Home Explore Help
Register Sign In
Apq
/
pve-edge-kernel
mirror of https://github.com/fabianishere/pve-edge-kernel.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: 633c5ed17f
Branches Tags
pve-edge-kernel
/
patches
/
kernel
/
0195-x86-mm-pti-Populate-user-PGD.patch

0195-x86-mm-pti-Populate-user-PGD.patch 2.5 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970 
  1. From 3bc42412073e1c559266e2b07bc1fbce154d92dc Mon Sep 17 00:00:00 2001
    2. 

  2. From: Dave Hansen <[email protected]>
    3. 

  3. Date: Mon, 4 Dec 2017 15:07:40 +0100
    4. 

  4. Subject: [PATCH 195/242] x86/mm/pti: Populate user PGD
    5. 

  5. MIME-Version: 1.0
    6. 

  6. Content-Type: text/plain; charset=UTF-8
    7. 

  7. Content-Transfer-Encoding: 8bit
    8. 

  8. 

  9. CVE-2017-5754
    10. 

  10. 

  11. In clone_pgd_range() copy the init user PGDs which cover the kernel half of
    12. 

  12. the address space, so a process has all the required kernel mappings
    13. 

  13. visible.
    14. 

  14. 

  15. [ tglx: Split out from the big kaiser dump and folded Andys simplification ]
    16. 

  16. 

  17. Signed-off-by: Dave Hansen <[email protected]>
    18. 

  18. Signed-off-by: Thomas Gleixner <[email protected]>
    19. 

  19. Reviewed-by: Borislav Petkov <[email protected]>
    20. 

  20. Cc: Andy Lutomirski <[email protected]>
    21. 

  21. Cc: Boris Ostrovsky <[email protected]>
    22. 

  22. Cc: Borislav Petkov <[email protected]>
    23. 

  23. Cc: Brian Gerst <[email protected]>
    24. 

  24. Cc: David Laight <[email protected]>
    25. 

  25. Cc: Denys Vlasenko <[email protected]>
    26. 

  26. Cc: Eduardo Valentin <[email protected]>
    27. 

  27. Cc: Greg KH <[email protected]>
    28. 

  28. Cc: H. Peter Anvin <[email protected]>
    29. 

  29. Cc: Josh Poimboeuf <[email protected]>
    30. 

  30. Cc: Juergen Gross <[email protected]>
    31. 

  31. Cc: Linus Torvalds <[email protected]>
    32. 

  32. Cc: Peter Zijlstra <[email protected]>
    33. 

  33. Cc: Will Deacon <[email protected]>
    34. 

  34. Cc: [email protected]
    35. 

  35. Cc: [email protected]
    36. 

  36. Cc: [email protected]
    37. 

  37. Cc: [email protected]
    38. 

  38. Signed-off-by: Ingo Molnar <[email protected]>
    39. 

  39. (cherry picked from commit fc2fbc8512ed08d1de7720936fd7d2e4ce02c3a2)
    40. 

  40. Signed-off-by: Andy Whitcroft <[email protected]>
    41. 

  41. Signed-off-by: Kleber Sacilotto de Souza <[email protected]>
    42. 

  42. (cherry picked from commit 26c08c52162e1079cbb3e9ce8e1346a100ea7ccc)
    43. 

  43. Signed-off-by: Fabian Grünbichler <[email protected]>
    44. 

  44. ---
    45. 

  45.  arch/x86/include/asm/pgtable.h | 9 ++++++++-
    46. 

  46.  1 file changed, 8 insertions(+), 1 deletion(-)
    47. 

  47. 

  48. diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h
    49. 

  49. index 3ef8415b2358..25604b8a251a 100644
    50. 

  50. --- a/arch/x86/include/asm/pgtable.h
    51. 

  51. +++ b/arch/x86/include/asm/pgtable.h
    52. 

  52. @@ -1104,7 +1104,14 @@ static inline void pmdp_set_wrprotect(struct mm_struct *mm,
    53. 

  53.   */
    54. 

  54.  static inline void clone_pgd_range(pgd_t *dst, pgd_t *src, int count)
    55. 

  55.  {
    56. 

  56. -       memcpy(dst, src, count * sizeof(pgd_t));
    57. 

  57. +	memcpy(dst, src, count * sizeof(pgd_t));
    58. 

  58. +#ifdef CONFIG_PAGE_TABLE_ISOLATION
    59. 

  59. +	if (!static_cpu_has(X86_FEATURE_PTI))
    60. 

  60. +		return;
    61. 

  61. +	/* Clone the user space pgd as well */
    62. 

  62. +	memcpy(kernel_to_user_pgdp(dst), kernel_to_user_pgdp(src),
    63. 

  63. +	       count * sizeof(pgd_t));
    64. 

  64. +#endif
    65. 

  65.  }
    66. 

  66.  
    67. 

  67.  #define PTE_SHIFT ilog2(PTRS_PER_PTE)
    68. 

  68. -- 
    69. 

  69. 2.14.2
    70. 

  70.