Inicio Explorar Axuda
Iniciar sesión
GfA
/
linux_kernel
5
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Explorar o código

Revert "arm64: Introduce execute-only page access permissions"

This reverts commit bc07c2c6e9ed125d362af0214b6313dca180cb08.

While the aim is increased security for --x memory maps, it does not
protect against kernel level reads. Until SECCOMP is implemented for
arm64, revert this patch to avoid giving a false idea of execute-only
mappings.

Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Catalin Marinas %!s(int64=11) %!d(string=hai) anos
pai
cf5c95db57
achega
5a0fdfada3
Modificáronse 2 ficheiros con 8 adicións e 8 borrados
Dividir vista Mostrar estatísticas de Diff
  1. 5 6
      arch/arm64/include/asm/pgtable.h
  2. 3 2
      arch/arm64/mm/fault.c

+ 5 - 6
arch/arm64/include/asm/pgtable.h
Ver ficheiro 

@@ -86,13 +86,12 @@ extern void __pgd_error(const char *file, int line, unsigned long val);
 
 #define PAGE_COPY_EXEC		__pgprot(_PAGE_DEFAULT | PTE_USER | PTE_NG | PTE_PXN)
 
 #define PAGE_READONLY		__pgprot(_PAGE_DEFAULT | PTE_USER | PTE_NG | PTE_PXN | PTE_UXN)
 
 #define PAGE_READONLY_EXEC	__pgprot(_PAGE_DEFAULT | PTE_USER | PTE_NG | PTE_PXN)
 
-#define PAGE_EXECONLY		__pgprot(_PAGE_DEFAULT | PTE_NG | PTE_PXN)
 
 
 #define __P000  PAGE_NONE
 
 #define __P001  PAGE_READONLY
 
 #define __P010  PAGE_COPY
 
 #define __P011  PAGE_COPY
 
-#define __P100  PAGE_EXECONLY
 
+#define __P100  PAGE_READONLY_EXEC
 
 #define __P101  PAGE_READONLY_EXEC
 
 #define __P110  PAGE_COPY_EXEC
 
 #define __P111  PAGE_COPY_EXEC
 
@@ -101,7 +100,7 @@ extern void __pgd_error(const char *file, int line, unsigned long val);
 
 #define __S001  PAGE_READONLY
 
 #define __S010  PAGE_SHARED
 
 #define __S011  PAGE_SHARED
 
-#define __S100  PAGE_EXECONLY
 
+#define __S100  PAGE_READONLY_EXEC
 
 #define __S101  PAGE_READONLY_EXEC
 
 #define __S110  PAGE_SHARED_EXEC
 
 #define __S111  PAGE_SHARED_EXEC
 
@@ -137,8 +136,8 @@ extern struct page *empty_zero_page;
 
 #define pte_write(pte)		(!!(pte_val(pte) & PTE_WRITE))
 
 #define pte_exec(pte)		(!(pte_val(pte) & PTE_UXN))
 
 
-#define pte_valid_ng(pte) \
 
-	((pte_val(pte) & (PTE_VALID | PTE_NG)) == (PTE_VALID | PTE_NG))
 
+#define pte_valid_user(pte) \
 
+	((pte_val(pte) & (PTE_VALID | PTE_USER)) == (PTE_VALID | PTE_USER))
 
 
 static inline pte_t pte_wrprotect(pte_t pte)
 
 {
 
@@ -192,7 +191,7 @@ extern void __sync_icache_dcache(pte_t pteval, unsigned long addr);
 
 static inline void set_pte_at(struct mm_struct *mm, unsigned long addr,
 
 			      pte_t *ptep, pte_t pte)
 
 {
 
-	if (pte_valid_ng(pte)) {
 
+	if (pte_valid_user(pte)) {
 
 		if (!pte_special(pte) && pte_exec(pte))
 
 			__sync_icache_dcache(pte, addr);
 
 		if (pte_dirty(pte) && pte_write(pte))

+ 3 - 2
arch/arm64/mm/fault.c
Ver ficheiro 

@@ -173,7 +173,8 @@ static int __do_page_fault(struct mm_struct *mm, unsigned long addr,
 
 good_area:
 
 	/*
 
 	 * Check that the permissions on the VMA allow for the fault which
 
-	 * occurred.
 
+	 * occurred. If we encountered a write or exec fault, we must have
 
+	 * appropriate permissions, otherwise we allow any permission.
 
 	 */
 
 	if (!(vma->vm_flags & vm_flags)) {
 
 		fault = VM_FAULT_BADACCESS;
 
@@ -195,7 +196,7 @@ static int __kprobes do_page_fault(unsigned long addr, unsigned int esr,
 
 	struct task_struct *tsk;
 
 	struct mm_struct *mm;
 
 	int fault, sig, code;
 
-	unsigned long vm_flags = VM_READ | VM_WRITE;
 
+	unsigned long vm_flags = VM_READ | VM_WRITE | VM_EXEC;
 
 	unsigned int mm_flags = FAULT_FLAG_ALLOW_RETRY | FAULT_FLAG_KILLABLE;
 
 
 	tsk = current;