| From keescook@chromium.org Thu Aug 1 11:10:06 2013 |
| From: Kees Cook <keescook@chromium.org> |
| Date: Mon, 15 Jul 2013 11:50:45 -0700 |
| Subject: x86: make sure IDT is page aligned |
| To: linux-kernel@vger.kernel.org |
| Cc: Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>, x86@kernel.org, Yinghai Lu <yinghai@kernel.org>, Seiji Aguchi <seiji.aguchi@hds.com>, Fenghua Yu <fenghua.yu@intel.com>, PaX Team <pageexec@gmail.com> |
| Message-ID: <20130715185045.GA24133@www.outflux.net> |
| |
| From: Kees Cook <keescook@chromium.org> |
| |
| based on 4df05f361937ee86e5a8c9ead8aeb6a19ea9b7d7 upstream. |
| |
| Since the IDT is referenced from a fixmap, make sure it is page aligned. |
| This avoids the risk of the IDT ever being moved in the bss and having |
| the mapping be offset, resulting in calling incorrect handlers. In the |
| current upstream kernel this is not a manifested bug, but heavily patched |
| kernels (such as those using the PaX patch series) did encounter this bug. |
| |
| Signed-off-by: Kees Cook <keescook@chromium.org> |
| Reported-by: PaX Team <pageexec@gmail.com> |
| Cc: Thomas Gleixner <tglx@linutronix.de> |
| Cc: Ingo Molnar <mingo@redhat.com> |
| Cc: "H. Peter Anvin" <hpa@zytor.com> |
| Cc: Yinghai Lu <yinghai@kernel.org> |
| Cc: Seiji Aguchi <seiji.aguchi@hds.com> |
| Cc: Fenghua Yu <fenghua.yu@intel.com> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| |
| --- |
| arch/x86/kernel/head_64.S | 2 +- |
| 1 file changed, 1 insertion(+), 1 deletion(-) |
| |
| --- a/arch/x86/kernel/head_64.S |
| +++ b/arch/x86/kernel/head_64.S |
| @@ -513,7 +513,7 @@ ENTRY(phys_base) |
| #include "../../x86/xen/xen-head.S" |
| |
| .section .bss, "aw", @nobits |
| - .align L1_CACHE_BYTES |
| + .align PAGE_SIZE |
| ENTRY(idt_table) |
| .skip IDT_ENTRIES * 16 |
| |
