/pte.h

Loading...