linux_dsm_epyc7002/arch/powerpc
Balbir Singh 3b10d0095a powerpc/mm/radix: Prevent kernel execution of user space
ISA 3 defines new encoded access authority that allows instruction
access prevention in privileged mode and allows normal access
to problem state. This patch just enables IAMR (Instruction Authority
Mask Register), enabling AMR would require more work.

I've tested this with a buggy driver and a simple payload. The payload
is specific to the build I've tested.

mpe: Also tested with LKDTM:

  # echo EXEC_USERSPACE > /sys/kernel/debug/provoke-crash/DIRECT
  lkdtm: Performing direct entry EXEC_USERSPACE
  lkdtm: attempting ok execution at c0000000005bf560
  lkdtm: attempting bad execution at 00003fff8d940000
  Unable to handle kernel paging request for instruction fetch
  Faulting instruction address: 0x3fff8d940000
  Oops: Kernel access of bad area, sig: 11 [#1]
  NIP: 00003fff8d940000 LR: c0000000005bfa58 CTR: 00003fff8d940000
  REGS: c0000000f1fcf900 TRAP: 0400   Not tainted  (4.9.0-rc5-compiler_gcc-6.2.0-00109-g956dbc06232a)
  MSR: 9000000010009033 <SF,HV,EE,ME,IR,DR,RI,LE>  CR: 48002222  XER: 00000000
  ...
  Call Trace:
    lkdtm_EXEC_USERSPACE+0x104/0x120 (unreliable)
    lkdtm_do_action+0x3c/0x80
    direct_entry+0x100/0x1b0
    full_proxy_write+0x94/0x100
    __vfs_write+0x3c/0x1b0
    vfs_write+0xcc/0x230
    SyS_write+0x60/0x110
    system_call+0x38/0xfc

Signed-off-by: Balbir Singh <bsingharora@gmail.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
2016-11-26 18:48:04 +11:00
..
boot powerpc/boot: Fix boot on systems with uncompressed kernel image 2016-10-19 20:35:34 +11:00
configs powerpc/configs: Turn on PPC crypto implementations in the server defconfigs 2016-11-18 23:02:19 +11:00
crypto Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2016-10-10 14:04:16 -07:00
include powerpc: Fix __cmpxchg() to take a volatile ptr again 2016-11-25 14:07:50 +11:00
kernel powernv: Clear SPRN_PSSCR when a POWER9 CPU comes online 2016-11-25 14:37:04 +11:00
kvm KVM: PPC: Book3S HV: Fix build error when SMP=n 2016-10-22 08:44:37 +11:00
lib powerpc/lib: Fix randconfig build failure in sstep.c 2016-11-18 22:40:42 +11:00
math-emu
mm powerpc/mm/radix: Prevent kernel execution of user space 2016-11-26 18:48:04 +11:00
net powerpc/bpf: Add support for bpf constant blinding 2016-10-04 20:33:20 +11:00
oprofile powerpc/sparse: Make a bunch of things static 2016-09-13 17:35:47 +10:00
perf powerpc/sparse: Make a bunch of things static 2016-09-13 17:35:47 +10:00
platforms Merge branch 'topic/ppc-kvm' into next 2016-11-24 22:14:52 +11:00
scripts powerpc/ftrace: Add Kconfig & Make glue for mprofile-kernel 2016-03-07 14:53:56 +11:00
sysdev powerpc: Add support for relative exception tables 2016-11-14 11:11:51 +11:00
xmon powerpc/xmon: Add 'dt' command to dump trace buffers 2016-11-25 14:30:27 +11:00
Kconfig powerpc: Initial stack protector (-fstack-protector) support 2016-11-23 22:57:15 +11:00
Kconfig.debug powerpc/mm: Dump linux pagetables 2016-11-17 17:11:46 +11:00
Makefile powerpc: Add option to use thin archives 2016-11-18 22:40:42 +11:00
relocs_check.sh powerpc/64: whitelist unresolved modversions CRCs 2016-09-22 14:46:31 +02:00