mirror of
https://github.com/brain-hackers/linux-brain.git
synced 2024-06-09 23:36:23 +09:00
KPTI: Rename to PAGE_TABLE_ISOLATION
This renames CONFIG_KAISER to CONFIG_PAGE_TABLE_ISOLATION. Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
parent
59094faf3f
commit
e71fac0172
|
@ -9,7 +9,7 @@
|
||||||
*/
|
*/
|
||||||
#undef CONFIG_PARAVIRT
|
#undef CONFIG_PARAVIRT
|
||||||
#undef CONFIG_PARAVIRT_SPINLOCKS
|
#undef CONFIG_PARAVIRT_SPINLOCKS
|
||||||
#undef CONFIG_KAISER
|
#undef CONFIG_PAGE_TABLE_ISOLATION
|
||||||
#undef CONFIG_KASAN
|
#undef CONFIG_KASAN
|
||||||
|
|
||||||
#include <linux/linkage.h>
|
#include <linux/linkage.h>
|
||||||
|
|
|
@ -1071,7 +1071,7 @@ ENTRY(paranoid_entry)
|
||||||
SWAPGS
|
SWAPGS
|
||||||
xorl %ebx, %ebx
|
xorl %ebx, %ebx
|
||||||
1:
|
1:
|
||||||
#ifdef CONFIG_KAISER
|
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||||
/*
|
/*
|
||||||
* We might have come in between a swapgs and a SWITCH_KERNEL_CR3
|
* We might have come in between a swapgs and a SWITCH_KERNEL_CR3
|
||||||
* on entry, or between a SWITCH_USER_CR3 and a swapgs on exit.
|
* on entry, or between a SWITCH_USER_CR3 and a swapgs on exit.
|
||||||
|
@ -1111,7 +1111,7 @@ ENTRY(paranoid_exit)
|
||||||
DISABLE_INTERRUPTS(CLBR_NONE)
|
DISABLE_INTERRUPTS(CLBR_NONE)
|
||||||
TRACE_IRQS_OFF_DEBUG
|
TRACE_IRQS_OFF_DEBUG
|
||||||
TRACE_IRQS_IRETQ_DEBUG
|
TRACE_IRQS_IRETQ_DEBUG
|
||||||
#ifdef CONFIG_KAISER
|
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||||
/* No ALTERNATIVE for X86_FEATURE_KAISER: paranoid_entry sets %ebx */
|
/* No ALTERNATIVE for X86_FEATURE_KAISER: paranoid_entry sets %ebx */
|
||||||
testl $2, %ebx /* SWITCH_USER_CR3 needed? */
|
testl $2, %ebx /* SWITCH_USER_CR3 needed? */
|
||||||
jz paranoid_exit_no_switch
|
jz paranoid_exit_no_switch
|
||||||
|
@ -1340,7 +1340,7 @@ ENTRY(nmi)
|
||||||
|
|
||||||
movq %rsp, %rdi
|
movq %rsp, %rdi
|
||||||
movq $-1, %rsi
|
movq $-1, %rsi
|
||||||
#ifdef CONFIG_KAISER
|
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||||
/* Unconditionally use kernel CR3 for do_nmi() */
|
/* Unconditionally use kernel CR3 for do_nmi() */
|
||||||
/* %rax is saved above, so OK to clobber here */
|
/* %rax is saved above, so OK to clobber here */
|
||||||
ALTERNATIVE "jmp 2f", "movq %cr3, %rax", X86_FEATURE_KAISER
|
ALTERNATIVE "jmp 2f", "movq %cr3, %rax", X86_FEATURE_KAISER
|
||||||
|
@ -1354,7 +1354,7 @@ ENTRY(nmi)
|
||||||
#endif
|
#endif
|
||||||
call do_nmi
|
call do_nmi
|
||||||
|
|
||||||
#ifdef CONFIG_KAISER
|
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||||
/*
|
/*
|
||||||
* Unconditionally restore CR3. I know we return to
|
* Unconditionally restore CR3. I know we return to
|
||||||
* kernel code that needs user CR3, but do we ever return
|
* kernel code that needs user CR3, but do we ever return
|
||||||
|
@ -1584,7 +1584,7 @@ end_repeat_nmi:
|
||||||
1:
|
1:
|
||||||
movq %rsp, %rdi
|
movq %rsp, %rdi
|
||||||
movq $-1, %rsi
|
movq $-1, %rsi
|
||||||
#ifdef CONFIG_KAISER
|
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||||
/* Unconditionally use kernel CR3 for do_nmi() */
|
/* Unconditionally use kernel CR3 for do_nmi() */
|
||||||
