| /optee_os/core/arch/arm/include/kernel/ |
| H A D | user_access_arch.h | 6fa59c9a70dc15e204c9215a7a21ff2cb7f59cb2 Fri May 12 05:16:14 UTC 2023 Seonghyun Park <seonghp@amazon.com> arm64: Introduce permissive PAN implementation
Privileged Access Never (PAN) is a part of ARMv8.1 extension that
restricts accesses to unprivileged memory from privileged mode
in order to prevent unintended accesses to potentially malicious
memory.
This introduces configuration of PAN and helper functions
enter_user_access() and exit_user_access() that toggles PSTATE.PAN
that controls the behavior of PAN.
Current OP-TEE impelmentation is not ready to apply strict PAN policy
due to missing user-access function uses, etc.
Hence, this patch takes a very permissive approach (yet better
than nothing), where PAN is deactivated in the entire lifetime of
thread_svc_handler (i.e., system call).
Signed-off-by: Seonghyun Park <seonghp@amazon.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
|
| /optee_os/core/arch/riscv/include/kernel/ |
| H A D | user_access_arch.h | 6fa59c9a70dc15e204c9215a7a21ff2cb7f59cb2 Fri May 12 05:16:14 UTC 2023 Seonghyun Park <seonghp@amazon.com> arm64: Introduce permissive PAN implementation
Privileged Access Never (PAN) is a part of ARMv8.1 extension that
restricts accesses to unprivileged memory from privileged mode
in order to prevent unintended accesses to potentially malicious
memory.
This introduces configuration of PAN and helper functions
enter_user_access() and exit_user_access() that toggles PSTATE.PAN
that controls the behavior of PAN.
Current OP-TEE impelmentation is not ready to apply strict PAN policy
due to missing user-access function uses, etc.
Hence, this patch takes a very permissive approach (yet better
than nothing), where PAN is deactivated in the entire lifetime of
thread_svc_handler (i.e., system call).
Signed-off-by: Seonghyun Park <seonghp@amazon.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
|
| /optee_os/core/include/kernel/ |
| H A D | user_access.h | 6fa59c9a70dc15e204c9215a7a21ff2cb7f59cb2 Fri May 12 05:16:14 UTC 2023 Seonghyun Park <seonghp@amazon.com> arm64: Introduce permissive PAN implementation
Privileged Access Never (PAN) is a part of ARMv8.1 extension that
restricts accesses to unprivileged memory from privileged mode
in order to prevent unintended accesses to potentially malicious
memory.
This introduces configuration of PAN and helper functions
enter_user_access() and exit_user_access() that toggles PSTATE.PAN
that controls the behavior of PAN.
Current OP-TEE impelmentation is not ready to apply strict PAN policy
due to missing user-access function uses, etc.
Hence, this patch takes a very permissive approach (yet better
than nothing), where PAN is deactivated in the entire lifetime of
thread_svc_handler (i.e., system call).
Signed-off-by: Seonghyun Park <seonghp@amazon.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
|
| /optee_os/core/arch/arm/include/ |
| H A D | arm64_macros.S | 6fa59c9a70dc15e204c9215a7a21ff2cb7f59cb2 Fri May 12 05:16:14 UTC 2023 Seonghyun Park <seonghp@amazon.com> arm64: Introduce permissive PAN implementation
Privileged Access Never (PAN) is a part of ARMv8.1 extension that
restricts accesses to unprivileged memory from privileged mode
in order to prevent unintended accesses to potentially malicious
memory.
This introduces configuration of PAN and helper functions
enter_user_access() and exit_user_access() that toggles PSTATE.PAN
that controls the behavior of PAN.
Current OP-TEE impelmentation is not ready to apply strict PAN policy
due to missing user-access function uses, etc.
Hence, this patch takes a very permissive approach (yet better
than nothing), where PAN is deactivated in the entire lifetime of
thread_svc_handler (i.e., system call).
