arm64_addrenv_pgmap.c: Revoke user execution access to kernel mmap'd pages

Otherwise, user can run code from there
2026-05-21 21:34:07 +08:00 · 2024-09-04 12:27:45 +03:00
parent eebff25d69
commit 0ca1a07e84
1 changed files with 4 additions and 0 deletions
@@ -271,6 +271,10 @@ int up_addrenv_kmap_pages(void **pages, unsigned int npages, uintptr_t vaddr,

  mask &= ~PTE_BLOCK_DESC_NG;

+  /* Also, revoke user execute access */
+
+  mask |= PTE_BLOCK_DESC_UXN;
+
  /* Let arm64_map_pages do the work */

  return arm64_map_pages(addrenv, (uintptr_t *)pages, npages, vaddr, mask);