]>
Commit | Line | Data |
---|---|---|
321d628a FG |
1 | From f847420cd768a0b95c3159ab822c30c909f0e5ee Mon Sep 17 00:00:00 2001 |
2 | From: Dave Hansen <dave.hansen@linux.intel.com> | |
3 | Date: Mon, 4 Dec 2017 15:07:55 +0100 | |
e4cdf2a5 | 4 | Subject: [PATCH 180/241] x86/mm: Remove hard-coded ASID limit checks |
321d628a FG |
5 | MIME-Version: 1.0 |
6 | Content-Type: text/plain; charset=UTF-8 | |
7 | Content-Transfer-Encoding: 8bit | |
8 | ||
9 | CVE-2017-5754 | |
10 | ||
11 | First, it's nice to remove the magic numbers. | |
12 | ||
13 | Second, PAGE_TABLE_ISOLATION is going to consume half of the available ASID | |
14 | space. The space is currently unused, but add a comment to spell out this | |
15 | new restriction. | |
16 | ||
17 | Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com> | |
18 | Signed-off-by: Thomas Gleixner <tglx@linutronix.de> | |
19 | Cc: Andy Lutomirski <luto@kernel.org> | |
20 | Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com> | |
21 | Cc: Borislav Petkov <bp@alien8.de> | |
22 | Cc: Brian Gerst <brgerst@gmail.com> | |
23 | Cc: Dave Hansen <dave.hansen@intel.com> | |
24 | Cc: David Laight <David.Laight@aculab.com> | |
25 | Cc: Denys Vlasenko <dvlasenk@redhat.com> | |
26 | Cc: Eduardo Valentin <eduval@amazon.com> | |
27 | Cc: Greg KH <gregkh@linuxfoundation.org> | |
28 | Cc: H. Peter Anvin <hpa@zytor.com> | |
29 | Cc: Josh Poimboeuf <jpoimboe@redhat.com> | |
30 | Cc: Juergen Gross <jgross@suse.com> | |
31 | Cc: Linus Torvalds <torvalds@linux-foundation.org> | |
32 | Cc: Peter Zijlstra <peterz@infradead.org> | |
33 | Cc: Will Deacon <will.deacon@arm.com> | |
34 | Cc: aliguori@amazon.com | |
35 | Cc: daniel.gruss@iaik.tugraz.at | |
36 | Cc: hughd@google.com | |
37 | Cc: keescook@google.com | |
38 | Cc: linux-mm@kvack.org | |
39 | Signed-off-by: Ingo Molnar <mingo@kernel.org> | |
40 | (cherry picked from commit cb0a9144a744e55207e24dcef812f05cd15a499a) | |
41 | Signed-off-by: Andy Whitcroft <apw@canonical.com> | |
42 | Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com> | |
43 | (cherry picked from commit fd5d001ae73ccd382d4270f53e27dcf61c4e4749) | |
44 | Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com> | |
45 | --- | |
46 | arch/x86/include/asm/tlbflush.h | 20 ++++++++++++++++++-- | |
47 | 1 file changed, 18 insertions(+), 2 deletions(-) | |
48 | ||
49 | diff --git a/arch/x86/include/asm/tlbflush.h b/arch/x86/include/asm/tlbflush.h | |
50 | index 3a421b164868..c1c10db4156c 100644 | |
51 | --- a/arch/x86/include/asm/tlbflush.h | |
52 | +++ b/arch/x86/include/asm/tlbflush.h | |
53 | @@ -68,6 +68,22 @@ static inline u64 inc_mm_tlb_gen(struct mm_struct *mm) | |
54 | return atomic64_inc_return(&mm->context.tlb_gen); | |
55 | } | |
56 | ||
57 | +/* There are 12 bits of space for ASIDS in CR3 */ | |
58 | +#define CR3_HW_ASID_BITS 12 | |
59 | +/* | |
60 | + * When enabled, PAGE_TABLE_ISOLATION consumes a single bit for | |
61 | + * user/kernel switches | |
62 | + */ | |
63 | +#define PTI_CONSUMED_ASID_BITS 0 | |
64 | + | |
65 | +#define CR3_AVAIL_ASID_BITS (CR3_HW_ASID_BITS - PTI_CONSUMED_ASID_BITS) | |
66 | +/* | |
67 | + * ASIDs are zero-based: 0->MAX_AVAIL_ASID are valid. -1 below to account | |
68 | + * for them being zero-based. Another -1 is because ASID 0 is reserved for | |
69 | + * use by non-PCID-aware users. | |
70 | + */ | |
71 | +#define MAX_ASID_AVAILABLE ((1 << CR3_AVAIL_ASID_BITS) - 2) | |
72 | + | |
73 | /* | |
74 | * If PCID is on, ASID-aware code paths put the ASID+1 into the PCID bits. | |
75 | * This serves two purposes. It prevents a nasty situation in which | |
76 | @@ -80,7 +96,7 @@ struct pgd_t; | |
77 | static inline unsigned long build_cr3(pgd_t *pgd, u16 asid) | |
78 | { | |
79 | if (static_cpu_has(X86_FEATURE_PCID)) { | |
80 | - VM_WARN_ON_ONCE(asid > 4094); | |
81 | + VM_WARN_ON_ONCE(asid > MAX_ASID_AVAILABLE); | |
82 | return __sme_pa(pgd) | (asid + 1); | |
83 | } else { | |
84 | VM_WARN_ON_ONCE(asid != 0); | |
85 | @@ -90,7 +106,7 @@ static inline unsigned long build_cr3(pgd_t *pgd, u16 asid) | |
86 | ||
87 | static inline unsigned long build_cr3_noflush(pgd_t *pgd, u16 asid) | |
88 | { | |
89 | - VM_WARN_ON_ONCE(asid > 4094); | |
90 | + VM_WARN_ON_ONCE(asid > MAX_ASID_AVAILABLE); | |
91 | return __sme_pa(pgd) | (asid + 1) | CR3_NOFLUSH; | |
92 | } | |
93 | ||
94 | -- | |
95 | 2.14.2 | |
96 |