| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20241206161210.163701-16-yazen.ghannam@amd.com>
Date: Fri, 6 Dec 2024 16:12:08 +0000
From: Yazen Ghannam <yazen.ghannam@....com>
To: <yazen.ghannam@....com>, <x86@...nel.org>, Tony Luck
<tony.luck@...el.com>, Mario Limonciello <mario.limonciello@....com>, "Bjorn
Helgaas" <bhelgaas@...gle.com>, Jean Delvare <jdelvare@...e.com>, "Guenter
Roeck" <linux@...ck-us.net>, Clemens Ladisch <clemens@...isch.de>, "Shyam
Sundar S K" <Shyam-sundar.S-k@....com>, Hans de Goede <hdegoede@...hat.com>,
Ilpo Järvinen <ilpo.jarvinen@...ux.intel.com>, "Naveen
Krishna Chatradhi" <naveenkrishna.chatradhi@....com>, Suma Hegde
<suma.hegde@....com>
CC: <linux-kernel@...r.kernel.org>, <linux-edac@...r.kernel.org>,
<linux-pci@...r.kernel.org>, <linux-hwmon@...r.kernel.org>,
<platform-driver-x86@...r.kernel.org>
Subject: [PATCH v2 15/16] x86/amd_node: Add SMN offsets to exclusive region access
From: Mario Limonciello <mario.limonciello@....com>
Offsets 0x60 and 0x64 are used internally by kernel drivers that call
the amd_smn_read() and amd_smn_write() functions. If userspace accesses
the regions at the same time as the kernel it may cause malfunctions in
drivers using the offsets.
Add these offsets to the exclusions so that the kernel is tainted if a
non locked down userspace tries to access them.
Signed-off-by: Mario Limonciello <mario.limonciello@....com>
Signed-off-by: Yazen Ghannam <yazen.ghannam@....com>
---
Notes:
Link:
https://lore.kernel.org/20241023172150.659002-16-yazen.ghannam@amd.com
v1->v2:
* No change.
arch/x86/kernel/amd_node.c | 41 ++++++++++++++++++++++++++++++++++++++
1 file changed, 41 insertions(+)
diff --git a/arch/x86/kernel/amd_node.c b/arch/x86/kernel/amd_node.c
index 65045f223c10..ac571948cb35 100644
--- a/arch/x86/kernel/amd_node.c
+++ b/arch/x86/kernel/amd_node.c
@@ -93,6 +93,7 @@ static struct pci_dev **amd_roots;
/* Protect the PCI config register pairs used for SMN. */
static DEFINE_MUTEX(smn_mutex);
+static bool smn_exclusive;
#define SMN_INDEX_OFFSET 0x60
#define SMN_DATA_OFFSET 0x64
@@ -149,6 +150,9 @@ static int __amd_smn_rw(u8 i_off, u8 d_off, u16 node, u32 address, u32 *value, b
if (!root)
return err;
+ if (!smn_exclusive)
+ return err;
+
guard(mutex)(&smn_mutex);
err = pci_write_config_dword(root, i_off, address);
@@ -202,6 +206,39 @@ static int amd_cache_roots(void)
return 0;
}
+static int reserve_root_config_spaces(void)
+{
+ struct pci_dev *root = NULL;
+ struct pci_bus *bus = NULL;
+
+ while ((bus = pci_find_next_bus(bus))) {
+ /* Root device is Device 0 Function 0 on each Primary Bus. */
+ root = pci_get_slot(bus, 0);
+ if (!root)
+ continue;
+
+ if (root->vendor != PCI_VENDOR_ID_AMD &&
+ root->vendor != PCI_VENDOR_ID_HYGON)
+ continue;
+
+ pci_dbg(root, "Reserving PCI config space\n");
+
+ /*
+ * There are a few SMN index/data pairs and other registers
+ * that shouldn't be accessed by user space.
+ * So reserve the entire PCI config space for simplicity rather
+ * than covering specific registers piecemeal.
+ */
+ if (!pci_request_config_region_exclusive(root, 0, PCI_CFG_SPACE_SIZE, NULL)) {
+ pci_err(root, "Failed to reserve config space\n");
+ return -EEXIST;
+ }
+ }
+
+ smn_exclusive = true;
+ return 0;
+}
+
static int __init amd_smn_init(void)
{
int err;
@@ -218,6 +255,10 @@ static int __init amd_smn_init(void)
if (err)
return err;
+ err = reserve_root_config_spaces();
+ if (err)
+ return err;
+
return 0;
}
--
2.43.0
Powered by blists - more mailing lists