diff options
Diffstat (limited to 'arch/x86')
| -rw-r--r-- | arch/x86/include/asm/mmu_context.h | 6 | ||||
| -rw-r--r-- | arch/x86/include/asm/mpx.h | 15 | ||||
| -rw-r--r-- | arch/x86/mm/mpx.c | 10 |
3 files changed, 17 insertions, 14 deletions
diff --git a/arch/x86/include/asm/mmu_context.h b/arch/x86/include/asm/mmu_context.h index 93dff1963337..9024236693d2 100644 --- a/arch/x86/include/asm/mmu_context.h +++ b/arch/x86/include/asm/mmu_context.h | |||
| @@ -278,8 +278,8 @@ static inline void arch_bprm_mm_init(struct mm_struct *mm, | |||
| 278 | mpx_mm_init(mm); | 278 | mpx_mm_init(mm); |
| 279 | } | 279 | } |
| 280 | 280 | ||
| 281 | static inline void arch_unmap(struct mm_struct *mm, struct vm_area_struct *vma, | 281 | static inline void arch_unmap(struct mm_struct *mm, unsigned long start, |
| 282 | unsigned long start, unsigned long end) | 282 | unsigned long end) |
| 283 | { | 283 | { |
| 284 | /* | 284 | /* |
| 285 | * mpx_notify_unmap() goes and reads a rarely-hot | 285 | * mpx_notify_unmap() goes and reads a rarely-hot |
| @@ -299,7 +299,7 @@ static inline void arch_unmap(struct mm_struct *mm, struct vm_area_struct *vma, | |||
| 299 | * consistently wrong. | 299 | * consistently wrong. |
| 300 | */ | 300 | */ |
| 301 | if (unlikely(cpu_feature_enabled(X86_FEATURE_MPX))) | 301 | if (unlikely(cpu_feature_enabled(X86_FEATURE_MPX))) |
| 302 | mpx_notify_unmap(mm, vma, start, end); | 302 | mpx_notify_unmap(mm, start, end); |
| 303 | } | 303 | } |
| 304 | 304 | ||
| 305 | /* | 305 | /* |
diff --git a/arch/x86/include/asm/mpx.h b/arch/x86/include/asm/mpx.h index d0b1434fb0b6..143a5c193ed3 100644 --- a/arch/x86/include/asm/mpx.h +++ b/arch/x86/include/asm/mpx.h | |||
| @@ -64,12 +64,15 @@ struct mpx_fault_info { | |||
| 64 | }; | 64 | }; |
| 65 | 65 | ||
| 66 | #ifdef CONFIG_X86_INTEL_MPX | 66 | #ifdef CONFIG_X86_INTEL_MPX |
| 67 | int mpx_fault_info(struct mpx_fault_info *info, struct pt_regs *regs); | 67 | |
| 68 | int mpx_handle_bd_fault(void); | 68 | extern int mpx_fault_info(struct mpx_fault_info *info, struct pt_regs *regs); |
| 69 | extern int mpx_handle_bd_fault(void); | ||
| 70 | |||
| 69 | static inline int kernel_managing_mpx_tables(struct mm_struct *mm) | 71 | static inline int kernel_managing_mpx_tables(struct mm_struct *mm) |
| 70 | { | 72 | { |
| 71 | return (mm->context.bd_addr != MPX_INVALID_BOUNDS_DIR); | 73 | return (mm->context.bd_addr != MPX_INVALID_BOUNDS_DIR); |
| 72 | } | 74 | } |
| 75 | |||
| 73 | static inline void mpx_mm_init(struct mm_struct *mm) | 76 | static inline void mpx_mm_init(struct mm_struct *mm) |
| 74 | { | 77 | { |
| 75 | /* | 78 | /* |
| @@ -78,11 +81,10 @@ static inline void mpx_mm_init(struct mm_struct *mm) | |||
| 78 | */ | 81 | */ |
| 79 | mm->context.bd_addr = MPX_INVALID_BOUNDS_DIR; | 82 | mm->context.bd_addr = MPX_INVALID_BOUNDS_DIR; |
| 80 | } | 83 | } |
| 81 | void mpx_notify_unmap(struct mm_struct *mm, struct vm_area_struct *vma, | ||
