K 10
svn:author
V 6
andrew
K 8
svn:date
V 27
2017-05-30T12:44:01.774757Z
K 7
svn:log
V 713
MFC r316734, r316761: Support Execute-Never bit in the arm64 pmap.

r316734:
Start to use the User and Privileged execute-never bits in the arm64
pagetables. This sets both bits when entering an address we know shouldn't
be executed.

I expect we could mark all userspace pages as Privileged execute-never to
ensure the kernel doesn't branch to one of these addresses.

While here add the ARMv8.1 upper attributes.

r316761:
Set the arm64 Execute-never bits in more places.

We need to set the Execute-never bits when mapping device memory as the
hardware may perform speculative instruction fetches.

Set the Privileged Execute-ever bit on userspace memory to stop the kernel
if it is tricked into executing it.

END