• Andy Lutomirski's avatar
    x86/entry/64: Make cpu_entry_area.tss read-only · c482feef
    Andy Lutomirski authored
    The TSS is a fairly juicy target for exploits, and, now that the TSS
    is in the cpu_entry_area, it's no longer protected by kASLR.  Make it
    read-only on x86_64.
    
    On x86_32, it can't be RO because it's written by the CPU during task
    switches, and we use a task gate for double faults.  I'd also be
    nervous about errata if we tried to make it RO even on configurations
    without double fault handling.
    
    [ tglx: AMD confirmed that there is no problem on 64-bit with TSS RO.  So
      	it's probably safe to assume that it's a non issue, though Intel
      	might have been creative in that area. Still waiting for
      	confirmation. ]
    Signed-off-by: default avatarAndy Lutomirski <luto@kernel.org>
    Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
    Reviewed-by: default avatarBorislav Petkov <bpetkov@suse.de>
    Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
    Cc: Borislav Petkov <bp@alien8.de>
    Cc: Brian Gerst <brgerst@gmail.com>
    Cc: Dave Hansen <dave.hansen@intel.com>
    Cc: Dave Hansen <dave.hansen@linux.intel.com>
    Cc: David Laight <David.Laight@aculab.com>
    Cc: Denys Vlasenko <dvlasenk@redhat.com>
    Cc: Eduardo Valentin <eduval@amazon.com>
    Cc: Greg KH <gregkh@linuxfoundation.org>
    Cc: H. Peter Anvin <hpa@zytor.com>
    Cc: Josh Poimboeuf <jpoimboe@redhat.com>
    Cc: Juergen Gross <jgross@suse.com>
    Cc: Kees Cook <keescook@chromium.org>
    Cc: Linus Torvalds <torvalds@linux-foundation.org>
    Cc: Peter Zijlstra <peterz@infradead.org>
    Cc: Rik van Riel <riel@redhat.com>
    Cc: Will Deacon <will.deacon@arm.com>
    Cc: aliguori@amazon.com
    Cc: daniel.gruss@iaik.tugraz.at
    Cc: hughd@google.com
    Cc: keescook@google.com
    Link: https://lkml.kernel.org/r/20171204150606.733700132@linutronix.deSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
    c482feef
switch_to.h 2.81 KB