[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [RFC] arm64/linux/loader: Use EFI CODE allocations for the linux ker
|
From: |
Daniel Kiper |
|
Subject: |
Re: [RFC] arm64/linux/loader: Use EFI CODE allocations for the linux kernel |
|
Date: |
Fri, 5 Apr 2019 14:50:15 +0200 |
|
User-agent: |
NeoMutt/20170113 (1.7.2) |
On Fri, Apr 05, 2019 at 04:06:57AM +0100, Leif Lindholm wrote:
> On Thu, Apr 04, 2019 at 06:57:29PM +0200, Daniel Kiper wrote:
> > On Thu, Apr 04, 2019 at 07:54:55AM -0700, Jeffrey Hugo wrote:
> > > Some UEFI implementations for ARM64 devices apply strict permissions on
> > > the different allocation types. In these implementations, DATA
> > > allocations have XN (execute never) permissions, preventing code execution
> > > from those pages.
> > >
> > > On these implementations, the Linux kernel is loaded to DATA pages, which
> > > causes a permission fault when GRUB attempts to kick off the kernel. This
> > > results in a device crash.
> > >
> > > Fix this by allocating CODE pages for the Linux kernel.
> > >
> > > Signed-off-by: Jeffrey Hugo <address@hidden>
> >
> > Make sense for me but I would like to hear Leif's opinion too. I treat
> > this a fix and if he is OK with it I am happy to take it into release.
>
> This complements f826330683675f0deb55b58fd229afd7d65fb053
> ("efi: change heap allocation type to GRUB_EFI_LOADER_CODE"), so I'm
> all for it.
>
> Reviewed-by: Leif Lindholm <address@hidden>
Thanks!
> This does bring to mind the clunkiness of the above. Marking
> *everything* executable bypasses the improved security provided by the
Yeah, I agree. However, AIUI this issue is not ARM specific and also
applies to other UEFI platforms.
> firmware. Should I register a bug on Savannah to address this?
> (blatantly not for the upcoming release)
Please do.
Daniel