projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 09104d3) | patch
x86: switch default mapping attributes to non-executable
authorJan Beulich <jbeulich@suse.com>
Fri, 22 May 2015 08:50:14 +0000 (10:50 +0200)
committerJan Beulich <jbeulich@suse.com>
Fri, 22 May 2015 08:50:14 +0000 (10:50 +0200)
commitabcf15fa8f8b6e22430a364391d5d4ca20de999f
tree3cb420c060049eab9d21c803cab69e364349b6d8tree | snapshot
parent09104d3e0c8d9392828863fb7a60eac68b9a60fbcommit | diff
x86: switch default mapping attributes to non-executable

Only a very limited subset of mappings need to be done as executable
ones; in particular the direct mapping should not be executable to
limit the damage attackers can cause by exploiting security relevant
bugs.

The EFI change at once includes an adjustment to set NX only when
supported by the hardware.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
xen/arch/x86/domain.c diff | blob | history
xen/arch/x86/domain_page.c diff | blob | history
xen/arch/x86/mm.c diff | blob | history
xen/arch/x86/setup.c diff | blob | history
xen/arch/x86/x86_64/mm.c diff | blob | history
xen/common/efi/boot.c diff | blob | history
xen/include/asm-x86/page.h diff | blob | history
xen/include/asm-x86/x86_64/page.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.