Commit ac15bd63 authored by Catalin Marinas's avatar Catalin Marinas Committed by Will Deacon
Browse files

arm64: Honour !PTE_WRITE in set_pte_at() for kernel mappings 



Currently, set_pte_at() only checks the software PTE_WRITE bit for user
mappings when it sets or clears the hardware PTE_RDONLY accordingly. The
kernel ptes are written directly without any modification, relying
solely on the protection bits in macros like PAGE_KERNEL. However,
modifying kernel pte attributes via pte_wrprotect() would be ignored by
set_pte_at(). Since pte_wrprotect() does not set PTE_RDONLY (it only
clears PTE_WRITE), the new permission is not taken into account.

This patch changes set_pte_at() to adjust the read-only permission for
kernel ptes as well. As a side effect, existing PROT_* definitions used
for kernel ioremap*() need to include PTE_DIRTY | PTE_WRITE.

(additionally, white space fix for PTE_KERNEL_ROX)

Acked-by: default avatarAndrey Ryabinin <aryabinin@virtuozzo.com>
Tested-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
Reported-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: default avatarWill Deacon <will.deacon@arm.com>
parent f436b2ac

arch/arm64/include/asm/pgtable.h

+10 −11
Original line number Diff line number Diff line
@@ -67,11 +67,11 @@ extern void __pgd_error(const char *file, int line, unsigned long val); 
#define PROT_DEFAULT		(PTE_TYPE_PAGE | PTE_AF | PTE_SHARED)

#define PROT_SECT_DEFAULT	(PMD_TYPE_SECT | PMD_SECT_AF | PMD_SECT_S)



#define PROT_DEVICE_nGnRnE	(PROT_DEFAULT | PTE_PXN | PTE_UXN | PTE_ATTRINDX(MT_DEVICE_nGnRnE))

#define PROT_DEVICE_nGnRE	(PROT_DEFAULT | PTE_PXN | PTE_UXN | PTE_ATTRINDX(MT_DEVICE_nGnRE))

#define PROT_NORMAL_NC		(PROT_DEFAULT | PTE_PXN | PTE_UXN | PTE_ATTRINDX(MT_NORMAL_NC))

#define PROT_NORMAL_WT		(PROT_DEFAULT | PTE_PXN | PTE_UXN | PTE_ATTRINDX(MT_NORMAL_WT))

#define PROT_NORMAL		(PROT_DEFAULT | PTE_PXN | PTE_UXN | PTE_ATTRINDX(MT_NORMAL))

#define PROT_DEVICE_nGnRnE	(PROT_DEFAULT | PTE_PXN | PTE_UXN | PTE_DIRTY | PTE_WRITE | PTE_ATTRINDX(MT_DEVICE_nGnRnE))

#define PROT_DEVICE_nGnRE	(PROT_DEFAULT | PTE_PXN | PTE_UXN | PTE_DIRTY | PTE_WRITE | PTE_ATTRINDX(MT_DEVICE_nGnRE))

#define PROT_NORMAL_NC		(PROT_DEFAULT | PTE_PXN | PTE_UXN | PTE_DIRTY | PTE_WRITE | PTE_ATTRINDX(MT_NORMAL_NC))

#define PROT_NORMAL_WT		(PROT_DEFAULT | PTE_PXN | PTE_UXN | PTE_DIRTY | PTE_WRITE | PTE_ATTRINDX(MT_NORMAL_WT))

#define PROT_NORMAL		(PROT_DEFAULT | PTE_PXN | PTE_UXN | PTE_DIRTY | PTE_WRITE | PTE_ATTRINDX(MT_NORMAL))



#define PROT_SECT_DEVICE_nGnRE	(PROT_SECT_DEFAULT | PMD_SECT_PXN | PMD_SECT_UXN | PMD_ATTRINDX(MT_DEVICE_nGnRE))

#define PROT_SECT_NORMAL	(PROT_SECT_DEFAULT | PMD_SECT_PXN | PMD_SECT_UXN | PMD_ATTRINDX(MT_NORMAL))
@@ -153,6 +153,7 @@ extern struct page *empty_zero_page; 
#define pte_write(pte)		(!!(pte_val(pte) & PTE_WRITE))

#define pte_exec(pte)		(!(pte_val(pte) & PTE_UXN))

#define pte_cont(pte)		(!!(pte_val(pte) & PTE_CONT))

#define pte_user(pte)		(!!(pte_val(pte) & PTE_USER))



#ifdef CONFIG_ARM64_HW_AFDBM

#define pte_hw_dirty(pte)	(pte_write(pte) && !(pte_val(pte) & PTE_RDONLY))
@@ -163,8 +164,6 @@ extern struct page *empty_zero_page; 
#define pte_dirty(pte)		(pte_sw_dirty(pte) || pte_hw_dirty(pte))



#define pte_valid(pte)		(!!(pte_val(pte) & PTE_VALID))

#define pte_valid_user(pte) \

	((pte_val(pte) & (PTE_VALID | PTE_USER)) == (PTE_VALID | PTE_USER))

#define pte_valid_not_user(pte) \

	((pte_val(pte) & (PTE_VALID | PTE_USER)) == PTE_VALID)

#define pte_valid_young(pte) \
@@ -278,13 +277,13 @@ extern void __sync_icache_dcache(pte_t pteval, unsigned long addr); 
static inline void set_pte_at(struct mm_struct *mm, unsigned long addr,

			      pte_t *ptep, pte_t pte)

{

	if (pte_valid_user(pte)) {

		if (!pte_special(pte) && pte_exec(pte))

			__sync_icache_dcache(pte, addr);

	if (pte_valid(pte)) {

		if (pte_sw_dirty(pte) && pte_write(pte))

			pte_val(pte) &= ~PTE_RDONLY;

		else

			pte_val(pte) |= PTE_RDONLY;

		if (pte_user(pte) && pte_exec(pte) && !pte_special(pte))

			__sync_icache_dcache(pte, addr);

	}



	/*

CRA Git | Maintained and supported by SUSTech CRA and CCSE