On Thu, 15 Dec 2022 at 13:38, Evgeniy Baskov <baskov@xxxxxxxxx> wrote: > > Ensure WP bit to be set to prevent boot code from writing to > non-writable memory pages. > > Tested-by: Mario Limonciello <mario.limonciello@xxxxxxx> > Tested-by: Peter Jones <pjones@xxxxxxxxxx> > Signed-off-by: Evgeniy Baskov <baskov@xxxxxxxxx> Acked-by: Ard Biesheuvel <ardb@xxxxxxxxxx> > --- > arch/x86/boot/compressed/head_64.S | 5 ++--- > 1 file changed, 2 insertions(+), 3 deletions(-) > > diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S > index a75712991df3..9f2e8f50fc71 100644 > --- a/arch/x86/boot/compressed/head_64.S > +++ b/arch/x86/boot/compressed/head_64.S > @@ -660,9 +660,8 @@ SYM_CODE_START(trampoline_32bit_src) > pushl $__KERNEL_CS > pushl %eax > > - /* Enable paging again. */ > - movl %cr0, %eax > - btsl $X86_CR0_PG_BIT, %eax > + /* Enable paging and set CR0 to known state (this also sets WP flag) */ > + movl $CR0_STATE, %eax > movl %eax, %cr0 > > lret > -- > 2.37.4 >
