[tip:x86/smap] x86-32, smap: Add STAC/ CLAC instructions to 32-bit kernel entry

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "tip-bot for H. Peter Anvin" <hpa@linux.intel.com>
To: linux-tip-commits@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, hpa@zytor.com, mingo@kernel.org,
	tglx@linutronix.de, hpa@linux.intel.com
Subject: [tip:x86/smap] x86-32, smap: Add STAC/ CLAC instructions to 32-bit kernel entry
Date: Fri, 21 Sep 2012 17:16:26 -0700	[thread overview]
Message-ID: <tip-e59d1b0a24199db01978e6c1e89859eda93ce683@git.kernel.org> (raw)
In-Reply-To: <1348256595-29119-9-git-send-email-hpa@linux.intel.com>

Commit-ID:  e59d1b0a24199db01978e6c1e89859eda93ce683
Gitweb:     http://git.kernel.org/tip/e59d1b0a24199db01978e6c1e89859eda93ce683
Author:     H. Peter Anvin <hpa@linux.intel.com>
AuthorDate: Fri, 21 Sep 2012 13:58:10 -0700
Committer:  H. Peter Anvin <hpa@linux.intel.com>
CommitDate: Fri, 21 Sep 2012 14:04:27 -0700

x86-32, smap: Add STAC/CLAC instructions to 32-bit kernel entry

The changes to entry_32.S got missed in checkin:

63bcff2a x86, smap: Add STAC and CLAC instructions to control user space access

The resulting kernel was largely functional but SMAP protection could
have been bypassed.

Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Link: http://lkml.kernel.org/r/1348256595-29119-9-git-send-email-hpa@linux.intel.com
---
 arch/x86/kernel/entry_32.S |   26 ++++++++++++++++++++++++++
 1 files changed, 26 insertions(+), 0 deletions(-)

diff --git a/arch/x86/kernel/entry_32.S b/arch/x86/kernel/entry_32.S
index 623f288..9ebbeca 100644
--- a/arch/x86/kernel/entry_32.S
+++ b/arch/x86/kernel/entry_32.S
@@ -57,6 +57,7 @@
 #include <asm/cpufeature.h>
 #include <asm/alternative-asm.h>
 #include <asm/asm.h>
+#include <asm/smap.h>
 
 /* Avoid __ASSEMBLER__'ifying <linux/audit.h> just for this.  */
 #include <linux/elf-em.h>
@@ -407,7 +408,9 @@ sysenter_past_esp:
  */
 	cmpl $__PAGE_OFFSET-3,%ebp
 	jae syscall_fault
+	ASM_STAC
 1:	movl (%ebp),%ebp
+	ASM_CLAC
 	movl %ebp,PT_EBP(%esp)
 	_ASM_EXTABLE(1b,syscall_fault)
 
@@ -488,6 +491,7 @@ ENDPROC(ia32_sysenter_target)
 	# system call handler stub
 ENTRY(system_call)
 	RING0_INT_FRAME			# can't unwind into user space anyway
+	ASM_CLAC
 	pushl_cfi %eax			# save orig_eax
 	SAVE_ALL
 	GET_THREAD_INFO(%ebp)
@@ -670,6 +674,7 @@ END(syscall_exit_work)
 
 	RING0_INT_FRAME			# can't unwind into user space anyway
 syscall_fault:
+	ASM_CLAC
 	GET_THREAD_INFO(%ebp)
 	movl $-EFAULT,PT_EAX(%esp)
 	jmp resume_userspace
@@ -825,6 +830,7 @@ END(interrupt)
  */
 	.p2align CONFIG_X86_L1_CACHE_SHIFT
 common_interrupt:
+	ASM_CLAC
 	addl $-0x80,(%esp)	/* Adjust vector into the [-256,-1] range */
 	SAVE_ALL
 	TRACE_IRQS_OFF
@@ -841,6 +847,7 @@ ENDPROC(common_interrupt)
 #define BUILD_INTERRUPT3(name, nr, fn)	\
 ENTRY(name)				\
 	RING0_INT_FRAME;		\
+	ASM_CLAC;			\
 	pushl_cfi $~(nr);		\
 	SAVE_ALL;			\
 	TRACE_IRQS_OFF			\
@@ -857,6 +864,7 @@ ENDPROC(name)
 
