mirror of
https://github.com/Fishwaldo/linux-bl808.git
synced 2025-06-17 20:25:19 +00:00
f55f0501cb
With PTI enabled, the LDT must be mapped in the usermode tables somewhere. The LDT is per process, i.e. per mm. An earlier approach mapped the LDT on context switch into a fixmap area, but that's a big overhead and exhausted the fixmap space when NR_CPUS got big. Take advantage of the fact that there is an address space hole which provides a completely unused pgd. Use this pgd to manage per-mm LDT mappings. This has a down side: the LDT isn't (currently) randomized, and an attack that can write the LDT is instant root due to call gates (thanks, AMD, for leaving call gates in AMD64 but designing them wrong so they're only useful for exploits). This can be mitigated by making the LDT read-only or randomizing the mapping, either of which is strightforward on top of this patch. This will significantly slow down LDT users, but that shouldn't matter for important workloads -- the LDT is only used by DOSEMU(2), Wine, and very old libc implementations. [ tglx: Cleaned it up. ] Signed-off-by: Andy Lutomirski <luto@kernel.org> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Cc: Borislav Petkov <bp@alien8.de> Cc: Brian Gerst <brgerst@gmail.com> Cc: Dave Hansen <dave.hansen@intel.com> Cc: Dave Hansen <dave.hansen@linux.intel.com> Cc: David Laight <David.Laight@aculab.com> Cc: H. Peter Anvin <hpa@zytor.com> Cc: Josh Poimboeuf <jpoimboe@redhat.com> Cc: Juergen Gross <jgross@suse.com> Cc: Kees Cook <keescook@chromium.org> Cc: Kirill A. Shutemov <kirill@shutemov.name> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Peter Zijlstra <peterz@infradead.org> Signed-off-by: Ingo Molnar <mingo@kernel.org> |
||
|---|---|---|
| .. | ||
| ABI | ||
| accounting | ||
| acpi | ||
| admin-guide | ||
| aoe | ||
| arm | ||
| arm64 | ||
| auxdisplay | ||
| backlight | ||
| blackfin | ||
| block | ||
| blockdev | ||
| bus-devices | ||
| cdrom | ||
| cgroup-v1 | ||
| cma | ||
| connector | ||
| console | ||
| core-api | ||
| cpu-freq | ||
| cpuidle | ||
| cris | ||
| crypto | ||
| dev-tools | ||
| device-mapper | ||
| devicetree | ||
| dmaengine | ||
| doc-guide | ||
| driver-api | ||
| driver-model | ||
| early-userspace | ||
| EDID | ||
| extcon | ||
| fault-injection | ||
| fb | ||
| features | ||
| filesystems | ||
| firmware_class | ||
| fmc | ||
| fpga | ||
| frv | ||
| gpio | ||
| gpu | ||
| hid | ||
| hwmon | ||
| i2c | ||
| ia64 | ||
| ide | ||
| iio | ||
| infiniband | ||
| input | ||
| ioctl | ||
| isdn | ||
| kbuild | ||
| kdump | ||
| kernel-hacking | ||
| laptops | ||
| leds | ||
| lightnvm | ||
| livepatch | ||
| locking | ||
| m68k | ||
| md | ||
| media | ||
| memory-devices | ||
| metag | ||
| mic | ||
| mips | ||
| misc-devices | ||
| mmc | ||
| mn10300 | ||
| mtd | ||
| namespaces | ||