Signed-off-by: Seonghyun Park <seonghp@amazon.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
|
| H A D | arm64.h | 6fa59c9a70dc15e204c9215a7a21ff2cb7f59cb2 Fri May 12 05:16:14 UTC 2023 Seonghyun Park <seonghp@amazon.com> arm64: Introduce permissive PAN implementation
Privileged Access Never (PAN) is a part of ARMv8.1 extension that
restricts accesses to unprivileged memory from privileged mode
in order to prevent unintended accesses to potentially malicious
memory.
This introduces configuration of PAN and helper functions
enter_user_access() and exit_user_access() that toggles PSTATE.PAN
that controls the behavior of PAN.
Current OP-TEE impelmentation is not ready to apply strict PAN policy
due to missing user-access function uses, etc.
Hence, this patch takes a very permissive approach (yet better
than nothing), where PAN is deactivated in the entire lifetime of
thread_svc_handler (i.e., system call).
Signed-off-by: Seonghyun Park <seonghp@amazon.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
|
| /optee_os/core/arch/arm/kernel/ |
| H A D | entry_a64.S | 6fa59c9a70dc15e204c9215a7a21ff2cb7f59cb2 Fri May 12 05:16:14 UTC 2023 Seonghyun Park <seonghp@amazon.com> arm64: Introduce permissive PAN implementation
Privileged Access Never (PAN) is a part of ARMv8.1 extension that
restricts accesses to unprivileged memory from privileged mode
in order to prevent unintended accesses to potentially malicious
memory.
This introduces configuration of PAN and helper functions
enter_user_access() and exit_user_access() that toggles PSTATE.PAN
that controls the behavior of PAN.
Current OP-TEE impelmentation is not ready to apply strict PAN policy
due to missing user-access function uses, etc.
Hence, this patch takes a very permissive approach (yet better
than nothing), where PAN is deactivated in the entire lifetime of
thread_svc_handler (i.e., system call).
Signed-off-by: Seonghyun Park <seonghp@amazon.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
|
| H A D | thread.c | 6fa59c9a70dc15e204c9215a7a21ff2cb7f59cb2 Fri May 12 05:16:14 UTC 2023 Seonghyun Park <seonghp@amazon.com> arm64: Introduce permissive PAN implementation
Privileged Access Never (PAN) is a part of ARMv8.1 extension that
restricts accesses to unprivileged memory from privileged mode
in order to prevent unintended accesses to potentially malicious
memory.
This introduces configuration of PAN and helper functions
enter_user_access() and exit_user_access() that toggles PSTATE.PAN
that controls the behavior of PAN.
Current OP-TEE impelmentation is not ready to apply strict PAN policy
due to missing user-access function uses, etc.
Hence, this patch takes a very permissive approach (yet better
than nothing), where PAN is deactivated in the entire lifetime of
thread_svc_handler (i.e., system call).
Signed-off-by: Seonghyun Park <seonghp@amazon.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
|
| /optee_os/mk/ |
| H A D | config.mk | 6fa59c9a70dc15e204c9215a7a21ff2cb7f59cb2 Fri May 12 05:16:14 UTC 2023 Seonghyun Park <seonghp@amazon.com> arm64: Introduce permissive PAN implementation
Privileged Access Never (PAN) is a part of ARMv8.1 extension that
restricts accesses to unprivileged memory from privileged mode
in order to prevent unintended accesses to potentially malicious
memory.
This introduces configuration of PAN and helper functions
enter_user_access() and exit_user_access() that toggles PSTATE.PAN
that controls the behavior of PAN.
Current OP-TEE impelmentation is not ready to apply strict PAN policy
due to missing user-access function uses, etc.
Hence, this patch takes a very permissive approach (yet better
than nothing), where PAN is deactivated in the entire lifetime of
thread_svc_handler (i.e., system call).
Signed-off-by: Seonghyun Park <seonghp@amazon.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
|