 ENTRY(coprocessor_error)
 	RING0_INT_FRAME
+	ASM_CLAC
 	pushl_cfi $0
 	pushl_cfi $do_coprocessor_error
 	jmp error_code
@@ -865,6 +873,7 @@ END(coprocessor_error)
 
 ENTRY(simd_coprocessor_error)
 	RING0_INT_FRAME
+	ASM_CLAC
 	pushl_cfi $0
 #ifdef CONFIG_X86_INVD_BUG
 	/* AMD 486 bug: invd from userspace calls exception 19 instead of #GP */
@@ -886,6 +895,7 @@ END(simd_coprocessor_error)
 
 ENTRY(device_not_available)
 	RING0_INT_FRAME
+	ASM_CLAC
 	pushl_cfi $-1			# mark this as an int
 	pushl_cfi $do_device_not_available
 	jmp error_code
@@ -906,6 +916,7 @@ END(native_irq_enable_sysexit)
 
 ENTRY(overflow)
 	RING0_INT_FRAME
+	ASM_CLAC
 	pushl_cfi $0
 	pushl_cfi $do_overflow
 	jmp error_code
@@ -914,6 +925,7 @@ END(overflow)
 
 ENTRY(bounds)
 	RING0_INT_FRAME
+	ASM_CLAC
 	pushl_cfi $0
 	pushl_cfi $do_bounds
 	jmp error_code
@@ -922,6 +934,7 @@ END(bounds)
 
 ENTRY(invalid_op)
 	RING0_INT_FRAME
+	ASM_CLAC
 	pushl_cfi $0
 	pushl_cfi $do_invalid_op
 	jmp error_code
@@ -930,6 +943,7 @@ END(invalid_op)
 
 ENTRY(coprocessor_segment_overrun)
 	RING0_INT_FRAME
+	ASM_CLAC
 	pushl_cfi $0
 	pushl_cfi $do_coprocessor_segment_overrun
 	jmp error_code
@@ -938,6 +952,7 @@ END(coprocessor_segment_overrun)
 
 ENTRY(invalid_TSS)
 	RING0_EC_FRAME
+	ASM_CLAC
 	pushl_cfi $do_invalid_TSS
 	jmp error_code
 	CFI_ENDPROC
@@ -945,6 +960,7 @@ END(invalid_TSS)
 
 ENTRY(segment_not_present)
 	RING0_EC_FRAME
+	ASM_CLAC
 	pushl_cfi $do_segment_not_present
 	jmp error_code
 	CFI_ENDPROC
@@ -952,6 +968,7 @@ END(segment_not_present)
 
 ENTRY(stack_segment)
 	RING0_EC_FRAME
+	ASM_CLAC
 	pushl_cfi $do_stack_segment
 	jmp error_code
 	CFI_ENDPROC
@@ -959,6 +976,7 @@ END(stack_segment)
 
 ENTRY(alignment_check)
 	RING0_EC_FRAME
+	ASM_CLAC
 	pushl_cfi $do_alignment_check
 	jmp error_code
 	CFI_ENDPROC
@@ -966,6 +984,7 @@ END(alignment_check)
 
 ENTRY(divide_error)
 	RING0_INT_FRAME
+	ASM_CLAC
 	pushl_cfi $0			# no error code
 	pushl_cfi $do_divide_error
 	jmp error_code
@@ -975,6 +994,7 @@ END(divide_error)
 #ifdef CONFIG_X86_MCE
 ENTRY(machine_check)
 	RING0_INT_FRAME
+	ASM_CLAC
 	pushl_cfi $0
 	pushl_cfi machine_check_vector
 	jmp error_code
@@ -984,6 +1004,7 @@ END(machine_check)
 
