summaryrefslogtreecommitdiffstats
path: root/arch/arm64/Kconfig
diff options
context:
space:
mode:
authorCatalin Marinas <catalin.marinas@arm.com>2022-03-03 18:00:44 +0000
committerCatalin Marinas <catalin.marinas@arm.com>2022-03-08 10:03:51 +0000
commit6e2edd6371a497a6350bb735534c9bda2a31f43d (patch)
tree2c7c0ebd1e48ea7301b9674b0d75f7ced5acafe2 /arch/arm64/Kconfig
parent4f6de676d94ee8ddfc2e7e7cd935fc7cb2feff3a (diff)
downloadlinux-6e2edd6371a497a6350bb735534c9bda2a31f43d.tar.bz2
arm64: Ensure execute-only permissions are not allowed without EPAN
Commit 18107f8a2df6 ("arm64: Support execute-only permissions with Enhanced PAN") re-introduced execute-only permissions when EPAN is available. When EPAN is not available, arch_filter_pgprot() is supposed to change a PAGE_EXECONLY permission into PAGE_READONLY_EXEC. However, if BTI or MTE are present, such check does not detect the execute-only pgprot in the presence of PTE_GP (BTI) or MT_NORMAL_TAGGED (MTE), allowing the user to request PROT_EXEC with PROT_BTI or PROT_MTE. Remove the arch_filter_pgprot() function, change the default VM_EXEC permissions to PAGE_READONLY_EXEC and update the protection_map[] array at core_initcall() if EPAN is detected. Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> Fixes: 18107f8a2df6 ("arm64: Support execute-only permissions with Enhanced PAN") Cc: <stable@vger.kernel.org> # 5.13.x Acked-by: Will Deacon <will@kernel.org> Reviewed-by: Vladimir Murzin <vladimir.murzin@arm.com> Tested-by: Vladimir Murzin <vladimir.murzin@arm.com>
Diffstat (limited to 'arch/arm64/Kconfig')
-rw-r--r--arch/arm64/Kconfig3
1 files changed, 0 insertions, 3 deletions
diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index c7a474f71eb4..f711a8eee6ff 100644
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -1236,9 +1236,6 @@ config HW_PERF_EVENTS
def_bool y
depends on ARM_PMU
-config ARCH_HAS_FILTER_PGPROT
- def_bool y
-
# Supported by clang >= 7.0
config CC_HAVE_SHADOW_CALL_STACK
def_bool $(cc-option, -fsanitize=shadow-call-stack -ffixed-x18)
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-06 02:32:33 +0000