arm64_addrenv_pgmap.c: Revoke user execution access to kernel mmap'd …

…pages Otherwise, user can run code from there
W-M-R · Sep 10, 2024 · 0ca1a07 · 0ca1a07
1 parent eebff25
commit 0ca1a07
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/arch/arm64/src/common/arm64_addrenv_pgmap.c b/arch/arm64/src/common/arm64_addrenv_pgmap.c
@@ -271,6 +271,10 @@ int up_addrenv_kmap_pages(void **pages, unsigned int npages, uintptr_t vaddr,
 
   mask &= ~PTE_BLOCK_DESC_NG;
 
+  /* Also, revoke user execute access */
+
+  mask |= PTE_BLOCK_DESC_UXN;
+
   /* Let arm64_map_pages do the work */
 
   return arm64_map_pages(addrenv, (uintptr_t *)pages, npages, vaddr, mask);