From nobody Fri Sep 26 15:09:13 2025 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4cYDWZ1jJJz68RqM; Fri, 26 Sep 2025 15:09:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R12" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4cYDWZ0zBGz3kTB; Fri, 26 Sep 2025 15:09:14 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1758899354; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=sQlvNI6m4BLvalHWarGk+CxXL0Uirz+hlKYkRggLhVw=; b=tuctzO4Q/91GNwCp716hDLrEikiJLXV5EoS71MVHlpgmunl0BdhMMIFweGFRazLpPSBiqz lYQ7WN/ZZsQQZzss8WVCAZhWQmoxInd+g8T0zE9FqBqAf1RUjaxa55VGPG6OZdYsrYl1T1 ScFiVsrsQjmcF0bEdrBazsVI9m+LJTeu5T8Zcc+y2xAZGAPOXuGMdqIYh9jUsrNRAxlaav MbBueM/c+zEqsB8P88A/EbJoDnl0MmHPLJx1bDW+f1YTV5TPZ/qNzHZVW+J1lmjYaFlDa1 vnuMCQ2W+jaF6+3RxmooIUKvlRZXUYio5onl0pwO/zfowZkzuS4N8Uc7YLXvkA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1758899354; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=sQlvNI6m4BLvalHWarGk+CxXL0Uirz+hlKYkRggLhVw=; b=ukJKQcJs/Ue8uGAebgHjCpcOlq1z1BUmurqH862rTONG1M/qxXqXxWr6x1NamN3UuFLODZ KGVz4UwC6ae8yCvvQb0qwIgpauJwJiMFdThQ5zVEvmVMu5xBpBu9sAFem+0c0GpHhr0Hek cnuOoEdNaKWVLADU2/rd7oaDTE3GZWinJoFmXhsHjKU1i+OiX427yvUxCYIbxKWzX/FVA0 slJTyA/xutXFYrM+MhvJXxiDnfso++B1O+dS+f57K15M2+fq+J9/HzhqfzbqiA1oRG3glo lSQqafUP4iDZbkQws+VSqNdeKsbieb6uVOVZe/imrJJv/mzW70djrCEnBhrMLw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1758899354; a=rsa-sha256; cv=none; b=WEoPz11urLD5Bhbq7a697ebJYdTAg8XadskEzbll99KFoi2rNSxVGXOVBXpyN3MXqxtYGX vq67zArSoFGvCZQPpShCW9faNAl8Cd6/lsxFKquCayU4puAoetZBspRxTq+WfrwbkLgkFp gCUJczTi1i0rKpvWSfdW97K8d4wgHGjWRcqwJyBLrlgJC4tyI53GMcLa4fh9L7EL3eHn4F qj54UL4KecNaukNBWaIBWdMAHdMHqUgZc8fVgIPVOP6GoTGXQVO8Thmn/xQw6CY1kKGGbU RrCwqHgQYUpJ1Vv6bOFK14tKLssmRUKKjmM2Gw5IezIX0COCI7V68g0BnbApfg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4cYDWZ0PRBzsrH; Fri, 26 Sep 2025 15:09:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 58QF9DFJ058125; Fri, 26 Sep 2025 15:09:13 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 58QF9DuY058123; Fri, 26 Sep 2025 15:09:13 GMT (envelope-from git) Date: Fri, 26 Sep 2025 15:09:13 GMT Message-Id: <202509261509.58QF9DuY058123@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Andrew Turner Subject: git: cee4802d0e2a - main - arm64: Mark EFI memory as userspace non-executable List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: andrew X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: cee4802d0e2a4f55cecb270f3ab00febe4c220db Auto-Submitted: auto-generated The branch main has been updated by andrew: URL: https://cgit.FreeBSD.org/src/commit/?id=cee4802d0e2a4f55cecb270f3ab00febe4c220db commit cee4802d0e2a4f55cecb270f3ab00febe4c220db Author: Andrew Turner AuthorDate: 2025-09-26 15:06:42 +0000 Commit: Andrew Turner CommitDate: 2025-09-26 15:07:41 +0000 arm64: Mark EFI memory as userspace non-executable FEAT_PAN3 adds the SCTLR_EL1.EPAN field. This tells the hardware to raise a permission abort when userspace could execute a page, i.e. the ATTR_S1_UXN field is clear in the page table. This causes issues for the EFI runtime as we only mark non-executable pages with this flag leading to a permission fault when accessing it. Fix this by marking all EFI mappings with ATTR_S1_UXN. The kernel already had this field set so was already safe. Reported by: tuexen Reviewed by: tuexen Sponsored by: Arm Ltd Differential Revision: https://reviews.freebsd.org/D52750 --- sys/arm64/arm64/efirt_machdep.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/sys/arm64/arm64/efirt_machdep.c b/sys/arm64/arm64/efirt_machdep.c index 0301eb91c9ef..f814d45f5dd0 100644 --- a/sys/arm64/arm64/efirt_machdep.c +++ b/sys/arm64/arm64/efirt_machdep.c @@ -218,8 +218,9 @@ efi_create_1t1_map(struct efi_md *map, int ndesc, int descsz) p->md_phys, mode, p->md_pages); } - l3_attr = ATTR_AF | pmap_sh_attr | ATTR_S1_IDX(mode) | - ATTR_S1_AP(ATTR_S1_AP_RW) | ATTR_S1_nG | L3_PAGE; + l3_attr = ATTR_S1_UXN | ATTR_AF | pmap_sh_attr | + ATTR_S1_IDX(mode) | ATTR_S1_AP(ATTR_S1_AP_RW) | + ATTR_S1_nG | L3_PAGE; if (mode == VM_MEMATTR_DEVICE || p->md_attr & EFI_MD_ATTR_XP) l3_attr |= ATTR_S1_XN;