** Description changed:
[Impact]
It was discovered that upstream kernel commit cab15ce604e5 ("arm64:
Introduce execute-only page access permissions"), which introduced
execute-only user mappings, subverted the Privileged Access Never
protections.
The fix is to effectively revert commit cab15ce604e5. This is done in
upstream kernel commit 24cecc377463 ("arm64: Revert support for execute-
only user mappings").
[Test Case]
I'm not aware of any PAN test cases. Booting our arm64 kernels on an
- ARMv8 device and running through our typical regression tests are
+ ARMv8 device and running through our typical regression tests is
probably the best we can do at this time.
[Regression Potential]
Touching the page handling code always carries significant risk.
However, the fix is simply reverting the change that added the execute-
only user mappings feature in v4.9.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1858815
Title:
PAN is broken for execute-only user mappings on ARMv8
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1858815/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
