Page MenuHomeFreeBSD
Differential D52750

arm64: Mark EFI memory as userspace non-executable
ClosedPublic
Actions

Authored by andrew on Sep 26 2025, 11:46 AM.
Tags
None
Referenced Files
F134030912: D52750.diff
Thu, Oct 30, 4:22 AM
Unknown Object (File)
Wed, Oct 29, 4:24 AM
Unknown Object (File)
Wed, Oct 29, 4:24 AM
Unknown Object (File)
Wed, Oct 29, 4:23 AM
Unknown Object (File)
Wed, Oct 29, 4:17 AM
Unknown Object (File)
Mon, Oct 27, 6:56 AM
Unknown Object (File)
Sun, Oct 26, 1:47 PM
Unknown Object (File)
Sat, Oct 25, 4:35 PM
View All 26 Files
Subscribers
emaste
imp

Details

Reviewers
tuexen
manu
Group Reviewers
arm64
Commits
rGcee4802d0e2a: arm64: Mark EFI memory as userspace non-executable
Summary

FEAT_PAN3 adds the SCTLR_EL1.EPAN field. This tells the hardware to
raise a permission abort when userspace could execute a page, i.e. the
ATTR_S1_UXN field is clear in the page table.

This causes issues for the EFI runtime as we only mark non-executable
pages with this flag leading to a permission fault when accessing it.

Fix this by marking all EFI mappings with ATTR_S1_UXN. The kernel
already had this field set so was already safe.

Reported by: tuexen
Sponsored by: Arm Ltd

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 67349
Build 64232: arc lint + arc unit

Revision Contents
Changeset List

PathSize
sys/
arm64/
arm64/
5 lines

Diff 162881

View Options

sys/arm64/arm64/efirt_machdep.c

Loading...