For historical reasons, the EFI startup code uses R/W/X mappings for most memory regions that it maps, and in the mixed mode case, it even maps all of DRAM R/W/X in its 1:1 mapping. Let's tighten this a bit, and use the NX bit where possible, and ensure that at least the kernel text+rodata are not mapped RWX in the mixed mode case. Cc: Andy Lutomirski <luto@xxxxxxxxxx> Cc: Ingo Molnar <mingo@xxxxxxxxxx> Ard Biesheuvel (3): x86/mm: fix NX bit clearing issue in kernel_map_pages_in_pgd efi/x86: don't map the entire kernel text RW for mixed mode efi/x86: avoid RWX mappings for all of DRAM arch/x86/mm/pageattr.c | 8 +------- arch/x86/platform/efi/efi_64.c | 21 ++++++++++++++------ 2 files changed, 16 insertions(+), 13 deletions(-) -- 2.17.1
