diff options
| author |   Christophe Leroy <christophe.leroy@c-s.fr> | 2019-03-11 08:30:33 +0000 |
|---|---|---|
| committer |   Michael Ellerman <mpe@ellerman.id.au> | 2019-04-21 23:11:46 +1000 |
| commit | 06fbe81b5909847aa13f9c86c2b6f9bbc5c2795b (patch) | |
| tree | dd48ae9729e84beaa712f9d5dfa9ba9638f74d25 /arch/powerpc/mm | |
| parent | powerpc/8xx: Only define APG0 and APG1 (diff) | |
| download | linux-dev-06fbe81b5909847aa13f9c86c2b6f9bbc5c2795b.tar.xz linux-dev-06fbe81b5909847aa13f9c86c2b6f9bbc5c2795b.zip | |
powerpc/8xx: Add Kernel Userspace Execution Prevention
This patch adds Kernel Userspace Execution Prevention on the 8xx.
When a page is Executable, it is set Executable for Key 0 and NX
for Key 1.
Up to now, the User group is defined with Key 0 for both User and
Supervisor.
By changing the group to Key 0 for User and Key 1 for Supervisor,
this patch prevents the Kernel from being able to execute user code.
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Diffstat (limited to 'arch/powerpc/mm')
| -rw-r--r-- | arch/powerpc/mm/8xx_mmu.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/arch/powerpc/mm/8xx_mmu.c b/arch/powerpc/mm/8xx_mmu.c index fe1f6443d57f..e257a0c9bd08 100644 --- a/arch/powerpc/mm/8xx_mmu.c +++ b/arch/powerpc/mm/8xx_mmu.c @@ -213,3 +213,15 @@ void flush_instruction_cache(void) mtspr(SPRN_IC_CST, IDC_INVALL); isync(); } + +#ifdef CONFIG_PPC_KUEP +void __init setup_kuep(bool disabled) +{ + if (disabled) + return; + + pr_info("Activating Kernel Userspace Execution Prevention\n"); + + mtspr(SPRN_MI_AP, MI_APG_KUEP); +} +#endif |