1. 05 Dec, 2018 25 commits
  2. 01 Dec, 2018 1 commit
  3. 27 Nov, 2018 3 commits
    • Kirill A. Shutemov's avatar
      x86/ldt: Unmap PTEs for the slot before freeing LDT pages · a17989cb
      Kirill A. Shutemov authored
      commit a0e6e083 upstream
      
      modify_ldt(2) leaves the old LDT mapped after switching over to the new
      one. The old LDT gets freed and the pages can be re-used.
      
      Leaving the mapping in place can have security implications. The mapping is
      present in the userspace page tables and Meltdown-like attacks can read
      these freed and possibly reused pages.
      
      It's relatively simple to fix: unmap the old LDT and flush TLB before
      freeing the old LDT memory.
      
      This further allows to avoid flushing the TLB in map_ldt_struct() as the
      slot is unmapped and flushed by unmap_ldt_struct() or has never been mapped
      at all.
      
      [ tglx: Massaged changelog and removed the needless line breaks ]
      
      Fixes: f55f0501 ("x86/pti: Put the LDT in its own PGD if PTI is on")
      Signed-off-by: default avatarKirill A. Shutemov <kirill.shutemov@linux.intel.com>
      Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
      Cc: bp@alien8.de
      Cc: hpa@zytor.com
      Cc: dave.hansen@linux.intel.com
      Cc: luto@kernel.org
      Cc: peterz@infradead.org
      Cc: boris.ostrovsky@oracle.com
      Cc: jgross@suse.com
      Cc: bhe@redhat.com
      Cc: willy@infradead.org
      Cc: linux-mm@kvack.org
      Cc: stable@vger.kernel.org
      Link: https://lkml.kernel.org/r/20181026122856.66224-3-kirill.shutemov@linux.intel.comSigned-off-by: default avatarSasha Levin <sashal@kernel.org>
      a17989cb
    • Kirill A. Shutemov's avatar
      x86/mm: Move LDT remap out of KASLR region on 5-level paging · d412ab7c
      Kirill A. Shutemov authored
      commit d52888aa upstream
      
      On 5-level paging the LDT remap area is placed in the middle of the KASLR
      randomization region and it can overlap with the direct mapping, the
      vmalloc or the vmap area.
      
      The LDT mapping is per mm, so it cannot be moved into the P4D page table
      next to the CPU_ENTRY_AREA without complicating PGD table allocation for
      5-level paging.
      
      The 4 PGD slot gap just before the direct mapping is reserved for
      hypervisors, so it cannot be used.
      
      Move the direct mapping one slot deeper and use the resulting gap for the
      LDT remap area. The resulting layout is the same for 4 and 5 level paging.
      
      [ tglx: Massaged changelog ]
      
      Fixes: f55f0501 ("x86/pti: Put the LDT in its own PGD if PTI is on")
      Signed-off-by: default avatarKirill A. Shutemov <kirill.shutemov@linux.intel.com>
      Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
      Reviewed-by: default avatarAndy Lutomirski <luto@kernel.org>
      Cc: bp@alien8.de
      Cc: hpa@zytor.com
      Cc: dave.hansen@linux.intel.com
      Cc: peterz@infradead.org
      Cc: boris.ostrovsky@oracle.com
      Cc: jgross@suse.com
      Cc: bhe@redhat.com
      Cc: willy@infradead.org
      Cc: linux-mm@kvack.org
      Cc: stable@vger.kernel.org
      Link: https://lkml.kernel.org/r/20181026122856.66224-2-kirill.shutemov@linux.intel.comSigned-off-by: default avatarSasha Levin <sashal@kernel.org>
      d412ab7c
    • Feng Tang's avatar
      x86/earlyprintk: Add a force option for pciserial device · ad2e60ff
      Feng Tang authored
      [ Upstream commit d2266bbf ]
      
      The "pciserial" earlyprintk variant helps much on many modern x86
      platforms, but unfortunately there are still some platforms with PCI
      UART devices which have the wrong PCI class code. In that case, the
      current class code check does not allow for them to be used for logging.
      
      Add a sub-option "force" which overrides the class code check and thus
      the use of such device can be enforced.
      
       [ bp: massage formulations. ]
      Suggested-by: default avatarBorislav Petkov <bp@alien8.de>
      Signed-off-by: default avatarFeng Tang <feng.tang@intel.com>
      Signed-off-by: default avatarBorislav Petkov <bp@suse.de>
      Cc: "H. Peter Anvin" <hpa@zytor.com>
      Cc: "Stuart R . Anderson" <stuart.r.anderson@intel.com>
      Cc: Bjorn Helgaas <bhelgaas@google.com>
      Cc: David Rientjes <rientjes@google.com>
      Cc: Feng Tang <feng.tang@intel.com>
      Cc: Frederic Weisbecker <frederic@kernel.org>
      Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      Cc: H Peter Anvin <hpa@linux.intel.com>
      Cc: Ingo Molnar <mingo@kernel.org>
      Cc: Jiri Kosina <jkosina@suse.cz>
      Cc: Jonathan Corbet <corbet@lwn.net>
      Cc: Kai-Heng Feng <kai.heng.feng@canonical.com>
      Cc: Kate Stewart <kstewart@linuxfoundation.org>
      Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Philippe Ombredanne <pombredanne@nexb.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Thymo van Beers <thymovanbeers@gmail.com>
      Cc: alan@linux.intel.com
      Cc: linux-doc@vger.kernel.org
      Link: http://lkml.kernel.org/r/20181002164921.25833-1-feng.tang@intel.comSigned-off-by: default avatarSasha Levin <sashal@kernel.org>
      ad2e60ff
  4. 23 Nov, 2018 1 commit
  5. 21 Nov, 2018 3 commits
  6. 13 Nov, 2018 7 commits