diff options
| author | Laura Abbott <[email protected]> | 2015-01-21 17:36:06 -0800 |
|---|---|---|
| committer | Catalin Marinas <[email protected]> | 2015-01-22 14:54:29 +0000 |
| commit | da141706aea52c1a9fbd28cb8d289b78819f5436 (patch) | |
| tree | 6fb0fb5a11c98030393c5915802c9ec891b6df51 /fs/jbd/commit.c | |
| parent | 2f896d5866107e2926dcdec34a7d40bc56dd2951 (diff) | |
arm64: add better page protections to arm64
Add page protections for arm64 similar to those in arm.
This is for security reasons to prevent certain classes
of exploits. The current method:
- Map all memory as either RWX or RW. We round to the nearest
section to avoid creating page tables before everything is mapped
- Once everything is mapped, if either end of the RWX section should
not be X, we split the PMD and remap as necessary
- When initmem is to be freed, we change the permissions back to
RW (using stop machine if necessary to flush the TLB)
- If CONFIG_DEBUG_RODATA is set, the read only sections are set
read only.
Acked-by: Ard Biesheuvel <[email protected]>
Tested-by: Kees Cook <[email protected]>
Tested-by: Ard Biesheuvel <[email protected]>
Signed-off-by: Laura Abbott <[email protected]>
Signed-off-by: Catalin Marinas <[email protected]>
Diffstat (limited to 'fs/jbd/commit.c')
0 files changed, 0 insertions, 0 deletions