mirror of
https://github.com/AuxXxilium/linux_dsm_epyc7002.git
synced 2025-01-17 23:06:05 +07:00
5cec93c216
There's a fair amount of code in the vsyscall page. It contains a syscall instruction (in the gettimeofday fallback) and who knows what will happen if an exploit jumps into the middle of some other code. Reduce the risk by replacing the vsyscalls with short magic incantations that cause the kernel to emulate the real vsyscalls. These incantations are useless if entered in the middle. This causes vsyscalls to be a little more expensive than real syscalls. Fortunately sensible programs don't use them. The only exception is time() which is still called by glibc through the vsyscall - but calling time() millions of times per second is not sensible. glibc has this fixed in the development tree. This patch is not perfect: the vread_tsc and vread_hpet functions are still at a fixed address. Fixing that might involve making alternative patching work in the vDSO. Signed-off-by: Andy Lutomirski <luto@mit.edu> Acked-by: Linus Torvalds <torvalds@linux-foundation.org> Cc: Jesper Juhl <jj@chaosbits.net> Cc: Borislav Petkov <bp@alien8.de> Cc: Arjan van de Ven <arjan@infradead.org> Cc: Jan Beulich <JBeulich@novell.com> Cc: richard -rw- weinberger <richard.weinberger@gmail.com> Cc: Mikael Pettersson <mikpe@it.uu.se> Cc: Andi Kleen <andi@firstfloor.org> Cc: Brian Gerst <brgerst@gmail.com> Cc: Louis Rilling <Louis.Rilling@kerlabs.com> Cc: Valdis.Kletnieks@vt.edu Cc: pageexec@freemail.hu Link: http://lkml.kernel.org/r/e64e1b3c64858820d12c48fa739efbd1485e79d5.1307292171.git.luto@mit.edu [ Removed the CONFIG option - it's simpler to just do it unconditionally. Tidied up the code as well. ] Signed-off-by: Ingo Molnar <mingo@elte.hu>
95 lines
3.2 KiB
C
95 lines
3.2 KiB
C
#ifndef _ASM_X86_TRAPS_H
|
|
#define _ASM_X86_TRAPS_H
|
|
|
|
#include <linux/kprobes.h>
|
|
|
|
#include <asm/debugreg.h>
|
|
#include <asm/siginfo.h> /* TRAP_TRACE, ... */
|
|
|
|
#ifdef CONFIG_X86_32
|
|
#define dotraplinkage
|
|
#else
|
|
#define dotraplinkage asmlinkage
|
|
#endif
|
|
|
|
asmlinkage void divide_error(void);
|
|
asmlinkage void debug(void);
|
|
asmlinkage void nmi(void);
|
|
asmlinkage void int3(void);
|
|
asmlinkage void xen_debug(void);
|
|
asmlinkage void xen_int3(void);
|
|
asmlinkage void xen_stack_segment(void);
|
|
asmlinkage void overflow(void);
|
|
asmlinkage void bounds(void);
|
|
asmlinkage void invalid_op(void);
|
|
asmlinkage void device_not_available(void);
|
|
#ifdef CONFIG_X86_64
|
|
asmlinkage void double_fault(void);
|
|
#endif
|
|
asmlinkage void coprocessor_segment_overrun(void);
|
|
asmlinkage void invalid_TSS(void);
|
|
asmlinkage void segment_not_present(void);
|
|
asmlinkage void stack_segment(void);
|
|
asmlinkage void general_protection(void);
|
|
asmlinkage void page_fault(void);
|
|
asmlinkage void async_page_fault(void);
|
|
asmlinkage void spurious_interrupt_bug(void);
|
|
asmlinkage void coprocessor_error(void);
|
|
asmlinkage void alignment_check(void);
|
|
#ifdef CONFIG_X86_MCE
|
|
asmlinkage void machine_check(void);
|
|
#endif /* CONFIG_X86_MCE */
|
|
asmlinkage void simd_coprocessor_error(void);
|
|
asmlinkage void emulate_vsyscall(void);
|
|
|
|
dotraplinkage void do_divide_error(struct pt_regs *, long);
|
|
dotraplinkage void do_debug(struct pt_regs *, long);
|
|
dotraplinkage void do_nmi(struct pt_regs *, long);
|
|
dotraplinkage void do_int3(struct pt_regs *, long);
|
|
dotraplinkage void do_overflow(struct pt_regs *, long);
|
|
dotraplinkage void do_bounds(struct pt_regs *, long);
|
|
dotraplinkage void do_invalid_op(struct pt_regs *, long);
|
|
dotraplinkage void do_device_not_available(struct pt_regs *, long);
|
|
dotraplinkage void do_coprocessor_segment_overrun(struct pt_regs *, long);
|
|
dotraplinkage void do_invalid_TSS(struct pt_regs *, long);
|
|
dotraplinkage void do_segment_not_present(struct pt_regs *, long);
|
|
dotraplinkage void do_stack_segment(struct pt_regs *, long);
|
|
#ifdef CONFIG_X86_64
|
|
dotraplinkage void do_double_fault(struct pt_regs *, long);
|
|
asmlinkage __kprobes struct pt_regs *sync_regs(struct pt_regs *);
|
|
#endif
|
|
dotraplinkage void do_general_protection(struct pt_regs *, long);
|
|
dotraplinkage void do_page_fault(struct pt_regs *, unsigned long);
|
|
dotraplinkage void do_spurious_interrupt_bug(struct pt_regs *, long);
|
|
dotraplinkage void do_coprocessor_error(struct pt_regs *, long);
|
|
dotraplinkage void do_alignment_check(struct pt_regs *, long);
|
|
#ifdef CONFIG_X86_MCE
|
|
dotraplinkage void do_machine_check(struct pt_regs *, long);
|
|
#endif
|
|
dotraplinkage void do_simd_coprocessor_error(struct pt_regs *, long);
|
|
dotraplinkage void do_emulate_vsyscall(struct pt_regs *, long);
|
|
#ifdef CONFIG_X86_32
|
|
dotraplinkage void do_iret_error(struct pt_regs *, long);
|
|
#endif
|
|
|
|
static inline int get_si_code(unsigned long condition)
|
|
{
|
|
if (condition & DR_STEP)
|
|
return TRAP_TRACE;
|
|
else if (condition & (DR_TRAP0|DR_TRAP1|DR_TRAP2|DR_TRAP3))
|
|
return TRAP_HWBKPT;
|
|
else
|
|
return TRAP_BRKPT;
|
|
}
|
|
|
|
extern int panic_on_unrecovered_nmi;
|
|
|
|
void math_error(struct pt_regs *, int, int);
|
|
void math_emulate(struct math_emu_info *);
|
|
#ifndef CONFIG_X86_32
|
|
asmlinkage void smp_thermal_interrupt(void);
|
|
asmlinkage void mce_threshold_interrupt(void);
|
|
#endif
|
|
|
|
#endif /* _ASM_X86_TRAPS_H */
|