-
- Downloads
x86/mm: Randomize per-cpu entry area
Seth found that the CPU-entry-area; the piece of per-cpu data that is mapped into the userspace page-tables for kPTI is not subject to any randomization -- irrespective of kASLR settings. On x86_64 a whole P4D (512 GB) of virtual address space is reserved for this structure, which is plenty large enough to randomize things a little. As such, use a straight forward randomization scheme that avoids duplicates to spread the existing CPUs over the available space. [ bp: Fix le build. ] Reported-by:Seth Jenkins <sethjenkins@google.com> Reviewed-by:
Kees Cook <keescook@chromium.org> Signed-off-by:
Peter Zijlstra (Intel) <peterz@infradead.org> Signed-off-by:
Dave Hansen <dave.hansen@linux.intel.com> Signed-off-by:
Borislav Petkov <bp@suse.de>
Showing
- arch/x86/include/asm/cpu_entry_area.h 0 additions, 4 deletionsarch/x86/include/asm/cpu_entry_area.h
- arch/x86/include/asm/pgtable_areas.h 7 additions, 1 deletionarch/x86/include/asm/pgtable_areas.h
- arch/x86/kernel/hw_breakpoint.c 1 addition, 1 deletionarch/x86/kernel/hw_breakpoint.c
- arch/x86/mm/cpu_entry_area.c 42 additions, 4 deletionsarch/x86/mm/cpu_entry_area.c
Loading
Please register or sign in to comment