/* %rax is saved above, so OK to clobber here */
|
/* %rax is saved above, so OK to clobber here */
|
||||||
ALTERNATIVE "jmp 2f", "movq %cr3, %rax", X86_FEATURE_KAISER
|
ALTERNATIVE "jmp 2f", "movq %cr3, %rax", X86_FEATURE_KAISER
|
||||||
|
@ -1600,7 +1600,7 @@ end_repeat_nmi:
|
||||||
/* paranoidentry do_nmi, 0; without TRACE_IRQS_OFF */
|
/* paranoidentry do_nmi, 0; without TRACE_IRQS_OFF */
|
||||||
call do_nmi
|
call do_nmi
|
||||||
|
|
||||||
#ifdef CONFIG_KAISER
|
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||||
/*
|
/*
|
||||||
* Unconditionally restore CR3. We might be returning to
|
* Unconditionally restore CR3. We might be returning to
|
||||||
* kernel code that needs user CR3, like just just before
|
* kernel code that needs user CR3, like just just before
|
||||||
|
|
|
@ -274,7 +274,7 @@ static DEFINE_PER_CPU(void *, insn_buffer);
|
||||||
|
|
||||||
static void *dsalloc(size_t size, gfp_t flags, int node)
|
static void *dsalloc(size_t size, gfp_t flags, int node)
|
||||||
{
|
{
|
||||||
#ifdef CONFIG_KAISER
|
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||||
unsigned int order = get_order(size);
|
unsigned int order = get_order(size);
|
||||||
struct page *page;
|
struct page *page;
|
||||||
unsigned long addr;
|
unsigned long addr;
|
||||||
|
@ -295,7 +295,7 @@ static void *dsalloc(size_t size, gfp_t flags, int node)
|
||||||
|
|
||||||
static void dsfree(const void *buffer, size_t size)
|
static void dsfree(const void *buffer, size_t size)
|
||||||
{
|
{
|
||||||
#ifdef CONFIG_KAISER
|
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||||
if (!buffer)
|
if (!buffer)
|
||||||
return;
|
return;
|
||||||
kaiser_remove_mapping((unsigned long)buffer, size);
|
kaiser_remove_mapping((unsigned long)buffer, size);
|
||||||
|
|
|
@ -199,7 +199,7 @@
|
||||||
#define X86_FEATURE_AVX512_4FMAPS (7*32+17) /* AVX-512 Multiply Accumulation Single precision */
|
#define X86_FEATURE_AVX512_4FMAPS (7*32+17) /* AVX-512 Multiply Accumulation Single precision */
|
||||||
|
|
||||||
/* Because the ALTERNATIVE scheme is for members of the X86_FEATURE club... */
|
/* Because the ALTERNATIVE scheme is for members of the X86_FEATURE club... */
|
||||||
#define X86_FEATURE_KAISER ( 7*32+31) /* CONFIG_KAISER w/o nokaiser */
|
#define X86_FEATURE_KAISER ( 7*32+31) /* CONFIG_PAGE_TABLE_ISOLATION w/o nokaiser */
|
||||||
|
|
||||||
/* Virtualization flags: Linux defined, word 8 */
|
/* Virtualization flags: Linux defined, word 8 */
|
||||||
#define X86_FEATURE_TPR_SHADOW ( 8*32+ 0) /* Intel TPR Shadow */
|
#define X86_FEATURE_TPR_SHADOW ( 8*32+ 0) /* Intel TPR Shadow */
|
||||||
|
|
|
@ -20,7 +20,7 @@
|
||||||
#define KAISER_SHADOW_PGD_OFFSET 0x1000
|
#define KAISER_SHADOW_PGD_OFFSET 0x1000
|
||||||
|
|
||||||
#ifdef __ASSEMBLY__
|
#ifdef __ASSEMBLY__
|
||||||
#ifdef CONFIG_KAISER
|
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||||
|
|
||||||
.macro _SWITCH_TO_KERNEL_CR3 reg
|
.macro _SWITCH_TO_KERNEL_CR3 reg
|
||||||
movq %cr3, \reg
|
movq %cr3, \reg
|
||||||
|
@ -69,7 +69,7 @@ movq PER_CPU_VAR(unsafe_stack_register_backup), %rax
|
||||||
8:
|
8:
|
||||||
.endm
|
.endm
|
||||||
|
|
||||||
#else /* CONFIG_KAISER */
