diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2012-10-01 16:59:17 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2012-10-01 16:59:17 -0400 |
| commit | 15385dfe7e0fa6866b204dd0d14aec2cc48fc0a7 (patch) | |
| tree | 3ddcb000ec3b82f672fa892e8e44b1be4a5ebb33 /arch/x86/mm/fault.c | |
| parent | a57d985e378ca69f430b85852e4187db3698a89e (diff) | |
| parent | b2cc2a074de75671bbed5e2dda67a9252ef353ea (diff) | |
Merge branch 'x86-smap-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull x86/smap support from Ingo Molnar:
"This adds support for the SMAP (Supervisor Mode Access Prevention) CPU
feature on Intel CPUs: a hardware feature that prevents unintended
user-space data access from kernel privileged code.
It's turned on automatically when possible.
This, in combination with SMEP, makes it even harder to exploit kernel
bugs such as NULL pointer dereferences."
Fix up trivial conflict in arch/x86/kernel/entry_64.S due to newly added
includes right next to each other.
* 'x86-smap-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
x86, smep, smap: Make the switching functions one-way
x86, suspend: On wakeup always initialize cr4 and EFER
x86-32: Start out eflags and cr4 clean
x86, smap: Do not abuse the [f][x]rstor_checking() functions for user space
x86-32, smap: Add STAC/CLAC instructions to 32-bit kernel entry
x86, smap: Reduce the SMAP overhead for signal handling
x86, smap: A page fault due to SMAP is an oops
x86, smap: Turn on Supervisor Mode Access Prevention
x86, smap: Add STAC and CLAC instructions to control user space access
x86, uaccess: Merge prototypes for clear_user/__clear_user
x86, smap: Add a header file with macros for STAC/CLAC
x86, alternative: Add header guards to <asm/alternative-asm.h>
x86, alternative: Use .pushsection/.popsection
x86, smap: Add CR4 bit for SMAP
x86-32, mm: The WP test should be done on a kernel page
Diffstat (limited to 'arch/x86/mm/fault.c')
| -rw-r--r-- | arch/x86/mm/fault.c | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c index 7dde46d68a25..a530b230e7d7 100644 --- a/arch/x86/mm/fault.c +++ b/arch/x86/mm/fault.c | |||
| @@ -996,6 +996,17 @@ static int fault_in_kernel_space(unsigned long address) | |||
| 996 | return address >= TASK_SIZE_MAX; | 996 | return address >= TASK_SIZE_MAX; |
| 997 | } | 997 | } |
| 998 | 998 | ||
| 999 | static inline bool smap_violation(int error_code, struct pt_regs *regs) | ||
| 1000 | { | ||
| 1001 | if (error_code & PF_USER) | ||
| 1002 | return false; | ||
| 1003 | |||
| 1004 | if (!user_mode_vm(regs) && (regs->flags & X86_EFLAGS_AC)) | ||
| 1005 | return false; | ||
| 1006 | |||
| 1007 | return true; | ||
| 1008 | } | ||
| 1009 | |||
| 999 | /* | 1010 | /* |
| 1000 | * This routine handles page faults. It determines the address, | 1011 | * This routine handles page faults. It determines the address, |
| 1001 | * and the problem, and then passes it off to one of the appropriate | 1012 | * and the problem, and then passes it off to one of the appropriate |
| @@ -1089,6 +1100,13 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code) | |||
| 1089 | if (unlikely(error_code & PF_RSVD)) | 1100 | if (unlikely(error_code & PF_RSVD)) |
| 1090 | pgtable_bad(regs, error_code, address); | 1101 | pgtable_bad(regs, error_code, address); |
| 1091 | 1102 | ||
| 1103 | if (static_cpu_has(X86_FEATURE_SMAP)) { | ||
| 1104 | if (unlikely(smap_violation(error_code, regs))) { | ||
| 1105 | bad_area_nosemaphore(regs, error_code, address); | ||
| 1106 | return; | ||
| 1107 | } | ||
| 1108 | } | ||
| 1109 | |||
| 1092 | perf_sw_event(PERF_COUNT_SW_PAGE_FAULTS, 1, regs, address); | 1110 | perf_sw_event(PERF_COUNT_SW_PAGE_FAULTS, 1, regs, address); |
| 1093 | 1111 | ||
| 1094 | /* | 1112 | /* |