 ENTRY(spurious_interrupt_bug)
 	RING0_INT_FRAME
+	ASM_CLAC
 	pushl_cfi $0
 	pushl_cfi $do_spurious_interrupt_bug
 	jmp error_code
@@ -1207,6 +1228,7 @@ return_to_handler:
 
 ENTRY(page_fault)
 	RING0_EC_FRAME
+	ASM_CLAC
 	pushl_cfi $do_page_fault
 	ALIGN
 error_code:
@@ -1279,6 +1301,7 @@ END(page_fault)
 
 ENTRY(debug)
 	RING0_INT_FRAME
+	ASM_CLAC
 	cmpl $ia32_sysenter_target,(%esp)
 	jne debug_stack_correct
 	FIX_STACK 12, debug_stack_correct, debug_esp_fix_insn
@@ -1303,6 +1326,7 @@ END(debug)
  */
 ENTRY(nmi)
 	RING0_INT_FRAME
+	ASM_CLAC
 	pushl_cfi %eax
 	movl %ss, %eax
 	cmpw $__ESPFIX_SS, %ax
@@ -1373,6 +1397,7 @@ END(nmi)
 
 ENTRY(int3)
 	RING0_INT_FRAME
+	ASM_CLAC
 	pushl_cfi $-1			# mark this as an int
 	SAVE_ALL
 	TRACE_IRQS_OFF
@@ -1393,6 +1418,7 @@ END(general_protection)
 #ifdef CONFIG_KVM_GUEST
 ENTRY(async_page_fault)
 	RING0_EC_FRAME
+	ASM_CLAC
 	pushl_cfi $do_async_page_fault
 	jmp error_code
 	CFI_ENDPROC

next prev parent reply	other threads:[~2012-09-22  0:16 UTC|newest]