|
#else /* CONFIG_PAGE_TABLE_ISOLATION */
|
||||||
|
|
||||||
.macro SWITCH_KERNEL_CR3
|
.macro SWITCH_KERNEL_CR3
|
||||||
.endm
|
.endm
|
||||||
|
@ -78,11 +78,11 @@ movq PER_CPU_VAR(unsafe_stack_register_backup), %rax
|
||||||
.macro SWITCH_KERNEL_CR3_NO_STACK
|
.macro SWITCH_KERNEL_CR3_NO_STACK
|
||||||
.endm
|
.endm
|
||||||
|
|
||||||
#endif /* CONFIG_KAISER */
|
#endif /* CONFIG_PAGE_TABLE_ISOLATION */
|
||||||
|
|
||||||
#else /* __ASSEMBLY__ */
|
#else /* __ASSEMBLY__ */
|
||||||
|
|
||||||
#ifdef CONFIG_KAISER
|
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||||
/*
|
/*
|
||||||
* Upon kernel/user mode switch, it may happen that the address
|
* Upon kernel/user mode switch, it may happen that the address
|
||||||
* space has to be switched before the registers have been
|
* space has to be switched before the registers have been
|
||||||
|
@ -100,10 +100,10 @@ extern void __init kaiser_check_boottime_disable(void);
|
||||||
#else
|
#else
|
||||||
#define kaiser_enabled 0
|
#define kaiser_enabled 0
|
||||||
static inline void __init kaiser_check_boottime_disable(void) {}
|
static inline void __init kaiser_check_boottime_disable(void) {}
|
||||||
#endif /* CONFIG_KAISER */
|
#endif /* CONFIG_PAGE_TABLE_ISOLATION */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Kaiser function prototypes are needed even when CONFIG_KAISER is not set,
|
* Kaiser function prototypes are needed even when CONFIG_PAGE_TABLE_ISOLATION is not set,
|
||||||
* so as to build with tests on kaiser_enabled instead of #ifdefs.
|
* so as to build with tests on kaiser_enabled instead of #ifdefs.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
|
|
@ -18,7 +18,7 @@
|
||||||
#ifndef __ASSEMBLY__
|
#ifndef __ASSEMBLY__
|
||||||
#include <asm/x86_init.h>
|
#include <asm/x86_init.h>
|
||||||
|
|
||||||
#ifdef CONFIG_KAISER
|
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||||
extern int kaiser_enabled;
|
extern int kaiser_enabled;
|
||||||
#else
|
#else
|
||||||
#define kaiser_enabled 0
|
#define kaiser_enabled 0
|
||||||
|
@ -920,7 +920,7 @@ static inline void pmdp_set_wrprotect(struct mm_struct *mm,
|
||||||
static inline void clone_pgd_range(pgd_t *dst, pgd_t *src, int count)
|
static inline void clone_pgd_range(pgd_t *dst, pgd_t *src, int count)
|
||||||
{
|
{
|
||||||
memcpy(dst, src, count * sizeof(pgd_t));
|
memcpy(dst, src, count * sizeof(pgd_t));
|
||||||
#ifdef CONFIG_KAISER
|
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||||
if (kaiser_enabled) {
|
if (kaiser_enabled) {
|
||||||
/* Clone the shadow pgd part as well */
|
/* Clone the shadow pgd part as well */
|
||||||
memcpy(native_get_shadow_pgd(dst),
|
memcpy(native_get_shadow_pgd(dst),
|
||||||
|
|
|
@ -106,7 +106,7 @@ static inline void native_pud_clear(pud_t *pud)
|
||||||
native_set_pud(pud, native_make_pud(0));
|
native_set_pud(pud, native_make_pud(0));
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef CONFIG_KAISER
|
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||||
extern pgd_t kaiser_set_shadow_pgd(pgd_t *pgdp, pgd_t pgd);
|
extern pgd_t kaiser_set_shadow_pgd(pgd_t *pgdp, pgd_t pgd);
|
||||||
|
|
||||||
