arm64: dump: Add checking for writable and exectuable pages

Page mappings with full RWX permissions are a security risk. x86 has an option to walk the page tables and dump any bad pages. (See e1a58320a38d ("x86/mm: Warn on W^X mappings")). Add a similar implementation for arm64. Reviewed-by: Kees Cook <keescook@chromium.org> Reviewed-by: Mark Rutland <mark.rutland@arm.com> Tested-by: Mark Rutland <mark.rutland@arm.com> Signed-off-by: Laura Abbott <labbott@redhat.com> Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> [catalin.marinas@arm.com: folded fix for KASan out of bounds from Mark Rutland] Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
author: Laura Abbott <labbott@redhat.com> 2016-10-27 09:27:34 -0700
committer: Catalin Marinas <catalin.marinas@arm.com> 2016-11-07 18:15:04 +0000
commit: 1404d6f13e47c42f155e3c6a611b1bf4dd35dde9 (patch)
tree: f6bf9d56920d2c3d7346cd925781b071075c810b /arch/arm64/include/asm/ptdump.h
parent: cfd69e9551a1b1d20a7ba030a0990aa370817f54 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/arch/arm64/include/asm/ptdump.h b/arch/arm64/include/asm/ptdump.h
index f72ee69ee602..6afd8476c60c 100644
--- a/arch/arm64/include/asm/ptdump.h
+++ b/arch/arm64/include/asm/ptdump.h
@@ -42,5 +42,13 @@ static inline int ptdump_debugfs_register(struct ptdump_info *info,
 	return 0;
 }
 #endif
+void ptdump_check_wx(void);
 #endif /* CONFIG_ARM64_PTDUMP_CORE */
+
+#ifdef CONFIG_DEBUG_WX
+#define debug_checkwx()	ptdump_check_wx()
+#else
+#define debug_checkwx()	do { } while (0)
+#endif
+
 #endif /* __ASM_PTDUMP_H */
author	Laura Abbott <labbott@redhat.com>	2016-10-27 09:27:34 -0700
committer	Catalin Marinas <catalin.marinas@arm.com>	2016-11-07 18:15:04 +0000
commit	1404d6f13e47c42f155e3c6a611b1bf4dd35dde9 (patch)
tree	f6bf9d56920d2c3d7346cd925781b071075c810b /arch/arm64/include/asm/ptdump.h
parent	cfd69e9551a1b1d20a7ba030a0990aa370817f54 (diff)