x86/mm: Fix NX bit clearing issue in kernel_map_pages_in_pgd (3827efdb) · Commits · Mirrors / github.com / raspberrypi_linux

Commit 3827efdb authored Jan 13, 2020 by

Ard Biesheuvel Committed by Greg Kroah-Hartman Feb 24, 2020

x86/mm: Fix NX bit clearing issue in kernel_map_pages_in_pgd

[ Upstream commit 75fbef0a ]

The following commit:

  15f003d2 ("x86/mm/pat: Don't implicitly allow _PAGE_RW in kernel_map_pages_in_pgd()")

modified kernel_map_pages_in_pgd() to manage writable permissions
of memory mappings in the EFI page table in a different way, but
in the process, it removed the ability to clear NX attributes from
read-only mappings, by clobbering the clear mask if _PAGE_RW is not
being requested.

Failure to remove the NX attribute from read-only mappings is
unlikely to be a security issue, but it does prevent us from
tightening the permissions in the EFI page tables going forward,
so let's fix it now.

Fixes: 15f003d2

 ("x86/mm/pat: Don't implicitly allow _PAGE_RW in kernel_map_pages_in_pgd()
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Link: https://lore.kernel.org/r/20200113172245.27925-5-ardb@kernel.org
Signed-off-by: Sasha Levin <sashal@kernel.org>

parent dc5fa2ca

Hide whitespace changes

Inline Side-by-side

Please register or to comment