static inline pgd_t *native_get_shadow_pgd(pgd_t *pgdp)
|
static inline pgd_t *native_get_shadow_pgd(pgd_t *pgdp)
|
||||||
|
@ -127,7 +127,7 @@ static inline pgd_t *native_get_shadow_pgd(pgd_t *pgdp)
|
||||||
BUILD_BUG_ON(1);
|
BUILD_BUG_ON(1);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
#endif /* CONFIG_KAISER */
|
#endif /* CONFIG_PAGE_TABLE_ISOLATION */
|
||||||
|
|
||||||
static inline void native_set_pgd(pgd_t *pgdp, pgd_t pgd)
|
static inline void native_set_pgd(pgd_t *pgdp, pgd_t pgd)
|
||||||
{
|
{
|
||||||
|
|
|
@ -144,7 +144,7 @@
|
||||||
#define X86_CR3_PCID_MASK (X86_CR3_PCID_NOFLUSH | X86_CR3_PCID_ASID_MASK)
|
#define X86_CR3_PCID_MASK (X86_CR3_PCID_NOFLUSH | X86_CR3_PCID_ASID_MASK)
|
||||||
#define X86_CR3_PCID_ASID_KERN (_AC(0x0,UL))
|
#define X86_CR3_PCID_ASID_KERN (_AC(0x0,UL))
|
||||||
|
|
||||||
#if defined(CONFIG_KAISER) && defined(CONFIG_X86_64)
|
#if defined(CONFIG_PAGE_TABLE_ISOLATION) && defined(CONFIG_X86_64)
|
||||||
/* Let X86_CR3_PCID_ASID_USER be usable for the X86_CR3_PCID_NOFLUSH bit */
|
/* Let X86_CR3_PCID_ASID_USER be usable for the X86_CR3_PCID_NOFLUSH bit */
|
||||||
#define X86_CR3_PCID_ASID_USER (_AC(0x80,UL))
|
#define X86_CR3_PCID_ASID_USER (_AC(0x80,UL))
|
||||||
|
|
||||||
|
|
|
@ -136,7 +136,7 @@ static inline void cr4_set_bits_and_update_boot(unsigned long mask)
|
||||||
* Declare a couple of kaiser interfaces here for convenience,
|
* Declare a couple of kaiser interfaces here for convenience,
|
||||||
* to avoid the need for asm/kaiser.h in unexpected places.
|
* to avoid the need for asm/kaiser.h in unexpected places.
|
||||||
*/
|
*/
|
||||||
#ifdef CONFIG_KAISER
|
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||||
extern int kaiser_enabled;
|
extern int kaiser_enabled;
|
||||||
extern void kaiser_setup_pcid(void);
|
extern void kaiser_setup_pcid(void);
|
||||||
extern void kaiser_flush_tlb_on_return_to_user(void);
|
extern void kaiser_flush_tlb_on_return_to_user(void);
|
||||||
|
|
|
@ -405,7 +405,7 @@ GLOBAL(early_recursion_flag)
|
||||||
.balign PAGE_SIZE; \
|
.balign PAGE_SIZE; \
|
||||||
GLOBAL(name)
|
GLOBAL(name)
|
||||||
|
|
||||||
#ifdef CONFIG_KAISER
|
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||||
/*
|
/*
|
||||||
* Each PGD needs to be 8k long and 8k aligned. We do not
|
* Each PGD needs to be 8k long and 8k aligned. We do not
|
||||||
* ever go out to userspace with these, so we do not
|
* ever go out to userspace with these, so we do not
|
||||||
|
|
|
@ -38,4 +38,4 @@ obj-$(CONFIG_NUMA_EMU) += numa_emulation.o
|
||||||
obj-$(CONFIG_X86_INTEL_MPX) += mpx.o
|
obj-$(CONFIG_X86_INTEL_MPX) += mpx.o
|
||||||
obj-$(CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS) += pkeys.o
|
obj-$(CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS) += pkeys.o
|
||||||
obj-$(CONFIG_RANDOMIZE_MEMORY) += kaslr.o
|
obj-$(CONFIG_RANDOMIZE_MEMORY) += kaslr.o
|
||||||
obj-$(CONFIG_KAISER) += kaiser.o
|
obj-$(CONFIG_PAGE_TABLE_ISOLATION) += kaiser.o
|
||||||
|
|
|
@ -189,6 +189,6 @@ void __meminit init_trampoline(void)
|
||||||
*pud_tramp = *pud;
|
*pud_tramp = *pud;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Avoid set_pgd(), in case it's complicated by CONFIG_KAISER */
