| From 3958b9c34c2729597e182cc606cc43942fd19f7c Mon Sep 17 00:00:00 2001 |
| From: Vegard Nossum <vegard.nossum@oracle.com> |
| Date: Mon, 4 Oct 2021 00:34:23 +0200 |
| Subject: x86/entry: Clear X86_FEATURE_SMAP when CONFIG_X86_SMAP=n |
| |
| From: Vegard Nossum <vegard.nossum@oracle.com> |
| |
| commit 3958b9c34c2729597e182cc606cc43942fd19f7c upstream. |
| |
| Commit |
| |
| 3c73b81a9164 ("x86/entry, selftests: Further improve user entry sanity checks") |
| |
| added a warning if AC is set when in the kernel. |
| |
| Commit |
| |
| 662a0221893a3d ("x86/entry: Fix AC assertion") |
| |
| changed the warning to only fire if the CPU supports SMAP. |
| |
| However, the warning can still trigger on a machine that supports SMAP |
| but where it's disabled in the kernel config and when running the |
| syscall_nt selftest, for example: |
| |
| ------------[ cut here ]------------ |
| WARNING: CPU: 0 PID: 49 at irqentry_enter_from_user_mode |
| CPU: 0 PID: 49 Comm: init Tainted: G T 5.15.0-rc4+ #98 e6202628ee053b4f310759978284bd8bb0ce6905 |
| Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014 |
| RIP: 0010:irqentry_enter_from_user_mode |
| ... |
| Call Trace: |
| ? irqentry_enter |
| ? exc_general_protection |
| ? asm_exc_general_protection |
| ? asm_exc_general_protectio |
| |
| IS_ENABLED(CONFIG_X86_SMAP) could be added to the warning condition, but |
| even this would not be enough in case SMAP is disabled at boot time with |
| the "nosmap" parameter. |
| |
| To be consistent with "nosmap" behaviour, clear X86_FEATURE_SMAP when |
| !CONFIG_X86_SMAP. |
| |
| Found using entry-fuzz + satrandconfig. |
| |
| [ bp: Massage commit message. ] |
| |
| Fixes: 3c73b81a9164 ("x86/entry, selftests: Further improve user entry sanity checks") |
| Fixes: 662a0221893a ("x86/entry: Fix AC assertion") |
| Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com> |
| Signed-off-by: Borislav Petkov <bp@suse.de> |
| Cc: stable@vger.kernel.org |
| Link: https://lkml.kernel.org/r/20211003223423.8666-1-vegard.nossum@oracle.com |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| --- |
| arch/x86/kernel/cpu/common.c | 1 + |
| 1 file changed, 1 insertion(+) |
| |
| --- a/arch/x86/kernel/cpu/common.c |
| +++ b/arch/x86/kernel/cpu/common.c |
| @@ -320,6 +320,7 @@ static __always_inline void setup_smap(s |
| #ifdef CONFIG_X86_SMAP |
| cr4_set_bits(X86_CR4_SMAP); |
| #else |
| + clear_cpu_cap(c, X86_FEATURE_SMAP); |
| cr4_clear_bits(X86_CR4_SMAP); |
| #endif |
| } |