powerpc/8xx: Add Kernel Userspace Execution Prevention
This patch adds Kernel Userspace Execution Prevention on the 8xx. When a page is Executable, it is set Executable for Key 0 and NX for Key 1. Up to now, the User group is defined with Key 0 for both User and Supervisor. By changing the group to Key 0 for User and Key 1 for Supervisor, this patch prevents the Kernel from being able to execute user code. Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
This commit is contained in:
parent
c341a108a5
commit
06fbe81b59
|
@ -41,6 +41,13 @@
|
|||
*/
|
||||
#define MI_APG_INIT 0x4fffffff
|
||||
|
||||
/*
|
||||
* 0 => Kernel => 01 (all accesses performed according to page definition)
|
||||
* 1 => User => 10 (all accesses performed according to swaped page definition)
|
||||
* 2-16 => NA => 11 (all accesses performed as user iaw page definition)
|
||||
*/
|
||||
#define MI_APG_KUEP 0x6fffffff
|
||||
|
||||
/* The effective page number register. When read, contains the information
|
||||
* about the last instruction TLB miss. When MI_RPN is written, bits in
|
||||
* this register are used to create the TLB entry.
|
||||
|
|
|
@ -213,3 +213,15 @@ void flush_instruction_cache(void)
|
|||
mtspr(SPRN_IC_CST, IDC_INVALL);
|
||||
isync();
|
||||
}
|
||||
|
||||
#ifdef CONFIG_PPC_KUEP
|
||||
void __init setup_kuep(bool disabled)
|
||||
{
|
||||
if (disabled)
|
||||
return;
|
||||
|
||||
pr_info("Activating Kernel Userspace Execution Prevention\n");
|
||||
|
||||
mtspr(SPRN_MI_AP, MI_APG_KUEP);
|
||||
}
|
||||
#endif
|
||||
|
|
|
@ -34,6 +34,7 @@ config PPC_8xx
|
|||
bool "Freescale 8xx"
|
||||
select FSL_SOC
|
||||
select SYS_SUPPORTS_HUGETLBFS
|
||||
select PPC_HAVE_KUEP
|
||||
|
||||
config 40x
|
||||
bool "AMCC 40x"
|
||||
|
|
Loading…
Reference in New Issue