From: Stuart Hayes <stuart.w.hayes@gmail.com>
To: tglx@linutronix.de, mingo@redhat.com, hpa@zytor.com, x86@kernel.org
Cc: linux-kernel@vger.kernel.org
Subject: [PATCH] x86: Configure NX support earlier in setup_arch
Date: Wed, 02 Jul 2014 20:47:19 -0500 [thread overview]
Message-ID: <53B4B627.8060903@gmail.com> (raw)
A page fault can crash the kernel very early if an NX bit is set in a
page table entry, if the CPU doesn't support NX (or if NX support is
disabled in the CPU). Move the call to x86_configure_nx() earlier
than parse_setup_data(), since that calls early_memremap().
Signed-off-by: Stuart Hayes <stuart.w.hayes@gmail.com>
---
--- linux-3.16-rc3/arch/x86/kernel/setup.c.orig 2014-07-02 12:14:50.196308719 -0400
+++ linux-3.16-rc3/arch/x86/kernel/setup.c 2014-07-02 12:11:11.240301228 -0400
@@ -940,6 +940,17 @@ void __init setup_arch(char **cmdline_p)
iomem_resource.end = (1ULL << boot_cpu_data.x86_phys_bits) - 1;
setup_memory_map();
+
+ /*
+ * x86_configure_nx() is called before parse_setup_data() to detect
+ * whether hardware doesn't support NX (so that parse_setup_data()
+ * can safely call early_memremap() without setting the XD bit in
+ * the PTE, which can cause an unrecoverable page fault). It may
+ * then be called again from within noexec_setup() during parsing
+ * early parameters to honor the respective command line option.
+ */
+ x86_configure_nx();
+
parse_setup_data();
copy_edd();
@@ -974,15 +985,6 @@ void __init setup_arch(char **cmdline_p)
strlcpy(command_line, boot_command_line, COMMAND_LINE_SIZE);
*cmdline_p = command_line;
- /*
- * x86_configure_nx() is called before parse_early_param() to detect
- * whether hardware doesn't support NX (so that the early EHCI debug
- * console setup can safely call set_fixmap()). It may then be called
- * again from within noexec_setup() during parsing early parameters
- * to honor the respective command line option.
- */
- x86_configure_nx();
-
parse_early_param();
x86_report_nx();
next reply other threads:[~2014-07-03 1:47 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-07-03 1:47 Stuart Hayes [this message]
2014-07-08 22:34 ` [PATCH] x86: Configure NX support earlier in setup_arch Stuart Hayes
2014-07-08 22:38 ` H. Peter Anvin
2014-07-10 0:56 ` Stuart Hayes
2014-07-14 17:22 ` Borislav Petkov
2014-07-14 17:28 ` H. Peter Anvin
2014-07-14 17:35 ` Borislav Petkov
2014-11-13 6:39 ` B_B_Singh
2014-11-13 12:30 ` Borislav Petkov
2014-11-13 13:40 ` B_B_Singh
2014-11-13 15:48 ` Thomas Gleixner
2014-11-13 12:54 ` Thomas Gleixner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=53B4B627.8060903@gmail.com \
--to=stuart.w.hayes@gmail.com \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.