diff options
| author | Vladimir Murzin <vladimir.murzin@arm.com> | 2021-03-12 17:38:10 +0000 |
|---|---|---|
| committer | Catalin Marinas <catalin.marinas@arm.com> | 2021-03-26 09:37:23 +0000 |
| commit | 18107f8a2df6bf1c6cac8d0713f757f866d5af51 (patch) | |
| tree | 0411230b8d6c259233a6aadcd0c0aaf261b86c2a /mm | |
| parent | 1e28eed17697bcf343c6743f0028cc3b5dd88bf0 (diff) | |
| download | linux-18107f8a2df6bf1c6cac8d0713f757f866d5af51.tar.bz2 | |
arm64: Support execute-only permissions with Enhanced PAN
Enhanced Privileged Access Never (EPAN) allows Privileged Access Never
to be used with Execute-only mappings.
Absence of such support was a reason for 24cecc377463 ("arm64: Revert
support for execute-only user mappings"). Thus now it can be revisited
and re-enabled.
Cc: Kees Cook <keescook@chromium.org>
Signed-off-by: Vladimir Murzin <vladimir.murzin@arm.com>
Acked-by: Will Deacon <will@kernel.org>
Link: https://lore.kernel.org/r/20210312173811.58284-2-vladimir.murzin@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Diffstat (limited to 'mm')
| -rw-r--r-- | mm/mmap.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/mm/mmap.c b/mm/mmap.c index 3f287599a7a3..1d96a21acb2f 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -93,6 +93,12 @@ static void unmap_region(struct mm_struct *mm, * MAP_PRIVATE r: (no) no r: (yes) yes r: (no) yes r: (no) yes * w: (no) no w: (no) no w: (copy) copy w: (no) no * x: (no) no x: (no) yes x: (no) yes x: (yes) yes + * + * On arm64, PROT_EXEC has the following behaviour for both MAP_SHARED and + * MAP_PRIVATE (with Enhanced PAN supported): + * r: (no) no + * w: (no) no + * x: (yes) yes */ pgprot_t protection_map[16] __ro_after_init = { __P000, __P001, __P010, __P011, __P100, __P101, __P110, __P111, |