brain-hackers_pepepper-mirror/linux-brain
1
0
Fork 0
mirror of https://github.com/brain-hackers/linux-brain.git synced 2024-06-09 23:36:23 +09:00
Code Issues Projects Releases Wiki Activity
4.14-2.0.x-imx
linux-brain/arch/s390
History
Gerald Schaefer 6ff3dd9560 s390/mm: properly clear _PAGE_NOEXEC bit when it is not supported 
commit ab874f22d35a8058d8fdee5f13eb69d8867efeae upstream.

On older HW or under a hypervisor, w/o the instruction-execution-
protection (IEP) facility, and also w/o EDAT-1, a translation-specification
exception may be recognized when bit 55 of a pte is one (_PAGE_NOEXEC).

The current code tries to prevent setting _PAGE_NOEXEC in such cases,
by removing it within set_pte_at(). However, ptep_set_access_flags()
will modify a pte directly, w/o using set_pte_at(). There is at least
one scenario where this can result in an active pte with _PAGE_NOEXEC
set, which would then lead to a panic due to a translation-specification
exception (write to swapped out page):

do_swap_page
  pte = mk_pte (with _PAGE_NOEXEC bit)
  set_pte_at   (will remove _PAGE_NOEXEC bit in page table, but keep it
                in local variable pte)
  vmf->orig_pte = pte (pte still contains _PAGE_NOEXEC bit)
  do_wp_page
    wp_page_reuse
      entry = vmf->orig_pte (still with _PAGE_NOEXEC bit)
      ptep_set_access_flags (writes entry with _PAGE_NOEXEC bit)

Fix this by clearing _PAGE_NOEXEC already in mk_pte_phys(), where the
pgprot value is applied, so that no pte with _PAGE_NOEXEC will ever be
visible, if it is not supported. The check in set_pte_at() can then also
be removed.

Cc: <stable@vger.kernel.org> # 4.11+
Fixes: 57d7f939e7 ("s390: add no-execute support")
Signed-off-by: Gerald Schaefer <gerald.schaefer@de.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-12-17 20:39:30 +01:00
..
appldata License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
boot License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
configs s390: fix zfcpdump-config 2017-10-16 08:19:01 +02:00
crypto s390/crypto: xts-aes-s390 fix extra run-time crypto self tests finding 2019-10-05 12:48:01 +02:00
hypfs hypfs: Fix error number left in struct pointer member 2019-10-07 18:55:13 +02:00
include s390/mm: properly clear _PAGE_NOEXEC bit when it is not supported 2019-12-17 20:39:30 +01:00
kernel s390/perf: Return error when debug_register fails 2019-12-01 09:13:43 +01:00
kvm KVM: s390: unregister debug feature on failing arch init 2019-12-05 15:37:30 +01:00
lib s390/lib: use expoline for all bcr instructions 2018-09-15 09:45:36 +02:00
mm mm, gup: add missing refcount overflow checks on s390 2019-12-05 15:38:06 +01:00
net s390/bpf: use 32-bit index for tail calls 2019-09-21 07:15:31 +02:00
numa s390/mm: Fix ERROR: "__node_distance" undefined! 2018-11-27 16:10:48 +01:00
oprofile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
pci s390/pci: fix sleeping in atomic during hotplug 2019-01-09 17:14:48 +01:00
tools License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
defconfig s390: update defconfig 2017-06-08 15:53:48 +02:00
Kbuild s390/crypto: Provide s390 specific arch random functionality. 2017-04-26 13:41:35 +02:00
Kconfig s390: add sysfs attributes for spectre 2018-04-29 11:33:15 +02:00
Kconfig.debug License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
Makefile s390: add automatic detection of the spectre defense 2018-04-29 11:33:15 +02:00