lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20180417211304.7B3F1FDB@viggo.jf.intel.com>
Date:   Tue, 17 Apr 2018 14:13:04 -0700
From:   Dave Hansen <dave.hansen@...ux.intel.com>
To:     linux-kernel@...r.kernel.org
Cc:     linux-mm@...ck.org, Dave Hansen <dave.hansen@...ux.intel.com>,
        mceier@...il.com, aaro.koskinen@...ia.com, aarcange@...hat.com,
        luto@...nel.org, arjan@...ux.intel.com, bp@...en8.de,
        dan.j.williams@...el.com, dwmw2@...radead.org,
        gregkh@...uxfoundation.org, hughd@...gle.com, jpoimboe@...hat.com,
        jgross@...e.com, keescook@...gle.com,
        torvalds@...ux-foundation.org, namit@...are.com,
        peterz@...radead.org, tglx@...utronix.de
Subject: [PATCH 2/2] x86, pti: fix boot warning from Global-bit setting


These are _very_ lightly tested.  I'm throwing them out there for
folks are looking for a fix.

---

From: Dave Hansen <dave.hansen@...ux.intel.com>

pageattr.c is not friendly when it encounters empty (zero) PTEs.  The
kernel linear map is exempt from these checks, but kernel text is not.
This patch adds the code to also exempt kernel text from these checks.
The proximate cause of these warnings was most likely an __init area
that spanned a 2MB page boundary that resulted in a "zero" PMD.

Signed-off-by: Dave Hansen <dave.hansen@...ux.intel.com>
Fixes: 39114b7a7 (x86/pti: Never implicitly clear _PAGE_GLOBAL for kernel image)
Reported-by: Mariusz Ceier <mceier@...il.com>
Reported-by: Aaro Koskinen <aaro.koskinen@...ia.com>
Cc: Andrea Arcangeli <aarcange@...hat.com>
Cc: Andy Lutomirski <luto@...nel.org>
Cc: Arjan van de Ven <arjan@...ux.intel.com>
Cc: Borislav Petkov <bp@...en8.de>
Cc: Dan Williams <dan.j.williams@...el.com>
Cc: David Woodhouse <dwmw2@...radead.org>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: Hugh Dickins <hughd@...gle.com>
Cc: Josh Poimboeuf <jpoimboe@...hat.com>
Cc: Juergen Gross <jgross@...e.com>
Cc: Kees Cook <keescook@...gle.com>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Nadav Amit <namit@...are.com>
Cc: Peter Zijlstra <peterz@...radead.org>
Cc: Thomas Gleixner <tglx@...utronix.de>
Cc: linux-mm@...ck.org
---

 b/arch/x86/mm/pageattr.c |   17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff -puN arch/x86/mm/pageattr.c~pti-glb-warning-inpageattr arch/x86/mm/pageattr.c
--- a/arch/x86/mm/pageattr.c~pti-glb-warning-inpageattr	2018-04-17 14:10:22.695395554 -0700
+++ b/arch/x86/mm/pageattr.c	2018-04-17 14:10:22.721395554 -0700
@@ -1151,6 +1151,16 @@ static int populate_pgd(struct cpa_data
 	return 0;
 }
 
+bool __cpa_pfn_in_highmap(unsigned long pfn)
+{
+	/*
+	 * Kernel text has an alias mapping at a high address, known
+	 * here as "highmap".
+	 */
+	return within_inclusive(pfn, highmap_start_pfn(),
+			highmap_end_pfn());
+}
+
 static int __cpa_process_fault(struct cpa_data *cpa, unsigned long vaddr,
 			       int primary)
 {
@@ -1183,6 +1193,10 @@ static int __cpa_process_fault(struct cp
 		cpa->numpages = 1;
 		cpa->pfn = __pa(vaddr) >> PAGE_SHIFT;
 		return 0;
+
+	} else if (__cpa_pfn_in_highmap(cpa->pfn)) {
+		/* Faults in the highmap are OK, so do not warn: */
+		return -EFAULT;
 	} else {
 		WARN(1, KERN_WARNING "CPA: called for zero pte. "
 			"vaddr = %lx cpa->vaddr = %lx\n", vaddr,
@@ -1335,8 +1349,7 @@ static int cpa_process_alias(struct cpa_
 	 * to touch the high mapped kernel as well:
 	 */
 	if (!within(vaddr, (unsigned long)_text, _brk_end) &&
-	    within_inclusive(cpa->pfn, highmap_start_pfn(),
-			     highmap_end_pfn())) {
+	    __cpa_pfn_in_highmap(cpa->pfn)) {
 		unsigned long temp_cpa_vaddr = (cpa->pfn << PAGE_SHIFT) +
 					       __START_KERNEL_map - phys_base;
 		alias_cpa = *cpa;
_

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