Diffusion FreeBSD src repository cee4802d0e2a

arm64: Mark EFI memory as userspace non-executable
cee4802d0e2a
Actions

Description

arm64: Mark EFI memory as userspace non-executable

FEAT_PAN3 adds the SCTLR_EL1.EPAN field. This tells the hardware to
raise a permission abort when userspace could execute a page, i.e. the
ATTR_S1_UXN field is clear in the page table.

This causes issues for the EFI runtime as we only mark non-executable
pages with this flag leading to a permission fault when accessing it.

Fix this by marking all EFI mappings with ATTR_S1_UXN. The kernel
already had this field set so was already safe.

Reported by: tuexen
Reviewed by: tuexen
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D52750

Details

Provenance

andrew

Authored on Sep 26 2025, 3:06 PM

Reviewer

tuexen

Differential Revision

D52750: arm64: Mark EFI memory as userspace non-executable

Parents

rGeaf619fddcb2: vtnet: improve interface capability handling

Branches

Unknown

Tags

Unknown

Event Timeline

andrew committed rGcee4802d0e2a: arm64: Mark EFI memory as userspace non-executable (authored by andrew).Sep 26 2025, 3:07 PM

andrew added an edge: D52750: arm64: Mark EFI memory as userspace non-executable.Sep 26 2025, 3:13 PM

Changes (1)

Path

Size

sys/

arm64/

efirt_machdep.c

rGcee4802d0e2a

View Options

sys/arm64/arm64/efirt_machdep.c