Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.19 / 10197442f1fbddc95a397aed07a457bd66216fdb / . / arch / x86 / mm / setup_nx.c
blob: adb3c5784dac92294253162970647d9bc0d134d7 [file] [log] [blame]
Greg Kroah-Hartmanb2441312017-11-01 15:07:57 +0100[diff] [blame]1// SPDX-License-Identifier: GPL-2.0
Jeremy Fitzhardingec44c9ec2009-09-21 13:40:42 -0700[diff] [blame]2#include <linux/spinlock.h>
3#include <linux/errno.h>
4#include <linux/init.h>
5
6#include <asm/pgtable.h>
H. Peter Anvin4763ed42009-11-13 15:28:16 -0800[diff] [blame]7#include <asm/proto.h>
Borislav Petkovcd4d09e2016-01-26 22:12:04 +0100[diff] [blame]8#include <asm/cpufeature.h>
Jeremy Fitzhardingec44c9ec2009-09-21 13:40:42 -0700[diff] [blame]9
Paul Gortmaker148f9bb2013-06-18 18:23:59 -0400[diff] [blame]10static int disable_nx;
Jeremy Fitzhardingec44c9ec2009-09-21 13:40:42 -0700[diff] [blame]11
12/*
13 * noexec = on|off
14 *
15 * Control non-executable mappings for processes.
16 *
17 * on Enable
18 * off Disable
19 */
20static int __init noexec_setup(char *str)
21{
22 if (!str)
23 return -EINVAL;
24 if (!strncmp(str, "on", 2)) {
Jeremy Fitzhardingec44c9ec2009-09-21 13:40:42 -0700[diff] [blame]25 disable_nx = 0;
26 } else if (!strncmp(str, "off", 3)) {
27 disable_nx = 1;
Jeremy Fitzhardingec44c9ec2009-09-21 13:40:42 -0700[diff] [blame]28 }
H. Peter Anvin4763ed42009-11-13 15:28:16 -0800[diff] [blame]29 x86_configure_nx();
Jeremy Fitzhardingec44c9ec2009-09-21 13:40:42 -0700[diff] [blame]30 return 0;
31}
32early_param("noexec", noexec_setup);
Jeremy Fitzhardingec44c9ec2009-09-21 13:40:42 -0700[diff] [blame]33
Paul Gortmaker148f9bb2013-06-18 18:23:59 -0400[diff] [blame]34void x86_configure_nx(void)
Jeremy Fitzhardingec44c9ec2009-09-21 13:40:42 -0700[diff] [blame]35{
Andy Lutomirskie16d8a62016-04-26 08:52:44 -0700[diff] [blame]36 if (boot_cpu_has(X86_FEATURE_NX) && !disable_nx)
37 __supported_pte_mask |= _PAGE_NX;
38 else
Jeremy Fitzhardingec44c9ec2009-09-21 13:40:42 -0700[diff] [blame]39 __supported_pte_mask &= ~_PAGE_NX;
40}
Kees Cook4b0f3b82009-11-13 15:28:17 -0800[diff] [blame]41
42void __init x86_report_nx(void)
43{
Borislav Petkov362f9242015-12-07 10:39:41 +0100[diff] [blame]44 if (!boot_cpu_has(X86_FEATURE_NX)) {
Kees Cook4b0f3b82009-11-13 15:28:17 -0800[diff] [blame]45 printk(KERN_NOTICE "Notice: NX (Execute Disable) protection "
Kees Cook6036f372010-11-10 10:35:54 -0800[diff] [blame]46 "missing in CPU!\n");
Kees Cook4b0f3b82009-11-13 15:28:17 -0800[diff] [blame]47 } else {
48#if defined(CONFIG_X86_64) || defined(CONFIG_X86_PAE)
49 if (disable_nx) {
50 printk(KERN_INFO "NX (Execute Disable) protection: "
51 "disabled by kernel command line option\n");
52 } else {
53 printk(KERN_INFO "NX (Execute Disable) protection: "
54 "active\n");
55 }
56#else
57 /* 32bit non-PAE kernel, NX cannot be used */
58 printk(KERN_NOTICE "Notice: NX (Execute Disable) protection "
59 "cannot be enabled: non-PAE kernel!\n");
60#endif
61 }
62}