diff options
| author | Christophe Leroy <christophe.leroy@c-s.fr> | 2019-04-18 02:51:19 -0400 |
|---|---|---|
| committer | Michael Ellerman <mpe@ellerman.id.au> | 2019-04-21 09:05:56 -0400 |
| commit | 0fb1c25ab523614b056ace11be67aac8f8ccabb1 (patch) | |
| tree | 0f458e2ca41b6e94626f1d7bc41c4557e42a44ec | |
| parent | 69795cabe4cfe5122438d50010ad5310c113a013 (diff) | |
powerpc: Add skeleton for Kernel Userspace Execution Prevention
This patch adds a skeleton for Kernel Userspace Execution Prevention.
Then subarches implementing it have to define CONFIG_PPC_HAVE_KUEP
and provide setup_kuep() function.
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
[mpe: Don't split strings, use pr_crit_ratelimited()]
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
| -rw-r--r-- | Documentation/admin-guide/kernel-parameters.txt | 2 | ||||
| -rw-r--r-- | arch/powerpc/include/asm/kup.h | 6 | ||||
| -rw-r--r-- | arch/powerpc/mm/fault.c | 9 | ||||
| -rw-r--r-- | arch/powerpc/mm/init-common.c | 11 | ||||
| -rw-r--r-- | arch/powerpc/platforms/Kconfig.cputype | 12 |
5 files changed, 34 insertions, 6 deletions
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 2b8ee90bb644..a53df74589e5 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt | |||
| @@ -2843,7 +2843,7 @@ | |||
| 2843 | Disable SMAP (Supervisor Mode Access Prevention) | 2843 | Disable SMAP (Supervisor Mode Access Prevention) |
| 2844 | even if it is supported by processor. | 2844 | even if it is supported by processor. |
| 2845 | 2845 | ||
| 2846 | nosmep [X86] | 2846 | nosmep [X86,PPC] |
| 2847 | Disable SMEP (Supervisor Mode Execution Prevention) | 2847 | Disable SMEP (Supervisor Mode Execution Prevention) |
| 2848 | even if it is supported by processor. | 2848 | even if it is supported by processor. |
| 2849 | 2849 | ||
diff --git a/arch/powerpc/include/asm/kup.h b/arch/powerpc/include/asm/kup.h index 7a88b8b9b54d..a2a959cb4e36 100644 --- a/arch/powerpc/include/asm/kup.h +++ b/arch/powerpc/include/asm/kup.h | |||
| @@ -6,6 +6,12 @@ | |||
| 6 | 6 | ||
| 7 | void setup_kup(void); | 7 | void setup_kup(void); |
| 8 | 8 | ||
| 9 | #ifdef CONFIG_PPC_KUEP | ||
| 10 | void setup_kuep(bool disabled); | ||
| 11 | #else | ||
| 12 | static inline void setup_kuep(bool disabled) { } | ||
| 13 | #endif /* CONFIG_PPC_KUEP */ | ||
| 14 | |||
| 9 | #endif /* !__ASSEMBLY__ */ | 15 | #endif /* !__ASSEMBLY__ */ |
| 10 | 16 | ||
| 11 | #endif /* _ASM_POWERPC_KUP_H_ */ | 17 | #endif /* _ASM_POWERPC_KUP_H_ */ |
diff --git a/arch/powerpc/mm/fault.c b/arch/powerpc/mm/fault.c index 887f11bcf330..3384354abc1d 100644 --- a/arch/powerpc/mm/fault.c +++ b/arch/powerpc/mm/fault.c | |||
| @@ -229,11 +229,10 @@ static bool bad_kernel_fault(bool is_exec, unsigned long error_code, | |||
| 229 | /* NX faults set DSISR_PROTFAULT on the 8xx, DSISR_NOEXEC_OR_G on others */ | 229 | /* NX faults set DSISR_PROTFAULT on the 8xx, DSISR_NOEXEC_OR_G on others */ |
