On Tue, Jul 16, 2013 at 1:21 PM, Yinghai Lu <ying...@kernel.org> wrote:
> On Tue, Jul 16, 2013 at 11:34 AM, Kees Cook <keesc...@chromium.org> wrote:
>> Since the IDT is referenced from a fixmap, make sure it is page aligned.
>> Merge with 32-bit one, since it was already aligned to deal with F00F
>> bug. Since bss is cleared before IDT setup, it can live there. This also
>> moves the other *_idt_table variables into common locations.
>>
>> This avoids the risk of the IDT ever being moved in the bss and having
>> the mapping be offset, resulting in calling incorrect handlers. In the
>> current upstream kernel this is not a manifested bug, but heavily patched
>> kernels (such as those using the PaX patch series) did encounter this bug.
>>
>> Signed-off-by: Kees Cook <keesc...@chromium.org>
>> Reported-by: PaX Team <pagee...@gmail.com>
>> ---
>> v5:
>> - add comments to all IDTs about alignment reasoning, suggested by Linus
>
> Where is thread for that?
That was off list, part of trying to coordinate this cleanup vs
minimal changes for the stable tree.
>> v4:
>> - rework using __page_aligned_bss, suggested by Yinghai LU
>> - move all the other IDT variables as well, suggested by HPA
>> v3:
>> - merge 32-bit and 64-bit idt_table definition
>> v2:
>> - 32-bit was already aligned
>> ---
>> arch/x86/kernel/head_64.S | 15 ---------------
>> arch/x86/kernel/tracepoint.c | 6 ++----
>> arch/x86/kernel/traps.c | 12 ++++++------
>> 3 files changed, 8 insertions(+), 25 deletions(-)
>>
>> diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S
>> index 5e4d8a8..e1aabdb 100644
>> --- a/arch/x86/kernel/head_64.S
>> +++ b/arch/x86/kernel/head_64.S
>> @@ -512,21 +512,6 @@ ENTRY(phys_base)
>>
>> #include "../../x86/xen/xen-head.S"
>>
>> - .section .bss, "aw", @nobits
>> - .align L1_CACHE_BYTES
>> -ENTRY(idt_table)
>> - .skip IDT_ENTRIES * 16
>> -
>> - .align L1_CACHE_BYTES
>> -ENTRY(debug_idt_table)
>> - .skip IDT_ENTRIES * 16
>> -
>> -#ifdef CONFIG_TRACING
>> - .align L1_CACHE_BYTES
>> -ENTRY(trace_idt_table)
>> - .skip IDT_ENTRIES * 16
>> -#endif
>> -
>> __PAGE_ALIGNED_BSS
>> NEXT_PAGE(empty_zero_page)
>> .skip PAGE_SIZE
>> diff --git a/arch/x86/kernel/tracepoint.c b/arch/x86/kernel/tracepoint.c
>> index 4e584a8..1c113db 100644
>> --- a/arch/x86/kernel/tracepoint.c
>> +++ b/arch/x86/kernel/tracepoint.c
>> @@ -12,10 +12,8 @@ atomic_t trace_idt_ctr = ATOMIC_INIT(0);
>> struct desc_ptr trace_idt_descr = { NR_VECTORS * 16 - 1,
>> (unsigned long) trace_idt_table };
>>
>> -#ifndef CONFIG_X86_64
>> -gate_desc trace_idt_table[NR_VECTORS] __page_aligned_data
>> - = { { { { 0, 0 } } }, };
>> -#endif
>> +/* No need to be aligned, but done to keep all IDTs defined the same way. */
>> +gate_desc trace_idt_table[NR_VECTORS] __page_aligned_bss;
>
> in that case why not add __cacheline_aligned_bss?
It seemed more correct to me to define all the IDTs the same, but
there was no technical reason for that, just one of regularity. I only
care about keeping the real IDT page aligned. :) I'm fine to do
whatever is deemed "correct". :)
-Kees
--
Kees Cook
Chrome OS Security
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