|
/* Avoid set_pgd(), in case it's complicated by CONFIG_PAGE_TABLE_ISOLATION */
|
||||||
trampoline_pgd_entry = __pgd(_KERNPG_TABLE | __pa(pud_page_tramp));
|
trampoline_pgd_entry = __pgd(_KERNPG_TABLE | __pa(pud_page_tramp));
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
#ifndef _LINUX_KAISER_H
|
#ifndef _LINUX_KAISER_H
|
||||||
#define _LINUX_KAISER_H
|
#define _LINUX_KAISER_H
|
||||||
|
|
||||||
#ifdef CONFIG_KAISER
|
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||||
#include <asm/kaiser.h>
|
#include <asm/kaiser.h>
|
||||||
|
|
||||||
static inline int kaiser_map_thread_stack(void *stack)
|
static inline int kaiser_map_thread_stack(void *stack)
|
||||||
|
@ -24,7 +24,7 @@ static inline void kaiser_unmap_thread_stack(void *stack)
|
||||||
#else
|
#else
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* These stubs are used whenever CONFIG_KAISER is off, which
|
* These stubs are used whenever CONFIG_PAGE_TABLE_ISOLATION is off, which
|
||||||
* includes architectures that support KAISER, but have it disabled.
|
* includes architectures that support KAISER, but have it disabled.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
@ -48,5 +48,5 @@ static inline void kaiser_unmap_thread_stack(void *stack)
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
|
|
||||||
#endif /* !CONFIG_KAISER */
|
#endif /* !CONFIG_PAGE_TABLE_ISOLATION */
|
||||||
#endif /* _LINUX_KAISER_H */
|
#endif /* _LINUX_KAISER_H */
|
||||||
|
|
|
@ -35,7 +35,7 @@
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef CONFIG_KAISER
|
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||||
#define USER_MAPPED_SECTION "..user_mapped"
|
#define USER_MAPPED_SECTION "..user_mapped"
|
||||||
#else
|
#else
|
||||||
#define USER_MAPPED_SECTION ""
|
#define USER_MAPPED_SECTION ""
|
||||||
|
|
|
@ -31,7 +31,7 @@ config SECURITY
|
||||||
|
|
||||||
If you are unsure how to answer this question, answer N.
|
If you are unsure how to answer this question, answer N.
|
||||||
|
|
||||||
config KAISER
|
config PAGE_TABLE_ISOLATION
|
||||||
bool "Remove the kernel mapping in user mode"
|
bool "Remove the kernel mapping in user mode"
|
||||||
default y
|
default y
|
||||||
depends on X86_64 && SMP
|
depends on X86_64 && SMP
|
||||||
|
|
|
@ -198,7 +198,7 @@
|
||||||
#define X86_FEATURE_AVX512_4FMAPS (7*32+17) /* AVX-512 Multiply Accumulation Single precision */
|
#define X86_FEATURE_AVX512_4FMAPS (7*32+17) /* AVX-512 Multiply Accumulation Single precision */
|
||||||
|
|
||||||
/* Because the ALTERNATIVE scheme is for members of the X86_FEATURE club... */
|
/* Because the ALTERNATIVE scheme is for members of the X86_FEATURE club... */
|
||||||
#define X86_FEATURE_KAISER ( 7*32+31) /* CONFIG_KAISER w/o nokaiser */
|
#define X86_FEATURE_KAISER ( 7*32+31) /* CONFIG_PAGE_TABLE_ISOLATION w/o nokaiser */
|
||||||
|
|
||||||
/* Virtualization flags: Linux defined, word 8 */
|
/* Virtualization flags: Linux defined, word 8 */
|
||||||
#define X86_FEATURE_TPR_SHADOW ( 8*32+ 0) /* Intel TPR Shadow */
|
#define X86_FEATURE_TPR_SHADOW ( 8*32+ 0) /* Intel TPR Shadow */
|
||||||
|
|
Loading…
Reference in New Issue
Block a user