Page MenuHomeFreeBSD
Differential D52750

arm64: Mark EFI memory as userspace non-executable
ClosedPublic
Actions

Authored by andrew on Sep 26 2025, 11:46 AM.
Tags
None
Referenced Files
F146892623: D52750.id.diff
Fri, Mar 6, 1:20 PM
Unknown Object (File)
Wed, Mar 4, 5:50 PM
Unknown Object (File)
Wed, Mar 4, 5:50 PM
Unknown Object (File)
Sun, Feb 22, 9:25 PM
Unknown Object (File)
Sat, Feb 21, 6:23 AM
Unknown Object (File)
Thu, Feb 19, 2:44 PM
Unknown Object (File)
Wed, Feb 18, 6:22 PM
Unknown Object (File)
Wed, Feb 18, 10:28 AM
View All 48 Files
Subscribers
emaste
imp

Details

Reviewers
tuexen
manu
Group Reviewers
arm64
Commits
rG45ceabd2ab61: arm64: Mark EFI memory as userspace non-executable
rGcee4802d0e2a: arm64: Mark EFI memory as userspace non-executable
Summary

FEAT_PAN3 adds the SCTLR_EL1.EPAN field. This tells the hardware to
raise a permission abort when userspace could execute a page, i.e. the
ATTR_S1_UXN field is clear in the page table.

This causes issues for the EFI runtime as we only mark non-executable
pages with this flag leading to a permission fault when accessing it.

Fix this by marking all EFI mappings with ATTR_S1_UXN. The kernel
already had this field set so was already safe.

Reported by: tuexen
Sponsored by: Arm Ltd

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 67349
Build 64232: arc lint + arc unit

Revision Contents
Changeset List

PathSize
sys/
arm64/
arm64/
5 lines

Diff 162881

View Options

sys/arm64/arm64/efirt_machdep.c

Loading...