Re: [RFC] arm64/linux/loader: Use EFI CODE allocations for the linux kernel

On Mon, 8 Apr 2019 at 02:56, Leif Lindholm wrote: > > On Mon, Apr 08, 2019 at 12:19:05PM +0300, Alexander Graf wrote: > > On 05.04.19 06:06, Leif Lindholm wrote: > > > This does bring to mind the clunkiness of the above. Marking > > > *everything* executable bypasses the improved security provided

Re: [RFC] arm64/linux/loader: Use EFI CODE allocations for the linux kernel

On Mon, Apr 8, 2019 at 7:47 AM Jeffrey Hugo wrote: > > On Mon, Apr 8, 2019 at 3:56 AM Leif Lindholm wrote: > > > > On Mon, Apr 08, 2019 at 12:19:05PM +0300, Alexander Graf wrote: > > > On 05.04.19 06:06, Leif Lindholm wrote: > > > > This does bring to mind the clunkiness of the above. Marking > >

Re: [RFC] arm64/linux/loader: Use EFI CODE allocations for the linux kernel

On Mon, Apr 8, 2019 at 3:56 AM Leif Lindholm wrote: > > On Mon, Apr 08, 2019 at 12:19:05PM +0300, Alexander Graf wrote: > > On 05.04.19 06:06, Leif Lindholm wrote: > > > This does bring to mind the clunkiness of the above. Marking > > > *everything* executable bypasses the improved security provid

Re: [RFC] arm64/linux/loader: Use EFI CODE allocations for the linux kernel

On Mon, Apr 08, 2019 at 12:19:05PM +0300, Alexander Graf wrote: > On 05.04.19 06:06, Leif Lindholm wrote: > > This does bring to mind the clunkiness of the above. Marking > > *everything* executable bypasses the improved security provided by the > > firmware. Should I register a bug on Savannah to

Re: [RFC] arm64/linux/loader: Use EFI CODE allocations for the linux kernel

On 05.04.19 06:06, Leif Lindholm wrote: > On Thu, Apr 04, 2019 at 06:57:29PM +0200, Daniel Kiper wrote: >> On Thu, Apr 04, 2019 at 07:54:55AM -0700, Jeffrey Hugo wrote: >>> Some UEFI implementations for ARM64 devices apply strict permissions on >>> the different allocation types. In these implem

Re: [RFC] arm64/linux/loader: Use EFI CODE allocations for the linux kernel

On Fri, Apr 05, 2019 at 04:06:57AM +0100, Leif Lindholm wrote: > On Thu, Apr 04, 2019 at 06:57:29PM +0200, Daniel Kiper wrote: > > On Thu, Apr 04, 2019 at 07:54:55AM -0700, Jeffrey Hugo wrote: > > > Some UEFI implementations for ARM64 devices apply strict permissions on > > > the different allocati

Re: [RFC] arm64/linux/loader: Use EFI CODE allocations for the linux kernel

On Thu, Apr 04, 2019 at 06:57:29PM +0200, Daniel Kiper wrote: > On Thu, Apr 04, 2019 at 07:54:55AM -0700, Jeffrey Hugo wrote: > > Some UEFI implementations for ARM64 devices apply strict permissions on > > the different allocation types. In these implementations, DATA > > allocations have XN (exec

Re: [RFC] arm64/linux/loader: Use EFI CODE allocations for the linux kernel

On Thu, Apr 04, 2019 at 07:54:55AM -0700, Jeffrey Hugo wrote: > Some UEFI implementations for ARM64 devices apply strict permissions on > the different allocation types. In these implementations, DATA > allocations have XN (execute never) permissions, preventing code execution > from those pages.