From patchwork Fri Jun 26 15:58:30 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 11627919 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4CF7592A for ; Fri, 26 Jun 2020 15:58:56 +0000 (UTC) Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.kernel.org (Postfix) with SMTP id 50C7B204EC for ; Fri, 26 Jun 2020 15:58:55 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=kernel.org header.i=@kernel.org header.b="jIT0I4Sv" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 50C7B204EC Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=kernel-hardening-return-19178-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com Received: (qmail 28448 invoked by uid 550); 26 Jun 2020 15:58:53 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 28416 invoked from network); 26 Jun 2020 15:58:53 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1593187120; bh=FC+oTGAs23eBdDUGAh1t176WlXiIhxPuC7xFP7W52W0=; h=From:To:Cc:Subject:Date:From; b=jIT0I4Svp9S8w+HXR16FZk9s/faTxhTaNm36i51GkF7fn74oRQWEFERHLG8yNepyz FWwlJ7coS8W53XEtJadpUIiZJe8VYj+HKj8HEO68/ckE+ZhblwIiopUXdgKe+nT4+a Wal3iWhQeOKuIKWmkGDt0k71LhruutLjQpvn2CMI= From: Ard Biesheuvel To: linux-arm-kernel@lists.infradead.org Cc: linux-acpi@vger.kernel.org, will@kernel.org, catalin.marinas@arm.com, lorenzo.pieralisi@arm.com, sudeep.holla@arm.com, kernel-hardening@lists.openwall.com, Ard Biesheuvel Subject: [PATCH v3 0/2] arm64/acpi: restrict AML opregion memory access Date: Fri, 26 Jun 2020 17:58:30 +0200 Message-Id: <20200626155832.2323789-1-ardb@kernel.org> X-Mailer: git-send-email 2.27.0 MIME-Version: 1.0 v2: - do a more elaborate check on the region, against the EFI memory map v3: - split into two patches - fallback to __ioremap() for ACPI reclaim memory, in case it is not covered by the linear mapping (e.g., when booting a kdump kernel) Ard Biesheuvel (2): arm64/acpi: disallow AML memory opregions to access kernel memory arm64/acpi: disallow writeable AML opregion mapping for EFI code regions arch/arm64/include/asm/acpi.h | 15 +--- arch/arm64/kernel/acpi.c | 75 ++++++++++++++++++++ 2 files changed, 76 insertions(+), 14 deletions(-) Acked-by: Lorenzo Pieralisi