]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/commit - arch/x86/include/asm/pgtable.h
projects / mirror_ubuntu-bionic-kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 784236d) | patch
x86/mm: Do not auto-massage page protections
authorDave Hansen <dave.hansen@linux.intel.com>
Fri, 6 Apr 2018 20:55:09 +0000 (13:55 -0700)
committerStefan Bader <stefan.bader@canonical.com>
Wed, 8 Aug 2018 12:08:07 +0000 (14:08 +0200)
commit78fb5523aac483a61bf70d0a219ba47de9b052f9
tree56ae8c35e3b0f97f1d4acebeb8d183e337a815b9tree
parent784236d5f3cb4392d7e495cba091483ebcce14a5commit | diff
x86/mm: Do not auto-massage page protections

A PTE is constructed from a physical address and a pgprotval_t.
__PAGE_KERNEL, for instance, is a pgprot_t and must be converted
into a pgprotval_t before it can be used to create a PTE.  This is
done implicitly within functions like pfn_pte() by massage_pgprot().

However, this makes it very challenging to set bits (and keep them
set) if your bit is being filtered out by massage_pgprot().

This moves the bit filtering out of pfn_pte() and friends.  For
users of PAGE_KERNEL*, filtering will be done automatically inside
those macros but for users of __PAGE_KERNEL*, they need to do their
own filtering now.

Note that we also just move pfn_pte/pmd/pud() over to check_pgprot()
instead of massage_pgprot().  This way, we still *look* for
unsupported bits and properly warn about them if we find them.  This
might happen if an unfiltered __PAGE_KERNEL* value was passed in,
for instance.

- printk format warning fix from: Arnd Bergmann <arnd@arndb.de>
- boot crash fix from:            Tom Lendacky <thomas.lendacky@amd.com>
- crash bisected by:              Mike Galbraith <efault@gmx.de>

Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Reported-and-fixed-by: Arnd Bergmann <arnd@arndb.de>
Fixed-by: Tom Lendacky <thomas.lendacky@amd.com>
Bisected-by: Mike Galbraith <efault@gmx.de>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Arjan van de Ven <arjan@linux.intel.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Hugh Dickins <hughd@google.com>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Juergen Gross <jgross@suse.com>
Cc: Kees Cook <keescook@google.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Nadav Amit <namit@vmware.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-mm@kvack.org
Link: http://lkml.kernel.org/r/20180406205509.77E1D7F6@viggo.jf.intel.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
CVE-2018-3620
CVE-2018-3646

(backported from commit fb43d6cb91ef57d9e58d5f69b423784ff4a4c374)
[tyhicks: Backport around missing commit 91f606a]
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
arch/x86/boot/compressed/kaslr.c diff | blob | blame | history
arch/x86/include/asm/pgtable.h diff | blob | blame | history
arch/x86/kernel/head64.c diff | blob | blame | history
arch/x86/kernel/ldt.c diff | blob | blame | history
arch/x86/mm/ident_map.c diff | blob | blame | history
arch/x86/mm/iomap_32.c diff | blob | blame | history
arch/x86/mm/ioremap.c diff | blob | blame | history
arch/x86/mm/kasan_init_64.c diff | blob | blame | history
arch/x86/mm/pgtable.c diff | blob | blame | history
arch/x86/power/hibernate_64.c diff | blob | blame | history
ubuntu-bionic-kernel mirror