Searched hist:"3 de913f68120aae5a252ef9e38a56d4064b81a2e" (Results 1 – 1 of 1) sorted by relevance
| /optee_os/core/mm/ |
| H A D | mobj.c | 3de913f68120aae5a252ef9e38a56d4064b81a2e Mon Oct 21 08:53:57 UTC 2024 Jens Wiklander <jens.wiklander@linaro.org> core: mm: fix mobj_tee_ram_rw initialization
Until this patch, for CFG_CORE_RWDATA_NOEXEC=n and CFG_CORE_ASLR=y
there's an error in mobj_init() when the length of the combined
TEE_RAM_RWX is calculated.
The relocatable address VCORE_UNPG_RW_PA is mixed with the absolute
address TEE_RAM_START. Relocated addresses only changes with
CFG_CORE_ASLR=y so before ASLR this expression was correct.
The combined TEE_RAM_RWX is only used with CFG_CORE_RWDATA_NOEXEC=n so
that is also a prerequisite for the error. The calculated length field
is usually not more wrong than code depending on
mobj_tee_ram_rw/mobj_tee_ram_rx still works. So the error wasn't visible
until length checks for phys_to_virt() was introduced with the commit
c2e4eb43b7b7 ("core_mmu: fix phys_to_virt() to check length").
Fix this by using VCORE_START_VA instead of TEE_RAM_START since the
former is a relocated address.
Fixes: c2e4eb43b7b7 ("core_mmu: fix phys_to_virt() to check length")
Fixes: 170e9084a84f ("core: add support for CFG_CORE_ASLR")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
|