| 230 | if (is_exec && (error_code & (DSISR_NOEXEC_OR_G | DSISR_KEYFAULT | | 230 | if (is_exec && (error_code & (DSISR_NOEXEC_OR_G | DSISR_KEYFAULT | |
| 231 | DSISR_PROTFAULT))) { | 231 | DSISR_PROTFAULT))) { |
| 232 | printk_ratelimited(KERN_CRIT "kernel tried to execute" | 232 | pr_crit_ratelimited("kernel tried to execute %s page (%lx) - exploit attempt? (uid: %d)\n", |
| 233 | " exec-protected page (%lx) -" | 233 | address >= TASK_SIZE ? "exec-protected" : "user", |
| 234 | "exploit attempt? (uid: %d)\n", | 234 | address, |
| 235 | address, from_kuid(&init_user_ns, | 235 | from_kuid(&init_user_ns, current_uid())); |
| 236 | current_uid())); | ||
| 237 | } | 236 | } |
| 238 | return is_exec || (address >= TASK_SIZE); | 237 | return is_exec || (address >= TASK_SIZE); |
| 239 | } | 238 | } |
diff --git a/arch/powerpc/mm/init-common.c b/arch/powerpc/mm/init-common.c index 36d28e872289..83f95a5565d6 100644 --- a/arch/powerpc/mm/init-common.c +++ b/arch/powerpc/mm/init-common.c | |||
| @@ -26,8 +26,19 @@ | |||
| 26 | #include <asm/pgtable.h> | 26 | #include <asm/pgtable.h> |
| 27 | #include <asm/kup.h> | 27 | #include <asm/kup.h> |
| 28 | 28 | ||
| 29 | static bool disable_kuep = !IS_ENABLED(CONFIG_PPC_KUEP); | ||
| 30 | |||
| 31 | static int __init parse_nosmep(char *p) | ||
| 32 | { | ||
| 33 | disable_kuep = true; | ||
| 34 | pr_warn("Disabling Kernel Userspace Execution Prevention\n"); | ||
| 35 | return 0; | ||
| 36 | } | ||
| 37 | early_param("nosmep", parse_nosmep); | ||
| 38 | |||
| 29 | void __init setup_kup(void) | 39 | void __init setup_kup(void) |
| 30 | { | 40 | { |
| 41 | setup_kuep(disable_kuep); | ||
| 31 | } | 42 | } |
| 32 | 43 | ||
| 33 | #define CTOR(shift) static void ctor_##shift(void *addr) \ | 44 | #define CTOR(shift) static void ctor_##shift(void *addr) \ |
diff --git a/arch/powerpc/platforms/Kconfig.cputype b/arch/powerpc/platforms/Kconfig.cputype index 842b2c7e156a..7d30bbbaa3c1 100644 --- a/arch/powerpc/platforms/Kconfig.cputype +++ b/arch/powerpc/platforms/Kconfig.cputype | |||
| @@ -345,6 +345,18 @@ config PPC_RADIX_MMU_DEFAULT | |||
| 345 | 345 | ||
| 346 | If you're unsure, say Y. | 346 | If you're unsure, say Y. |
| 347 | 347 | ||
| 348 | config PPC_HAVE_KUEP | ||
| 349 | bool | ||
| 350 | |||
| 351 | config PPC_KUEP | ||
| 352 | bool "Kernel Userspace Execution Prevention" | ||
| 353 | depends on PPC_HAVE_KUEP | ||
| 354 | default y | ||
| 355 | help | ||
| 356 | Enable support for Kernel Userspace Execution Prevention (KUEP) | ||
| 357 | |||
| 358 | If you're unsure, say Y. | ||
| 359 | |||
| 348 | config ARCH_ENABLE_HUGEPAGE_MIGRATION | 360 | config ARCH_ENABLE_HUGEPAGE_MIGRATION |
| 349 | def_bool y | 361 | def_bool y |
| 350 | depends on PPC_BOOK3S_64 && HUGETLB_PAGE && MIGRATION | 362 | depends on PPC_BOOK3S_64 && HUGETLB_PAGE && MIGRATION |