x86/kasan: Write protect kasan zero shadow

After kasan_init() executed, no one is allowed to write to kasan_zero_page,
so write protect it.

Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
Reviewed-by: Borislav Petkov <bp@suse.de>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Luis R. Rodriguez <mcgrof@suse.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Toshi Kani <toshi.kani@hp.com>
Cc: linux-mm@kvack.org
Link: http://lkml.kernel.org/r/1452516679-32040-3-git-send-email-aryabinin@virtuozzo.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>

1 files changed, 8 insertions, 2 deletions

diff --git a/arch/x86/mm/kasan_init_64.c b/arch/x86/mm/kasan_init_64.c
index 303e47045864..1b1110fa0057 100644
--- a/arch/x86/mm/kasan_init_64.c
+++ b/arch/x86/mm/kasan_init_64.c
@@ -125,10 +125,16 @@ void __init kasan_init(void)
 
         /*
          * kasan_zero_page has been used as early shadow memory, thus it may
-         * contain some garbage. Now we can clear it, since after the TLB flush
-         * no one should write to it.
+         * contain some garbage. Now we can clear and write protect it, since
+         * after the TLB flush no one should write to it.
          */
         memset(kasan_zero_page, 0, PAGE_SIZE);
+        for (i = 0; i < PTRS_PER_PTE; i++) {
+                pte_t pte = __pte(__pa(kasan_zero_page) | __PAGE_KERNEL_RO);
+                set_pte(&kasan_zero_pte[i], pte);
+        }
+        /* Flush TLBs again to be sure that write protection applied. */
+        __flush_tlb_all();
 
         init_task.kasan_depth = 0;
         pr_info("KernelAddressSanitizer initialized\n");