Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 96d70542dcbf395944f80480ca487b8aef1fb818 / . / arch / x86 / mm / setup_nx.c
blob: f65a33f505b683a02aa7543ea653e54a8cdedc28 [file] [log] [blame]
Jeremy Fitzhardingec44c9ec2009-09-21 13:40:42 -0700[diff] [blame]1#include <linux/spinlock.h>
2#include <linux/errno.h>
3#include <linux/init.h>
4
5#include <asm/pgtable.h>
H. Peter Anvin4763ed42009-11-13 15:28:16 -0800[diff] [blame]6#include <asm/proto.h>
Borislav Petkovcd4d09e2016-01-26 22:12:04 +0100[diff] [blame]7#include <asm/cpufeature.h>
Jeremy Fitzhardingec44c9ec2009-09-21 13:40:42 -0700[diff] [blame]8
Paul Gortmaker148f9bb2013-06-18 18:23:59 -0400[diff] [blame]9static int disable_nx;
Jeremy Fitzhardingec44c9ec2009-09-21 13:40:42 -0700[diff] [blame]10
11/*
12 * noexec = on|off
13 *
14 * Control non-executable mappings for processes.
15 *
16 * on Enable
17 * off Disable
18 */
19static int __init noexec_setup(char *str)
20{
21 if (!str)
22 return -EINVAL;
23 if (!strncmp(str, "on", 2)) {
Jeremy Fitzhardingec44c9ec2009-09-21 13:40:42 -0700[diff] [blame]24 disable_nx = 0;
25 } else if (!strncmp(str, "off", 3)) {
26 disable_nx = 1;
Jeremy Fitzhardingec44c9ec2009-09-21 13:40:42 -0700[diff] [blame]27 }
H. Peter Anvin4763ed42009-11-13 15:28:16 -0800[diff] [blame]28 x86_configure_nx();
Jeremy Fitzhardingec44c9ec2009-09-21 13:40:42 -0700[diff] [blame]29 return 0;
30}
31early_param("noexec", noexec_setup);
Jeremy Fitzhardingec44c9ec2009-09-21 13:40:42 -0700[diff] [blame]32
Paul Gortmaker148f9bb2013-06-18 18:23:59 -0400[diff] [blame]33void x86_configure_nx(void)
Jeremy Fitzhardingec44c9ec2009-09-21 13:40:42 -0700[diff] [blame]34{
Andy Lutomirskie16d8a62016-04-26 08:52:44 -0700[diff] [blame]35 if (boot_cpu_has(X86_FEATURE_NX) && !disable_nx)
36 __supported_pte_mask |= _PAGE_NX;
37 else
Jeremy Fitzhardingec44c9ec2009-09-21 13:40:42 -0700[diff] [blame]38 __supported_pte_mask &= ~_PAGE_NX;
39}
Kees Cook4b0f3b82009-11-13 15:28:17 -0800[diff] [blame]40
41void __init x86_report_nx(void)
42{
Borislav Petkov362f9242015-12-07 10:39:41 +0100[diff] [blame]43 if (!boot_cpu_has(X86_FEATURE_NX)) {
Kees Cook4b0f3b82009-11-13 15:28:17 -0800[diff] [blame]44 printk(KERN_NOTICE "Notice: NX (Execute Disable) protection "
Kees Cook6036f372010-11-10 10:35:54 -0800[diff] [blame]45 "missing in CPU!\n");
Kees Cook4b0f3b82009-11-13 15:28:17 -0800[diff] [blame]46 } else {
47#if defined(CONFIG_X86_64) || defined(CONFIG_X86_PAE)
48 if (disable_nx) {
49 printk(KERN_INFO "NX (Execute Disable) protection: "
50 "disabled by kernel command line option\n");
51 } else {
52 printk(KERN_INFO "NX (Execute Disable) protection: "
53 "active\n");
54 }
55#else
56 /* 32bit non-PAE kernel, NX cannot be used */
57 printk(KERN_NOTICE "Notice: NX (Execute Disable) protection "
58 "cannot be enabled: non-PAE kernel!\n");
59#endif
60 }
61}