Commit f0af339f authored by Joey Gouly's avatar Joey Gouly Committed by Catalin Marinas
Browse files

arm64: add PTE_UXN/PTE_WRITE to SWAPPER_*_FLAGS 



With PIE enabled, the swapper PTEs would have a Permission Indirection Index
(PIIndex) of 0. A PIIndex of 0 is not currently used by any other PTEs.

To avoid using index 0 specifically for the swapper PTEs, mark them as
PTE_UXN and PTE_WRITE, so that they map to a PAGE_KERNEL_EXEC equivalent.

This also adds PTE_WRITE to KPTI_NG_PTE_FLAGS, which was tested by booting
with kpti=on.

Signed-off-by: default avatarJoey Gouly <joey.gouly@arm.com>
Cc: Will Deacon <will@kernel.org>
Cc: Mark Rutland <mark.rutland@arm.com>
Link: https://lore.kernel.org/r/20230606145859.697944-12-joey.gouly@arm.com


Signed-off-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
parent 8ef67c67

arch/arm64/include/asm/kernel-pgtable.h

+4 −4
Original line number Diff line number Diff line
@@ -107,14 +107,14 @@ 
/*

 * Initial memory map attributes.

 */

#define SWAPPER_PTE_FLAGS	(PTE_TYPE_PAGE | PTE_AF | PTE_SHARED)

#define SWAPPER_PMD_FLAGS	(PMD_TYPE_SECT | PMD_SECT_AF | PMD_SECT_S)

#define SWAPPER_PTE_FLAGS	(PTE_TYPE_PAGE | PTE_AF | PTE_SHARED | PTE_UXN)

#define SWAPPER_PMD_FLAGS	(PMD_TYPE_SECT | PMD_SECT_AF | PMD_SECT_S | PTE_UXN)



#ifdef CONFIG_ARM64_4K_PAGES

#define SWAPPER_RW_MMUFLAGS	(PMD_ATTRINDX(MT_NORMAL) | SWAPPER_PMD_FLAGS)

#define SWAPPER_RW_MMUFLAGS	(PMD_ATTRINDX(MT_NORMAL) | SWAPPER_PMD_FLAGS | PTE_WRITE)

#define SWAPPER_RX_MMUFLAGS	(SWAPPER_RW_MMUFLAGS | PMD_SECT_RDONLY)

#else

#define SWAPPER_RW_MMUFLAGS	(PTE_ATTRINDX(MT_NORMAL) | SWAPPER_PTE_FLAGS)

#define SWAPPER_RW_MMUFLAGS	(PTE_ATTRINDX(MT_NORMAL) | SWAPPER_PTE_FLAGS | PTE_WRITE)

#define SWAPPER_RX_MMUFLAGS	(SWAPPER_RW_MMUFLAGS | PTE_RDONLY)

#endif

arch/arm64/kernel/head.S

+4 −4
Original line number Diff line number Diff line
@@ -382,7 +382,7 @@ SYM_FUNC_START_LOCAL(create_idmap) 
	adrp	x0, init_idmap_pg_dir

	adrp	x3, _text

	adrp	x6, _end + MAX_FDT_SIZE + SWAPPER_BLOCK_SIZE

	mov	x7, SWAPPER_RX_MMUFLAGS

	mov_q	x7, SWAPPER_RX_MMUFLAGS



	map_memory x0, x1, x3, x6, x7, x3, IDMAP_PGD_ORDER, x10, x11, x12, x13, x14, EXTRA_SHIFT
@@ -391,7 +391,7 @@ SYM_FUNC_START_LOCAL(create_idmap) 
	adrp	x2, init_pg_dir

	adrp	x3, init_pg_end

	bic	x4, x2, #SWAPPER_BLOCK_SIZE - 1

	mov	x5, SWAPPER_RW_MMUFLAGS

	mov_q	x5, SWAPPER_RW_MMUFLAGS

	mov	x6, #SWAPPER_BLOCK_SHIFT

	bl	remap_region
@@ -402,7 +402,7 @@ SYM_FUNC_START_LOCAL(create_idmap) 
	bfi	x22, x21, #0, #SWAPPER_BLOCK_SHIFT		// remapped FDT address

	add	x3, x2, #MAX_FDT_SIZE + SWAPPER_BLOCK_SIZE

	bic	x4, x21, #SWAPPER_BLOCK_SIZE - 1

	mov	x5, SWAPPER_RW_MMUFLAGS

	mov_q	x5, SWAPPER_RW_MMUFLAGS

	mov	x6, #SWAPPER_BLOCK_SHIFT

	bl	remap_region
@@ -430,7 +430,7 @@ SYM_FUNC_START_LOCAL(create_kernel_mapping) 
	adrp	x3, _text			// runtime __pa(_text)

	sub	x6, x6, x3			// _end - _text

	add	x6, x6, x5			// runtime __va(_end)

	mov	x7, SWAPPER_RW_MMUFLAGS

	mov_q	x7, SWAPPER_RW_MMUFLAGS



	map_memory x0, x1, x5, x6, x7, x3, (VA_BITS - PGDIR_SHIFT), x10, x11, x12, x13, x14

arch/arm64/mm/proc.S

+2 −2
Original line number Diff line number Diff line
@@ -199,7 +199,7 @@ SYM_FUNC_END(idmap_cpu_replace_ttbr1) 


#ifdef CONFIG_UNMAP_KERNEL_AT_EL0



#define KPTI_NG_PTE_FLAGS	(PTE_ATTRINDX(MT_NORMAL) | SWAPPER_PTE_FLAGS)

#define KPTI_NG_PTE_FLAGS	(PTE_ATTRINDX(MT_NORMAL) | SWAPPER_PTE_FLAGS | PTE_WRITE)



	.pushsection ".idmap.text", "a"
@@ -290,7 +290,7 @@ SYM_TYPED_FUNC_START(idmap_kpti_install_ng_mappings) 
	isb



	mov	temp_pte, x5

	mov	pte_flags, #KPTI_NG_PTE_FLAGS

	mov_q	pte_flags, KPTI_NG_PTE_FLAGS



	/* Everybody is enjoying the idmap, so we can rewrite swapper. */

	/* PGD */