From 0ca1a07e8437ab22b63b6128a57c773bcb64645b Mon Sep 17 00:00:00 2001 From: Ville Juven Date: Wed, 4 Sep 2024 12:27:45 +0300 Subject: [PATCH] arm64_addrenv_pgmap.c: Revoke user execution access to kernel mmap'd pages Otherwise, user can run code from there --- arch/arm64/src/common/arm64_addrenv_pgmap.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/arm64/src/common/arm64_addrenv_pgmap.c b/arch/arm64/src/common/arm64_addrenv_pgmap.c index 5fa22e62ac..4f39be0b4d 100644 --- a/arch/arm64/src/common/arm64_addrenv_pgmap.c +++ b/arch/arm64/src/common/arm64_addrenv_pgmap.c @@ -271,6 +271,10 @@ int up_addrenv_kmap_pages(void **pages, unsigned int npages, uintptr_t vaddr, mask &= ~PTE_BLOCK_DESC_NG; + /* Also, revoke user execute access */ + + mask |= PTE_BLOCK_DESC_UXN; + /* Let arm64_map_pages do the work */ return arm64_map_pages(addrenv, (uintptr_t *)pages, npages, vaddr, mask);