| 82 | unsigned long start, unsigned long end); | ||
| 83 | 84 | ||
| 84 | unsigned long mpx_unmapped_area_check(unsigned long addr, unsigned long len, | 85 | extern void mpx_notify_unmap(struct mm_struct *mm, unsigned long start, unsigned long end); |
| 85 | unsigned long flags); | 86 | extern unsigned long mpx_unmapped_area_check(unsigned long addr, unsigned long len, unsigned long flags); |
| 87 | |||
| 86 | #else | 88 | #else |
| 87 | static inline int mpx_fault_info(struct mpx_fault_info *info, struct pt_regs *regs) | 89 | static inline int mpx_fault_info(struct mpx_fault_info *info, struct pt_regs *regs) |
| 88 | { | 90 | { |
| @@ -100,7 +102,6 @@ static inline void mpx_mm_init(struct mm_struct *mm) | |||
| 100 | { | 102 | { |
| 101 | } | 103 | } |
| 102 | static inline void mpx_notify_unmap(struct mm_struct *mm, | 104 | static inline void mpx_notify_unmap(struct mm_struct *mm, |
| 103 | struct vm_area_struct *vma, | ||
| 104 | unsigned long start, unsigned long end) | 105 | unsigned long start, unsigned long end) |
| 105 | { | 106 | { |
| 106 | } | 107 | } |
diff --git a/arch/x86/mm/mpx.c b/arch/x86/mm/mpx.c index 59726aaf4671..0d1c47cbbdd6 100644 --- a/arch/x86/mm/mpx.c +++ b/arch/x86/mm/mpx.c | |||
| @@ -881,9 +881,10 @@ static int mpx_unmap_tables(struct mm_struct *mm, | |||
| 881 | * the virtual address region start...end have already been split if | 881 | * the virtual address region start...end have already been split if |
| 882 | * necessary, and the 'vma' is the first vma in this range (start -> end). | 882 | * necessary, and the 'vma' is the first vma in this range (start -> end). |
| 883 | */ | 883 | */ |
| 884 | void mpx_notify_unmap(struct mm_struct *mm, struct vm_area_struct *vma, | 884 | void mpx_notify_unmap(struct mm_struct *mm, unsigned long start, |
| 885 | unsigned long start, unsigned long end) | 885 | unsigned long end) |
| 886 | { | 886 | { |
| 887 | struct vm_area_struct *vma; | ||
| 887 | int ret; | 888 | int ret; |
| 888 | 889 | ||
| 889 | /* | 890 | /* |
| @@ -902,11 +903,12 @@ void mpx_notify_unmap(struct mm_struct *mm, struct vm_area_struct *vma, | |||
| 902 | * which should not occur normally. Being strict about it here | 903 | * which should not occur normally. Being strict about it here |
| 903 | * helps ensure that we do not have an exploitable stack overflow. | 904 | * helps ensure that we do not have an exploitable stack overflow. |
| 904 | */ | 905 | */ |
| 905 | do { | 906 | vma = find_vma(mm, start); |
| 907 | while (vma && vma->vm_start < end) { | ||
| 906 | if (vma->vm_flags & VM_MPX) | 908 | if (vma->vm_flags & VM_MPX) |
| 907 | return; | 909 | return; |
| 908 | vma = vma->vm_next; | 910 | vma = vma->vm_next; |
| 909 | } while (vma && vma->vm_start < end); | 911 | } |
| 910 | 912 | ||
| 911 | ret = mpx_unmap_tables(mm, start, end); | 913 | ret = mpx_unmap_tables(mm, start, end); |
| 912 | if (ret) | 914 | if (ret) |