Hi,
Nit: typo in subject "excutable" is missing an 'e'.
Mark.
On Mon, Jun 13, 2016 at 03:00:49PM +0100, Marc Zyngier wrote:
> Structures that can be generally written to don't have any requirement
> to be executable (quite the opposite). This includes the kvm and vcpu
> structures, as well as
On Mon, Jun 13, 2016 at 03:00:48PM +0100, Marc Zyngier wrote:
> There should be no reason for mapping the HYP text read/write.
>
> As such, let's have a new set of flags (PAGE_HYP_EXEC) that allows
> execution, but makes the page as read-only, and update the two call
> sites that deal with
KVM exposes a level triggered timer to the guest, and yet kvmtool
presents it as being edge-triggered in the DT. Let's fix it and
match what the kernel exposes.
Signed-off-by: Marc Zyngier
---
arm/timer.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff
There should be no reason for mapping the HYP text read/write.
As such, let's have a new set of flags (PAGE_HYP_EXEC) that allows
execution, but makes the page as read-only, and update the two call
sites that deal with mapping code.
Signed-off-by: Marc Zyngier
---
Structures that can be generally written to don't have any requirement
to be executable (quite the opposite). This includes the kvm and vcpu
structures, as well as the stacks.
Let's change the default to incorporate the XN flag.
Signed-off-by: Marc Zyngier
---
EL2 page tables can be configured to deny code from being
executed, which is done by setting bit 54 in the page descriptor.
It is the same bit as PTE_UXN, but the "USER" reference felt odd
in the hypervisor code.
Signed-off-by: Marc Zyngier
---
In order to be able to use C code in HYP, we're now mapping the kernel's
rodata in HYP. It works absolutely fine, except that we're mapping it RWX,
which is not what it should be.
Add a new HYP_PAGE_RO protection, and pass it as the protection flags
when mapping the rodata section.
So far, the HYP mappings have been fairly relaxed: everything is
RWX. Oddly enough, not everybody is fond of this kind of permissions
at the highest exception level.
This small series tightens it a bit by making:
- the text mapping read-only
- the rodata mapping read-only + no-exec
- everything
Currently, create_hyp_mappings applies a "one size fits all" page
protection (PAGE_HYP). As we're heading towards separate protections
for different sections, let's make this protection a parameter, and
let the callers pass their prefered protection (PAGE_HYP for everyone
for the time being).