arm64: Add table attributes to the EFI maps
Use table attributes to also limit unprivileged access to the EFI runtime mappings. This is mostly for parity with pmap as this is never mapped while userspace could execute. Reviewed by: tuexen Sponsored by: Arm Ltd Differential Revision: https://reviews.freebsd.org/D52751
This commit is contained in:
@@ -106,7 +106,8 @@ efi_1t1_l3(vm_offset_t va)
|
||||
if (*l0 == 0) {
|
||||
m = efi_1t1_page();
|
||||
mphys = VM_PAGE_TO_PHYS(m);
|
||||
*l0 = PHYS_TO_PTE(mphys) | L0_TABLE;
|
||||
*l0 = PHYS_TO_PTE(mphys) | TATTR_UXN_TABLE |
|
||||
TATTR_AP_TABLE_NO_EL0 | L0_TABLE;
|
||||
} else {
|
||||
mphys = PTE_TO_PHYS(*l0);
|
||||
}
|
||||
@@ -117,7 +118,8 @@ efi_1t1_l3(vm_offset_t va)
|
||||
if (*l1 == 0) {
|
||||
m = efi_1t1_page();
|
||||
mphys = VM_PAGE_TO_PHYS(m);
|
||||
*l1 = PHYS_TO_PTE(mphys) | L1_TABLE;
|
||||
*l1 = PHYS_TO_PTE(mphys) | TATTR_UXN_TABLE |
|
||||
TATTR_AP_TABLE_NO_EL0 | L1_TABLE;
|
||||
} else {
|
||||
mphys = PTE_TO_PHYS(*l1);
|
||||
}
|
||||
@@ -128,7 +130,8 @@ efi_1t1_l3(vm_offset_t va)
|
||||
if (*l2 == 0) {
|
||||
m = efi_1t1_page();
|
||||
mphys = VM_PAGE_TO_PHYS(m);
|
||||
*l2 = PHYS_TO_PTE(mphys) | L2_TABLE;
|
||||
*l2 = PHYS_TO_PTE(mphys) | TATTR_UXN_TABLE |
|
||||
TATTR_AP_TABLE_NO_EL0 | L2_TABLE;
|
||||
} else {
|
||||
mphys = PTE_TO_PHYS(*l2);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user