ARM: decompressor: Disable SCTLR.UWXN and SCTLR.WXN on armv7 MMU enable

[PATCH] ARM: decompressor: Disable SCTLR.UWXN and SCTLR.WXN on armv7 MMU enable

Posted by Antonio Borneo 1 week, 3 days ago

The bits 19 and 20 of the register SCTLR were reported as reserved
RAZ/SBZP in the ARM DDI 0406 "Architecture Reference Manual ARMv7-A
and ARMv7-R" till version B of the manual.

From version C of the manual, published in 2011, for devices with
Virtualisation Extension, these two bits have new functionality:
- SCTLR.WXN, bit[19]: if set, forces regions with write permission
  to be XN (execute never);
- SCTLR.UWXN, bit[20]: if set, forces regions with write permission
  to be XN for PL1 accesses.

The kernel decompressor initializes the MMU with a simple setup
where all the RAM that it's supposed to be used is mapped as RWX
(read/write/execute).
With this MMU setup, the kernel decompressor crashes with a fetch
abort if an element in the boot chain has set either of these two
bits.

Clear the SCTLR.UWXN and SCTLR.WXN bits while enabling the MMU on
armv7.

Signed-off-by: Antonio Borneo <antonio.borneo@foss.st.com>
---
 arch/arm/boot/compressed/head.S | 1 +
 1 file changed, 1 insertion(+)

diff --git a/arch/arm/boot/compressed/head.S b/arch/arm/boot/compressed/head.S
index 9f406e9c0ea6f..e4adfaf0411b6 100644
--- a/arch/arm/boot/compressed/head.S
+++ b/arch/arm/boot/compressed/head.S
@@ -886,6 +886,7 @@ __armv7_mmu_cache_on:
 						@ (needed for ARM1176)
 #ifdef CONFIG_MMU
  ARM_BE8(	orr	r0, r0, #1 << 25 )	@ big-endian page tables
+		bic	r0, r0, #3 << 19	@ clear SCTLR.UWXN and SCTLR.WXN
 		mrcne   p15, 0, r6, c2, c0, 2   @ read ttb control reg
 		orrne	r0, r0, #1		@ MMU enabled
 		movne	r1, #0xfffffffd		@ domain 0 = client

base-commit: 254f49634ee16a731174d2ae34bc50bd5f45e731
-- 
2.34.1