git: f7a1a16225a2 - stable/15 - arm64: Add table attributes to the EFI maps
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 13 Jan 2026 16:27:25 UTC
The branch stable/15 has been updated by andrew:
URL: https://cgit.FreeBSD.org/src/commit/?id=f7a1a16225a268ed787f5d7d6e8a00c569beab32
commit f7a1a16225a268ed787f5d7d6e8a00c569beab32
Author: Andrew Turner <andrew@FreeBSD.org>
AuthorDate: 2025-09-26 15:06:58 +0000
Commit: Andrew Turner <andrew@FreeBSD.org>
CommitDate: 2026-01-13 14:06:19 +0000
arm64: Add table attributes to the EFI maps
Use table attributes to also limit unprivileged access to the EFI
runtime mappings. This is mostly for parity with pmap as this is never
mapped while userspace could execute.
Reviewed by: tuexen
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D52751
(cherry picked from commit 2554148bd85b172afcc1431df3272f920c82ebce)
---
sys/arm64/arm64/efirt_machdep.c | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/sys/arm64/arm64/efirt_machdep.c b/sys/arm64/arm64/efirt_machdep.c
index f814d45f5dd0..bde0d4f784dc 100644
--- a/sys/arm64/arm64/efirt_machdep.c
+++ b/sys/arm64/arm64/efirt_machdep.c
@@ -106,7 +106,8 @@ efi_1t1_l3(vm_offset_t va)
if (*l0 == 0) {
m = efi_1t1_page();
mphys = VM_PAGE_TO_PHYS(m);
- *l0 = PHYS_TO_PTE(mphys) | L0_TABLE;
+ *l0 = PHYS_TO_PTE(mphys) | TATTR_UXN_TABLE |
+ TATTR_AP_TABLE_NO_EL0 | L0_TABLE;
} else {
mphys = PTE_TO_PHYS(*l0);
}
@@ -117,7 +118,8 @@ efi_1t1_l3(vm_offset_t va)
if (*l1 == 0) {
m = efi_1t1_page();
mphys = VM_PAGE_TO_PHYS(m);
- *l1 = PHYS_TO_PTE(mphys) | L1_TABLE;
+ *l1 = PHYS_TO_PTE(mphys) | TATTR_UXN_TABLE |
+ TATTR_AP_TABLE_NO_EL0 | L1_TABLE;
} else {
mphys = PTE_TO_PHYS(*l1);
}
@@ -128,7 +130,8 @@ efi_1t1_l3(vm_offset_t va)
if (*l2 == 0) {
m = efi_1t1_page();
mphys = VM_PAGE_TO_PHYS(m);
- *l2 = PHYS_TO_PTE(mphys) | L2_TABLE;
+ *l2 = PHYS_TO_PTE(mphys) | TATTR_UXN_TABLE |
+ TATTR_AP_TABLE_NO_EL0 | L2_TABLE;
} else {
mphys = PTE_TO_PHYS(*l2);
}