superrob1500
/
mirror-linux
mirror of https://github.com/torvalds/linux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
mirror-linux/arch
History
Ard Biesheuvel e0169d62ef arm64: efi: Set NX compat flag in PE/COFF header 
[ Upstream commit 3c66bb1918 ]

The PE/COFF header has a NX compat flag which informs the firmware that
the application does not rely on memory regions being mapped with both
executable and writable permissions at the same time.

This is typically used by the firmware to decide whether it can set the
NX attribute on all allocations it returns, but going forward, it may be
used to enforce a policy that only permits applications with the NX flag
set to be loaded to begin wiht in some configurations, e.g., when Secure
Boot is in effect.

Even though the arm64 version of the EFI stub may relocate the kernel
before executing it, it always did so after disabling the MMU, and so we
were always in line with what the NX compat flag conveys, we just never
bothered to set it.

So let's set the flag now.

Cc: <stable@vger.kernel.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2023-04-06 12:10:37 +02:00
..
alpha alpha: fix R_ALPHA_LITERAL reloc for large modules 2023-03-17 08:50:31 +01:00
arc
arm ARM: dts: aspeed: p10bmc: Update battery node name 2023-04-06 12:10:35 +02:00
arm64 arm64: efi: Set NX compat flag in PE/COFF header 2023-04-06 12:10:37 +02:00
csky
hexagon
ia64 ia64: fix build error due to switch case label appearing next to declaration 2023-02-09 11:28:23 +01:00
loongarch LoongArch: Only call get_timer_irq() once in constant_clockevent_init() 2023-03-22 13:33:54 +01:00
m68k m68k: Only force 030 bus error if PC not in exception table 2023-03-30 12:49:17 +02:00
microblaze kbuild: fix "cat: .version: No such file or directory" 2022-11-24 09:26:02 +09:00
mips MIPS: Fix a compilation issue 2023-03-17 08:50:30 +01:00
nios2 nios2: add FORCE for vmlinuz.gz 2022-11-27 08:28:41 +09:00
openrisc
parisc parisc: Wire up PTRACE_GETREGS/PTRACE_SETREGS for compat case 2023-02-09 11:28:20 +01:00
powerpc powerpc/64: Replace -mcpu=e500mc64 by -mcpu=e5500 2023-03-22 13:34:07 +01:00
riscv riscv: ftrace: Fixup panic by disabling preemption 2023-04-06 12:10:35 +02:00
s390 s390/ipl: add missing intersection check to ipl_report handling 2023-03-22 13:33:56 +01:00
sh sh: sanitize the flags on sigreturn 2023-03-30 12:49:19 +02:00
sparc sparc: allow PM configs for sparc32 COMPILE_TEST 2023-03-10 09:33:27 +01:00
um UML: define RUNTIME_DISCARD_EXIT 2023-03-17 08:50:32 +01:00
x86 x86/fpu/xstate: Prevent false-positive warning in __copy_xstate_uabi_buf() 2023-03-30 12:49:21 +02:00
xtensa xtensa: add __umulsidi3 helper 2023-01-07 11:11:46 +01:00
.gitignore
Kconfig ftrace: Allow WITH_ARGS flavour of graph tracer with shadow call stack 2022-12-31 13:32:45 +01:00