Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 2ee75729 authored Apr 03, 2018 by Zhen Kong

soc: qcom: enable QHEE kernel memory protection



Invoke a scm call immediately after self-modification of code region
due to arm errata to protect kernel's memory regions in stage 2 memory
mappings.

Change-Id: I4706ab50ca8f6fa558990564ff8dd4ff967add26
Acked-by: Dane Pitkin <dpitkin@codeaurora.org>
Signed-off-by: Zhen Kong <zkong@codeaurora.org>

parent d1a14e99

arch/arm64/kernel/smp.c

+3 −0

Original line number	Diff line number	Diff line
		@@ -62,6 +62,8 @@
		#include <asm/system_misc.h>
		#include <soc/qcom/minidump.h>

		#include <soc/qcom/scm.h>

		#define CREATE_TRACE_POINTS
		#include <trace/events/ipi.h>

		@@ -404,6 +406,7 @@ void __init smp_cpus_done(unsigned int max_cpus)
		setup_cpu_features();
		hyp_mode_check();
		apply_alternatives_all();
		scm_enable_mem_protection();
		mark_linear_text_alias_ro();
		}

drivers/soc/qcom/Kconfig

+9 −0

Original line number	Diff line number	Diff line
		@@ -758,6 +758,15 @@ config QCOM_CDSP_RM
		to improve RPC latency. The driver also registers cooling devices for
		CDSP subsystem and implements Cx ipeak limit management.

		config QCOM_QHEE_ENABLE_MEM_PROTECTION
		bool "QHEE enable kernel memory protection"
		depends on QCOM_SCM
		help
		When this option is enabled, an SCM call will be invoked to enable
		kernel memory protection in stage 2 memory mappings on kernel boot.
		This is part of a security feature in QHEE and need to be enabled by
		default.

		endmenu

		config QCOM_HYP_CORE_CTL