lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20241009142222.1489500-2-christian.bruel@foss.st.com>
Date: Wed, 9 Oct 2024 16:22:22 +0200
From: Christian Bruel <christian.bruel@...s.st.com>
To: <linux@...linux.org.uk>
CC: <linux-arm-kernel@...ts.infradead.org>, <linux-kernel@...r.kernel.org>,
        <christian.bruel@...s.st.com>, <alexandre.torgue@...s.st.com>
Subject: [PATCH 1/1] ARM: decompressor: Use Domain Manager Access permissions

EL1 exec access with read/write permissions result in a Permission Fault if
SCTLR.WXN or SCTLR.UWXN is set by the trusted firmware.
Since XN attribute is not checked for domains marked a Manager, change
the domain used for kernel relocation.

Signed-off-by: Christian Bruel <christian.bruel@...s.st.com>
---
 arch/arm/boot/compressed/head.S | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/arm/boot/compressed/head.S b/arch/arm/boot/compressed/head.S
index 9f406e9c0ea6..d4ee205f3b9c 100644
--- a/arch/arm/boot/compressed/head.S
+++ b/arch/arm/boot/compressed/head.S
@@ -888,7 +888,7 @@ __armv7_mmu_cache_on:
  ARM_BE8(	orr	r0, r0, #1 << 25 )	@ big-endian page tables
 		mrcne   p15, 0, r6, c2, c0, 2   @ read ttb control reg
 		orrne	r0, r0, #1		@ MMU enabled
-		movne	r1, #0xfffffffd		@ domain 0 = client
+		movne	r1, #0xffffffff		@ domains = Manager
 		bic     r6, r6, #1 << 31        @ 32-bit translation system
 		bic     r6, r6, #(7 << 0) | (1 << 4)	@ use only ttbr0
 		mcrne	p15, 0, r3, c2, c0, 0	@ load page table pointer
-- 
2.34.1


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