Diffusion FreeBSD src repository - subversion rS319203

MFC r316734, r316761: Support Execute-Never bit in the arm64 pmap.
rS319203
Actions

Description

MFC r316734, r316761: Support Execute-Never bit in the arm64 pmap.

r316734:
Start to use the User and Privileged execute-never bits in the arm64
pagetables. This sets both bits when entering an address we know shouldn't
be executed.

I expect we could mark all userspace pages as Privileged execute-never to
ensure the kernel doesn't branch to one of these addresses.

While here add the ARMv8.1 upper attributes.

r316761:
Set the arm64 Execute-never bits in more places.

We need to set the Execute-never bits when mapping device memory as the
hardware may perform speculative instruction fetches.

Set the Privileged Execute-ever bit on userspace memory to stop the kernel
if it is tricked into executing it.

Details

Provenance

andrew

Authored on

Parents

rS319202: MFC r316732, r316756: Enable Privileged Access Never on arm64.

Branches

Unknown

Tags

Unknown

Event Timeline

andrew committed rS319203: MFC r316734, r316761: Support Execute-Never bit in the arm64 pmap..May 30 2017, 12:44 PM

Changes (3)

Path

Size

stable/

11/

sys/

arm64/

pmap.c

include/

pte.h

rS319203

View Options

stable/11/

View Options

stable/11/sys/arm64/arm64/pmap.c

View Options

stable/11/sys/arm64/include/pte.h

MFC r316734, r316761: Support Execute-Never bit in the arm64 pmap.rS319203Actions

Description

Details

Event Timeline

Changes (3)

rS319203

stable/11/

stable/11/sys/arm64/arm64/pmap.c

stable/11/sys/arm64/include/pte.h

MFC r316734, r316761: Support Execute-Never bit in the arm64 pmap.
rS319203
Actions