diff options
| author | Mark Kettenis <kettenis@cvs.openbsd.org> | 2020-08-17 08:12:19 +0000 |
|---|---|---|
| committer | Mark Kettenis <kettenis@cvs.openbsd.org> | 2020-08-17 08:12:19 +0000 |
| commit | 64609c1ec9abfb1a2d0801eae1b63f06bc82632c (patch) | |
| tree | 7cab654df64b78a1e76d169242ec82ce490efff1 /sys/arch | |
| parent | 5ebf90b5ba926a98b72d64850ba4f6507c9c158d (diff) | |
Enable PAN (Privileged Access Never) on CPUs that support it. This means
that user-space access from the kernel is not allowed for "normal"
load/store instructions. Only the special "unprivileged" load/store
instructions are allowed. We already use those in copyin(9) and copyout(9).
ok patrick@, drahn@, jsg@
Diffstat (limited to 'sys/arch')
| -rw-r--r-- | sys/arch/arm64/arm64/cpu.c | 20 | ||||
| -rw-r--r-- | sys/arch/arm64/include/armreg.h | 4 |
2 files changed, 22 insertions, 2 deletions
diff --git a/sys/arch/arm64/arm64/cpu.c b/sys/arch/arm64/arm64/cpu.c index 9bdea31ecab..adecd188982 100644 --- a/sys/arch/arm64/arm64/cpu.c +++ b/sys/arch/arm64/arm64/cpu.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cpu.c,v 1.38 2020/06/04 21:18:16 kettenis Exp $ */ +/* $OpenBSD: cpu.c,v 1.39 2020/08/17 08:12:17 kettenis Exp $ */ /* * Copyright (c) 2016 Dale Rahn <drahn@dalerahn.com> @@ -321,6 +321,7 @@ cpu_attach(struct device *parent, struct device *dev, void *aux) struct fdt_attach_args *faa = aux; struct cpu_info *ci; uint64_t mpidr = READ_SPECIALREG(mpidr_el1); + uint64_t id_aa64mmfr1, sctlr; uint32_t opp; KASSERT(faa->fa_nreg > 0); @@ -393,6 +394,14 @@ cpu_attach(struct device *parent, struct device *dev, void *aux) cpu_cpuspeed = cpu_clockspeed; } + /* Enable PAN. */ + id_aa64mmfr1 = READ_SPECIALREG(id_aa64mmfr1_el1); + if (ID_AA64MMFR1_PAN(id_aa64mmfr1) != ID_AA64MMFR1_PAN_NONE) { + sctlr = READ_SPECIALREG(sctlr_el1); + sctlr &= ~SCTLR_SPAN; + WRITE_SPECIALREG(sctlr_el1, sctlr); + } + /* Initialize debug registers. */ WRITE_SPECIALREG(mdscr_el1, DBG_MDSCR_TDCC); WRITE_SPECIALREG(oslar_el1, 0); @@ -522,6 +531,7 @@ cpu_boot_secondary(struct cpu_info *ci) void cpu_start_secondary(struct cpu_info *ci) { + uint64_t id_aa64mmfr1, sctlr; uint64_t tcr; int s; @@ -544,6 +554,14 @@ cpu_start_secondary(struct cpu_info *ci) tcr |= TCR_A1; WRITE_SPECIALREG(tcr_el1, tcr); + /* Enable PAN. */ + id_aa64mmfr1 = READ_SPECIALREG(id_aa64mmfr1_el1); + if (ID_AA64MMFR1_PAN(id_aa64mmfr1) != ID_AA64MMFR1_PAN_NONE) { + sctlr = READ_SPECIALREG(sctlr_el1); + sctlr &= ~SCTLR_SPAN; + WRITE_SPECIALREG(sctlr_el1, sctlr); + } + /* Initialize debug registers. */ WRITE_SPECIALREG(mdscr_el1, DBG_MDSCR_TDCC); WRITE_SPECIALREG(oslar_el1, 0); diff --git a/sys/arch/arm64/include/armreg.h b/sys/arch/arm64/include/armreg.h index 54a02384510..05a5a37f9d1 100644 --- a/sys/arch/arm64/include/armreg.h +++ b/sys/arch/arm64/include/armreg.h @@ -1,4 +1,4 @@ -/* $OpenBSD: armreg.h,v 1.11 2020/06/05 22:14:25 kettenis Exp $ */ +/* $OpenBSD: armreg.h,v 1.12 2020/08/17 08:12:18 kettenis Exp $ */ /*- * Copyright (c) 2013, 2014 Andrew Turner * Copyright (c) 2015 The FreeBSD Foundation @@ -451,6 +451,7 @@ #define SCTLR_nTWI 0x00010000 #define SCTLR_nTWE 0x00040000 #define SCTLR_WXN 0x00080000 +#define SCTLR_SPAN 0x00800000 #define SCTLR_EOE 0x01000000 #define SCTLR_EE 0x02000000 #define SCTLR_UCI 0x04000000 @@ -478,6 +479,7 @@ #define PSR_D 0x00000200 #define PSR_IL 0x00100000 #define PSR_SS 0x00200000 +#define PSR_PAN 0x00400000 #define PSR_V 0x10000000 #define PSR_C 0x20000000 #define PSR_Z 0x40000000 |