On Mon, Apr 11, 2022 at 11:47:54AM +0200, Ard Biesheuvel wrote: > - allow WXN to be enabled (with an opt-out) so writable mappings are > never executable; Besides all the rest of this series's awesomeness; this really stands out to me. I didn't even know this was a feature in aarch64. Nice! I really like the idea of having this enabled -- anything executing out of a writable mapping should already be considered a mistake (and tons of work over the last 2 decades has already gone into making stuff this doesn't happen in both the kernel and userspace). We could even make a new LKDTM test for this. (Right now stuff like EXEC_DATA just verifies that the .data segment doesn't have the X bit... but adding something like EXEC_WXN where a memory region is made explicitly W+X, and it _still_ can't be executed would be great.) Cool! -Kees -- Kees Cook