Thread overview: 56+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-09-21 19:43 [PATCH 00/11] x86: Supervisor Mode Access Prevention H. Peter Anvin
2012-09-21 19:43 ` [PATCH 01/11] x86, cpufeature: Add feature bit for SMAP H. Peter Anvin
2012-09-21 19:43 ` [PATCH 02/11] x86-32, mm: The WP test should be done on a kernel page H. Peter Anvin
2012-09-21 19:58   ` [tip:x86/smap] " tip-bot for H. Peter Anvin
2012-09-21 19:43 ` [PATCH 03/11] x86, smap: Add CR4 bit for SMAP H. Peter Anvin
2012-09-21 19:59   ` [tip:x86/smap] " tip-bot for H. Peter Anvin
2012-09-21 19:43 ` [PATCH 04/11] x86, alternative: Use .pushsection/.popsection H. Peter Anvin
2012-09-21 20:00   ` [tip:x86/smap] " tip-bot for H. Peter Anvin
2012-09-21 19:43 ` [PATCH 05/11] x86, alternative: Add header guards to <asm/alternative-asm.h> H. Peter Anvin
2012-09-21 20:01   ` [tip:x86/smap] x86, alternative: Add header guards to <asm/ alternative-asm.h> tip-bot for H. Peter Anvin
2012-09-21 19:43 ` [PATCH 06/11] x86, smap: Add a header file with macros for STAC/CLAC H. Peter Anvin
2012-09-21 20:02   ` [tip:x86/smap] x86, smap: Add a header file with macros for STAC/ CLAC tip-bot for H. Peter Anvin
2012-09-21 19:43 ` [PATCH 07/11] x86, uaccess: Merge prototypes for clear_user/__clear_user H. Peter Anvin
2012-09-21 20:03   ` [tip:x86/smap] x86, uaccess: Merge prototypes for clear_user/ __clear_user tip-bot for H. Peter Anvin
2012-09-21 19:43 ` [PATCH 08/11] x86, smap: Add STAC and CLAC instructions to control user space access H. Peter Anvin
2012-09-21 20:04   ` [tip:x86/smap] " tip-bot for H. Peter Anvin
2012-09-22  0:16   ` tip-bot for H. Peter Anvin [this message]
2012-09-21 19:43 ` [PATCH 09/11] x86, smap: Turn on Supervisor Mode Access Prevention H. Peter Anvin
2012-09-21 20:05   ` [tip:x86/smap] " tip-bot for H. Peter Anvin
2012-09-21 19:43 ` [PATCH 10/11] x86, smap: A page fault due to SMAP is an oops H. Peter Anvin
2012-09-21 20:06   ` [tip:x86/smap] " tip-bot for H. Peter Anvin
2012-09-21 19:43 ` [PATCH 11/11] x86, smap: Reduce the SMAP overhead for signal handling H. Peter Anvin
2012-09-21 20:07   ` [tip:x86/smap] " tip-bot for H. Peter Anvin
2012-09-21 19:54 ` [PATCH 00/11] x86: Supervisor Mode Access Prevention Linus Torvalds
2012-09-21 19:57   ` H. Peter Anvin
2012-09-21 20:08   ` Ingo Molnar
2012-09-21 21:03     ` H. Peter Anvin
2012-09-21 21:09       ` Linus Torvalds
2012-09-21 21:12         ` H. Peter Anvin
2012-09-21 22:07 ` Eric W. Biederman
2012-09-21 22:12   ` H. Peter Anvin
2012-09-22  0:41     ` Eric W. Biederman
2012-09-24 23:27       ` [RFC PATCH] x86-32: Start out eflags and cr4 clean H. Peter Anvin
2012-09-25 13:27         ` Konrad Rzeszutek Wilk
2012-09-25 13:48         ` Ian Campbell
2012-09-26 11:29           ` Konrad Rzeszutek Wilk
2012-09-27  6:11         ` [tip:x86/smap] " tip-bot for H. Peter Anvin
2012-11-24  3:49           ` Yuhong Bao
2012-11-24  5:06             ` H. Peter Anvin
2012-09-27  6:11         ` [tip:x86/smap] x86, suspend: On wakeup always initialize cr4 and EFER tip-bot for H. Peter Anvin
2012-10-01 22:04         ` [tip:x86/urgent] x86, suspend: Correct the restore of CR4, EFER; skip computing EFLAGS.ID tip-bot for H. Peter Anvin
2012-10-02  6:52         ` tip-bot for H. Peter Anvin
2012-10-10 19:59         ` [RFC PATCH] x86-32: Start out eflags and cr4 clean Andres Salomon
2013-01-19  0:40           ` Andres Salomon
2013-01-19  0:42             ` H. Peter Anvin
2013-01-19  1:05               ` [Techteam] " Mitch Bradley
2013-01-19  2:35                 ` H. Peter Anvin
2013-01-19  7:44                   ` Mitch Bradley
2013-01-19 12:34                   ` Daniel Drake
2013-01-19 19:15                   ` [tip:x86/urgent] x86-32: Start out cr0 clean, disable paging before modifying cr3/4 tip-bot for H. Peter Anvin
2012-09-21 22:08 ` [PATCH 00/11] x86: Supervisor Mode Access Prevention Dave Jones
2012-09-21 22:10   ` H. Peter Anvin
2012-09-22 11:32     ` Ingo Molnar
2012-09-24 20:31       ` H. Peter Anvin
2012-09-24 20:43         ` Kees Cook
2012-09-24 20:51           ` H. Peter Anvin

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:623f288 dfblob:9ebbeca )
 OR (
bs:"[tip:x86/smap] x86-32, smap: Add STAC/ CLAC instructions to 32-bit kernel entry" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=tip-e59d1b0a24199db01978e6c1e89859eda93ce683@git.kernel.org \
    --to=hpa@linux.intel.com \
    --cc=hpa@zytor.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-tip-commits@vger.kernel.org \
    --cc=mingo@kernel.org \
    --cc=tglx@linutronix.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.