arm64: Ensure execute-only permissions are not allowed without EPAN
commit 6e2edd6371a497a6350bb735534c9bda2a31f43d upstream. Commit 18107f8a ("arm64: Support execute-only permissions with Enhanced PAN") re-introduced execute-only permissions when EPAN is available. When EPAN is not available, arch_filter_pgprot() is supposed to change a PAGE_EXECONLY permission into PAGE_READONLY_EXEC. However, if BTI or MTE are present, such check does not detect the execute-only pgprot in the presence of PTE_GP (BTI) or MT_NORMAL_TAGGED (MTE), allowing the user to request PROT_EXEC with PROT_BTI or PROT_MTE. Remove the arch_filter_pgprot() function, change the default VM_EXEC permissions to PAGE_READONLY_EXEC and update the protection_map[] array at core_initcall() if EPAN is detected. Signed-off-by:Catalin Marinas <catalin.marinas@arm.com> Fixes: 18107f8a ("arm64: Support execute-only permissions with Enhanced PAN") Cc: <stable@vger.kernel.org> # 5.13.x Acked-by:
Will Deacon <will@kernel.org> Reviewed-by:
Vladimir Murzin <vladimir.murzin@arm.com> Tested-by:
Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Showing
- arch/arm64/Kconfig 0 additions, 3 deletionsarch/arm64/Kconfig
- arch/arm64/include/asm/pgtable-prot.h 2 additions, 2 deletionsarch/arm64/include/asm/pgtable-prot.h
- arch/arm64/include/asm/pgtable.h 0 additions, 12 deletionsarch/arm64/include/asm/pgtable.h
- arch/arm64/mm/mmap.c 17 additions, 0 deletionsarch/arm64/mm/mmap.c
Loading
Please register or sign in to comment