From 81f320de80d335dd7f7777c05b9b528c0aeebf57 Mon Sep 17 00:00:00 2001
From: Mark Johnston <markj@FreeBSD.org>
Date: Wed, 31 Jul 2024 15:32:22 +0000
Subject: [PATCH] arm64: Relax permissions on preloaded metadata

Some routines, preload_delete_name() in particular, need write permission.
---
 sys/arm64/arm64/machdep_boot.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/arm64/arm64/machdep_boot.c b/sys/arm64/arm64/machdep_boot.c
index 2f8c00f6719f..4f011861f83a 100644
--- a/sys/arm64/arm64/machdep_boot.c
+++ b/sys/arm64/arm64/machdep_boot.c
@@ -211,7 +211,7 @@ freebsd_parse_boot_param(struct arm64_bootparams *abp)
 
 	preload_metadata = (caddr_t)(uintptr_t)(abp->modulep);
 	preload_metadata = cheri_kern_andperm(preload_metadata,
-	    CHERI_PERMS_KERNEL_RODATA & CHERI_PERMS_KERNEL_DATA_NOCAP);
+	    CHERI_PERMS_KERNEL_DATA & CHERI_PERMS_KERNEL_DATA_NOCAP);
 	kmdp = preload_search_by_type("elf kernel");
 	if (kmdp == NULL)
 		return (0);