From patchwork Tue Jan 2 18:10:39 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 123198 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp9254041qgn; Tue, 2 Jan 2018 10:11:52 -0800 (PST) X-Google-Smtp-Source: ACJfBovoRO3FIPJpaEK+0SNrs9Pw0Q6lEkg+ROBswG6E3Xc4SLpSglPs7kzi5+wOTu/XeQ1bG2A9 X-Received: by 10.84.130.98 with SMTP id 89mr46722842plc.199.1514916712126; Tue, 02 Jan 2018 10:11:52 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514916712; cv=none; d=google.com; s=arc-20160816; b=CFoU9ybDD3mpKGecICYlJzYKgU/AhdlJQmf0F6ImIlWq98I7/oFmIyhgIT/xro5c71 q9ALNIp9BnsvkU22M32OEwEfCxTemEG2W14/M9JRGGX8IDDsFeg9dGE1wMfpbJRSxC/D wCeZi63v0nUKV5zMeVlCg9D6XjTvHxlyuZyisTtU7hqTaJnE6M+9rAcfHtvdzWAo3zKx gC4xH1kFX6lZZqRFhMI1LiozkdpD3bFGHcqvkkeChr17CciaRoCvsk4cZAND77cJHhog 0gLCSFCU/Eu9c6LjzO9d0raFDZBPQStdzg3JJqfWEC8LelwBysd5s5Z8w0urSetNpydS +woQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature:arc-authentication-results; bh=06ZZjnqZQPBuocA3CzZQ6zLWSmqm2H40DGbt0tBDBfE=; b=nx1iHzPV+hx96fpRJPEDT2WPoTGy/oA0EG236Y490VpYYuCI01vykZDuQDxxjV718A 139LRgsQ1fRXkkqOk6eFmMRtYNCWb8tRybxGKw3m6sPZXQSnXWA4Fqubw1FPdov84R9U 7nJXNuSiJBH6FvhXm85LH1MoEEvEcw+9ZkuQuXqt+w645WFFYadGpVJh7Ubf4/HPLDaQ ZRqakcuT7qjPb3iZajLX+bUPPjzzB4t+bd+DU+TAqysX4q/Ct5OQ03BSpAxoioCvQfci bGro6wlTYwHkmuQ7ghC//AydBHg1TEWl+deyY6+aMqD6Al8t5qEVeNPChZCNbpVAC9kc FWXg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=gABcXPQJ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 91si28464217pla.15.2018.01.02.10.11.51; Tue, 02 Jan 2018 10:11:52 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=gABcXPQJ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751438AbeABSLI (ORCPT + 28 others); Tue, 2 Jan 2018 13:11:08 -0500 Received: from mail-wm0-f66.google.com ([74.125.82.66]:43317 "EHLO mail-wm0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751382AbeABSLF (ORCPT ); Tue, 2 Jan 2018 13:11:05 -0500 Received: by mail-wm0-f66.google.com with SMTP id n138so62462002wmg.2 for ; Tue, 02 Jan 2018 10:11:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=06ZZjnqZQPBuocA3CzZQ6zLWSmqm2H40DGbt0tBDBfE=; b=gABcXPQJaDBponWKb05fBs9TX+NwvIhpYK5Qo8EDUR8WXcYOM29NaWhwg5oLZfm0oY dn/4I4HGTgGyOhN/LcbC4y3GD085q7OKST1UqxqNj+cChifwDA0IWCgOAvvHKqGXgtIc zAJAjh0qX9Y0sFLY46LLd8ADO9nPRWheuRK1M= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=06ZZjnqZQPBuocA3CzZQ6zLWSmqm2H40DGbt0tBDBfE=; b=Z++bFbmC8SjJM3iH7inekjIMfV0X37OyUTos/WX4QDJ43H02D3jNajrg26bVOQRHyf cAjX4gSgb3frp7RATsLfPbb05owOdBVmZHy5de83KyMYj3pRVCAkTiyS2S9UAbAkQo8o 4E99N8kx7yM88CRaRLMGKyYZ5lWFSBrVTe5tMNJ6DnugBNqkQqprU7ToeEpGy7my3CHx Vc9FiaPaC9kUX7qWaE4bYvxeRMnQqLvNWEKtgIsLn2mNUiFDo/mxUFnE29+RHjgtKDDg nlTOPTaYk/4TomQz/QYjDLqlMwSZ3TO2ftqCMiOgCF3FT+IZZu/DDoUJXnttV381ZayJ lrag== X-Gm-Message-State: AKGB3mKkyFGvfCCndHNd5oQKItEGiufqNCKdaEJ4DErgvnVCwN72oSp5 FnedOKIdcbkBRyQknPib7iJqJA== X-Received: by 10.28.157.7 with SMTP id g7mr32755504wme.99.1514916663796; Tue, 02 Jan 2018 10:11:03 -0800 (PST) Received: from localhost.localdomain ([160.89.138.198]) by smtp.gmail.com with ESMTPSA id f5sm16496643wrh.24.2018.01.02.10.11.01 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 02 Jan 2018 10:11:03 -0800 (PST) From: Ard Biesheuvel To: linux-efi@vger.kernel.org, Ingo Molnar , Thomas Gleixner , "H . Peter Anvin" Cc: Ard Biesheuvel , linux-kernel@vger.kernel.org, Arvind Yadav , Matt Fleming , Stephen Boyd , Tyler Baicar , Vasyl Gomonovych Subject: [PATCH 2/5] arm64: efi: ignore EFI_MEMORY_XP attribute if RP and/or WP are set Date: Tue, 2 Jan 2018 18:10:39 +0000 Message-Id: <20180102181042.19074-3-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180102181042.19074-1-ard.biesheuvel@linaro.org> References: <20180102181042.19074-1-ard.biesheuvel@linaro.org> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The UEFI memory map is a bit vague about how to interpret the EFI_MEMORY_XP attribute when it is combined with EFI_MEMORY_RP and/or EFI_MEMORY_WP, which have retroactively been redefined as cacheability attributes rather than permission attributes. So let's ignore EFI_MEMORY_XP if _RP and/or _WP are also set. In this case, it is likely that they are being used to describe the capability of the region (i.e., whether it has the controls to reconfigure it as non-executable) rather than the nature of the contents of the region (i.e., whether it contains data that we will never attempt to execute) Reported-by: Stephen Boyd Tested-by: Stephen Boyd Cc: Matt Fleming Signed-off-by: Ard Biesheuvel --- arch/arm64/kernel/efi.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) -- 2.11.0 diff --git a/arch/arm64/kernel/efi.c b/arch/arm64/kernel/efi.c index 82cd07592519..f85ac58d08a3 100644 --- a/arch/arm64/kernel/efi.c +++ b/arch/arm64/kernel/efi.c @@ -48,7 +48,9 @@ static __init pteval_t create_mapping_protection(efi_memory_desc_t *md) return pgprot_val(PAGE_KERNEL_ROX); /* RW- */ - if (attr & EFI_MEMORY_XP || type != EFI_RUNTIME_SERVICES_CODE) + if (((attr & (EFI_MEMORY_RP | EFI_MEMORY_WP | EFI_MEMORY_XP)) == + EFI_MEMORY_XP) || + type != EFI_RUNTIME_SERVICES_CODE) return pgprot_val(PAGE_KERNEL); /* RWX */