Google Git
Sign in
kernel / pub / scm / linux / kernel / git / daveh / x86-kaiser / f3aebe792497b0beab0338983d812060b4519cf7
commitf3aebe792497b0beab0338983d812060b4519cf7[log] [tgz]
authorDave Hansen <dave.hansen@intel.com>Mon Nov 06 17:30:08 2017 -0800
committerDave Hansen <dave.hansen@intel.com>Mon Nov 06 17:30:08 2017 -0800
tree018477e347ee472fad377fb40a86d767b4b68e59
parent041889c414543f8b1a7217957122ffdacec653cf [diff]
x86, kaiser: un-poison PGDs at runtime

From: Dave Hansen <dave.hansen@linux.intel.com>

We poison kernel PGDs that map userspace with the NX bit.  This
ensures that if we miss a kernel->user CR3 switch, userspace
crashes instead of running in an unhardened state.

We will need this code in a moment when we turn kaiser on and off
at runtime.

Note that we now need an __ASSEMBLY__ #ifdef since we are now
indirectly including kaiser.h into assembly.

Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Moritz Lipp <moritz.lipp@iaik.tugraz.at>
Cc: Daniel Gruss <daniel.gruss@iaik.tugraz.at>
Cc: Michael Schwarz <michael.schwarz@iaik.tugraz.at>
Cc: Richard Fellner <richard.fellner@student.tugraz.at>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Kees Cook <keescook@google.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: x86@kernel.org
3 files changed
tree: 018477e347ee472fad377fb40a86d767b4b68e59
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .cocciconfig
  24. .get_maintainer.ignore
  25. .gitattributes
  26. .gitignore
  27. .mailmap
  28. COPYING
  29. CREDITS
  30. Kbuild
  31. Kconfig
  32. MAINTAINERS
  33. Makefile
  34. README