pve-edge-kernel/patches/kernel/0201-x86-mm-pti-Map-ESPFIX-into-user-space.patch

From 9378cf5830b41fc4659335da883d2a1d52fe0661 Mon Sep 17 00:00:00 2001
From: Andy Lutomirski <[email protected]>
Date: Fri, 15 Dec 2017 22:08:18 +0100
Subject: [PATCH 201/242] x86/mm/pti: Map ESPFIX into user space
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

CVE-2017-5754

Map the ESPFIX pages into user space when PTI is enabled.

Signed-off-by: Andy Lutomirski <[email protected]>
Signed-off-by: Thomas Gleixner <[email protected]>
Cc: Borislav Petkov <[email protected]>
Cc: Brian Gerst <[email protected]>
Cc: Dave Hansen <[email protected]>
Cc: David Laight <[email protected]>
Cc: H. Peter Anvin <[email protected]>
Cc: Josh Poimboeuf <[email protected]>
Cc: Juergen Gross <[email protected]>
Cc: Kees Cook <[email protected]>
Cc: Linus Torvalds <[email protected]>
Cc: Peter Zijlstra <[email protected]>
Signed-off-by: Ingo Molnar <[email protected]>
(cherry picked from commit 4b6bbe95b87966ba08999574db65c93c5e925a36)
Signed-off-by: Andy Whitcroft <[email protected]>
Signed-off-by: Kleber Sacilotto de Souza <[email protected]>
(cherry picked from commit f5103cc3035ae6d1816404696ee2eb06d53b6709)
Signed-off-by: Fabian Grünbichler <[email protected]>
---
 arch/x86/mm/pti.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/arch/x86/mm/pti.c b/arch/x86/mm/pti.c
index 0e78797650a7..b1c38ef9fbbb 100644
--- a/arch/x86/mm/pti.c
+++ b/arch/x86/mm/pti.c
@@ -287,6 +287,16 @@ static void __init pti_clone_user_shared(void)
 	pti_clone_p4d(CPU_ENTRY_AREA_BASE);
 }
 
+/*
+ * Clone the ESPFIX P4D into the user space visinble page table
+ */
+static void __init pti_setup_espfix64(void)
+{
+#ifdef CONFIG_X86_ESPFIX64
+	pti_clone_p4d(ESPFIX_BASE_ADDR);
+#endif
+}
+
 /*
  * Clone the populated PMDs of the entry and irqentry text and force it RO.
  */
@@ -308,4 +318,5 @@ void __init pti_init(void)
 
 	pti_clone_user_shared();
 	pti_clone_entry_text();
+	pti_setup_espfix64();
 }
-- 
2.14.2