The first patch sets up AMOR in hypervisor mode. AMOR needs to be setup before IAMR (details of AMOR/IAMR in each patch). The second patch enables detection of exceptions generated due to instruction fetch violations caused and OOPSs' the task. The third patch enables IAMR for both hypervisor and guest kernels.
IAMR in radix mode, prevents the kernel from executing code from user mode pages. I've tested with patch series with a sample hack and payload. Chris Smart helped with the series, reviewing and providing valuable feedback Changelog from previous post Implement review comments and suggestions Balbir Singh (3): powerpc:Setup AMOR in HV mode powerpc/mm/radix:Detect instruction fetch denied and report powerpc:Enable storage keys for radix - user mode execution arch/powerpc/mm/fault.c | 8 ++++++++ arch/powerpc/mm/pgtable-radix.c | 45 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 53 insertions(+) -- 2.5.5