| netlabel | ||
| networking | ||
| nfc | ||
| nios2 | ||
| nvdimm | ||
| nvmem | ||
| parisc | ||
| PCI | ||
| pcmcia | ||
| perf | ||
| phy | ||
| platform | ||
| power | ||
| powerpc | ||
| pps | ||
| process | ||
| pti | ||
| ptp | ||
| rapidio | ||
| RCU | ||
| s390 | ||
| scheduler | ||
| scsi | ||
| security | ||
| serial | ||
| sh | ||
| sound | ||
| sparc | ||
| sphinx | ||
| sphinx-static | ||
| spi | ||
| sysctl | ||
| target | ||
| thermal | ||
| timers | ||
| trace | ||
| translations | ||
| usb | ||
| userspace-api | ||
| virtual | ||
| vm | ||
| w1 | ||
| watchdog | ||
| wimax | ||
| x86 | ||
| xtensa | ||
| .gitignore | ||
| 00-INDEX | ||
| atomic_bitops.txt | ||
| atomic_t.txt | ||
| bcache.txt | ||
| bt8xxgpio.txt | ||
| btmrvl.txt | ||
| bus-virt-phys-mapping.txt | ||
| cachetlb.txt | ||
| cgroup-v2.txt | ||
| Changes | ||
| circular-buffers.txt | ||
| clk.txt | ||
| CodingStyle | ||
| conf.py | ||
| cpu-load.txt | ||
| cputopology.txt | ||
| crc32.txt | ||
| dcdbas.txt | ||
| debugging-modules.txt | ||
| debugging-via-ohci1394.txt | ||
| dell_rbu.txt | ||
| digsig.txt | ||
| DMA-API-HOWTO.txt | ||
| DMA-API.txt | ||
| DMA-attributes.txt | ||
| DMA-ISA-LPC.txt | ||
| docutils.conf | ||
| dontdiff | ||
| efi-stub.txt | ||
| eisa.txt | ||
| errseq.rst | ||
| flexible-arrays.txt | ||
| futex-requeue-pi.txt | ||
| gcc-plugins.txt | ||
| highuid.txt | ||
| hw_random.txt | ||
| hwspinlock.txt | ||
| index.rst | ||
| Intel-IOMMU.txt | ||
| intel_txt.txt | ||
| io-mapping.txt | ||
| io_ordering.txt | ||
| iostats.txt | ||
| IPMI.txt | ||
| IRQ-affinity.txt | ||
| IRQ-domain.txt | ||
| IRQ.txt | ||
| irqflags-tracing.txt | ||
| isa.txt | ||
| isapnp.txt | ||
| kernel-doc-nano-HOWTO.txt | ||
| kernel-per-CPU-kthreads.txt | ||
| kobject.txt | ||
| kprobes.txt | ||
| kref.txt | ||
| ldm.txt | ||
| lockup-watchdogs.txt | ||
| logo.gif | ||
| logo.txt | ||
| lsm.txt | ||
| lzo.txt | ||
| mailbox.txt | ||
| Makefile | ||
| memory-barriers.txt | ||
| memory-hotplug.txt | ||
| men-chameleon-bus.txt | ||
| nommu-mmap.txt | ||
| ntb.txt | ||
| numastat.txt | ||
| padata.txt | ||
| parport-lowlevel.txt | ||
| percpu-rw-semaphore.txt | ||
| phy.txt | ||
| pi-futex.txt | ||
| pnp.txt | ||
| preempt-locking.txt | ||
| printk-formats.txt | ||
| pwm.txt | ||
| rbtree.txt | ||
| remoteproc.txt | ||
| rfkill.txt | ||
| robust-futex-ABI.txt | ||
| robust-futexes.txt | ||
| rpmsg.txt | ||
| rtc.txt | ||
| SAK.txt | ||
| sgi-ioc4.txt | ||
| siphash.txt | ||
| SM501.txt | ||
| smsc_ece1099.txt | ||
| static-keys.txt | ||
| SubmittingPatches | ||
| svga.txt | ||
| switchtec.txt | ||
| sync_file.txt | ||
| tee.txt | ||
| this_cpu_ops.txt | ||
| unaligned-memory-access.txt | ||
| vfio-mediated-device.txt | ||
| vfio.txt | ||
| video-output.txt | ||
| xillybus.txt | ||
| xz.txt | ||
| zorro.txt | ||
