diff options
Diffstat (limited to 'common/recipes-kernel/linux/linux-yocto-4.9.21/0002-x86-pti-Make-unpoison-of-pgd-for-trusted-boot-work-f.patch')
| -rw-r--r-- | common/recipes-kernel/linux/linux-yocto-4.9.21/0002-x86-pti-Make-unpoison-of-pgd-for-trusted-boot-work-f.patch | 74 |
1 files changed, 0 insertions, 74 deletions
diff --git a/common/recipes-kernel/linux/linux-yocto-4.9.21/0002-x86-pti-Make-unpoison-of-pgd-for-trusted-boot-work-f.patch b/common/recipes-kernel/linux/linux-yocto-4.9.21/0002-x86-pti-Make-unpoison-of-pgd-for-trusted-boot-work-f.patch deleted file mode 100644 index 730dc7cc..00000000 --- a/common/recipes-kernel/linux/linux-yocto-4.9.21/0002-x86-pti-Make-unpoison-of-pgd-for-trusted-boot-work-f.patch +++ /dev/null @@ -1,74 +0,0 @@ -From 3474ee0a656102dc872ccffc8a80eeb87a9ce502 Mon Sep 17 00:00:00 2001 -From: Dave Hansen <dave.hansen@linux.intel.com> -Date: Mon, 29 Jan 2018 18:17:26 -0800 -Subject: [PATCH 02/42] x86/pti: Make unpoison of pgd for trusted boot work for - real - -commit 445b69e3b75e42362a5bdc13c8b8f61599e2228a upstream - -The inital fix for trusted boot and PTI potentially misses the pgd clearing -if pud_alloc() sets a PGD. It probably works in *practice* because for two -adjacent calls to map_tboot_page() that share a PGD entry, the first will -clear NX, *then* allocate and set the PGD (without NX clear). The second -call will *not* allocate but will clear the NX bit. - -Defer the NX clearing to a point after it is known that all top-level -allocations have occurred. Add a comment to clarify why. - -[ tglx: Massaged changelog ] - -[ hughd notes: I have not tested tboot, but this looks to me as necessary -and as safe in old-Kaiser backports as it is upstream; I'm not submitting -the commit-to-be-fixed 262b6b30087, since it was undone by 445b69e3b75e, -and makes conflict trouble because of 5-level's p4d versus 4-level's pgd.] - -Fixes: 262b6b30087 ("x86/tboot: Unbreak tboot with PTI enabled") -Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com> -Signed-off-by: Thomas Gleixner <tglx@linutronix.de> -Reviewed-by: Andrea Arcangeli <aarcange@redhat.com> -Cc: Jon Masters <jcm@redhat.com> -Cc: Tim Chen <tim.c.chen@linux.intel.com> -Cc: gnomes@lxorguk.ukuu.org.uk -Cc: peterz@infradead.org -Cc: ning.sun@intel.com -Cc: tboot-devel@lists.sourceforge.net -Cc: andi@firstfloor.org -Cc: luto@kernel.org -Cc: law@redhat.com -Cc: pbonzini@redhat.com -Cc: torvalds@linux-foundation.org -Cc: gregkh@linux-foundation.org -Cc: dwmw@amazon.co.uk -Cc: nickc@redhat.com -Link: https://lkml.kernel.org/r/20180110224939.2695CD47@viggo.jf.intel.com -Cc: Jiri Kosina <jkosina@suse.cz> -Signed-off-by: Hugh Dickins <hughd@google.com> -Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> ---- - arch/x86/kernel/tboot.c | 10 ++++++++++ - 1 file changed, 10 insertions(+) - -diff --git a/arch/x86/kernel/tboot.c b/arch/x86/kernel/tboot.c -index 8402907..21454e2 100644 ---- a/arch/x86/kernel/tboot.c -+++ b/arch/x86/kernel/tboot.c -@@ -134,6 +134,16 @@ static int map_tboot_page(unsigned long vaddr, unsigned long pfn, - return -1; - set_pte_at(&tboot_mm, vaddr, pte, pfn_pte(pfn, prot)); - pte_unmap(pte); -+ -+ /* -+ * PTI poisons low addresses in the kernel page tables in the -+ * name of making them unusable for userspace. To execute -+ * code at such a low address, the poison must be cleared. -+ * -+ * Note: 'pgd' actually gets set in pud_alloc(). -+ */ -+ pgd->pgd &= ~_PAGE_NX; -+ - return 0; - } - --- -2.7.4 - |