Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 81da1733 authored by James Morse's avatar James Morse Committed by Sami Tolvanen
Browse files

BACKPORT: arm64: kernel: Add support for Privileged Access Never 



'Privileged Access Never' is a new arm8.1 feature which prevents
privileged code from accessing any virtual address where read or write
access is also permitted at EL0.

This patch enables the PAN feature on all CPUs, and modifies {get,put}_user
helpers temporarily to permit access.

This will catch kernel bugs where user memory is accessed directly.
'Unprivileged loads and stores' using ldtrb et al are unaffected by PAN.

Reviewed-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
Signed-off-by: default avatarJames Morse <james.morse@arm.com>
[will: use ALTERNATIVE in asm and tidy up pan_enable check]
Signed-off-by: default avatarWill Deacon <will.deacon@arm.com>

Bug: 31432001
Change-Id: I8faed9555c3af83cced7255585c16064a39a7528
(cherry picked from commit 338d4f49d6f7114a017d294ccf7374df4f998edc)
Signed-off-by: default avatarSami Tolvanen <samitolvanen@google.com>
parent 7c2043e7
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment