From: Ard Biesheuvel <[email protected]> Nothing in the fixmap or in its vicinity requires executable permissions, and given that it is placed at exactly 1 GiB from the end of the virtual address space, we can safely set the hierarchical XN attributes on the level 2 table entries covering the fixmap, without running the risk of inadvertently taking away the executable permissions on an adjacent mappings.
This is a hardening measure that reduces the risk of the fixmap being abused to create executable mappings in the kernel address space. Signed-off-by: Ard Biesheuvel <[email protected]> --- arch/arm64/mm/fixmap.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/arm64/mm/fixmap.c b/arch/arm64/mm/fixmap.c index c5c5425791da..c3dd3c868cf5 100644 --- a/arch/arm64/mm/fixmap.c +++ b/arch/arm64/mm/fixmap.c @@ -48,7 +48,8 @@ static void __init early_fixmap_init_pte(pmd_t *pmdp, unsigned long addr) if (pmd_none(pmd)) { ptep = bm_pte[BM_PTE_TABLE_IDX(addr)]; __pmd_populate(pmdp, __pa_symbol(ptep), - PMD_TYPE_TABLE | PMD_TABLE_AF); + PMD_TYPE_TABLE | PMD_TABLE_AF | + PMD_TABLE_PXN | PMD_TABLE_UXN); } } -- 2.53.0.959.g497ff81fa9-goog
