Nadav Amit b3fd8e83ad x86/alternatives: Use temporary mm for text poking ... text_poke() can potentially compromise security as it sets temporary PTEs in the fixmap. These PTEs might be used to rewrite the kernel code from other cores accidentally or maliciously, if an attacker gains the ability to write onto kernel memory. Moreover, since remote TLBs are not flushed after the temporary PTEs are removed, the time-window in which the code is writable is not limited if the fixmap PTEs - maliciously or accidentally - are cached in the TLB. To address these potential security hazards, use a temporary mm for patching the code. Finally, text_poke() is also not conservative enough when mapping pages, as it always tries to map 2 pages, even when a single one is sufficient. So try to be more conservative, and do not map more than needed. Signed-off-by: Nadav Amit <namit@vmware.com> Signed-off-by: Rick Edgecombe <rick.p.edgecombe@intel.com> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Cc: <akpm@linux-foundation.org> Cc: <ard.biesheuvel@linaro.org> Cc: <deneen.t.dock@intel.com> Cc: <kernel-hardening@lists.openwall.com> Cc: <kristen@linux.intel.com> Cc: <linux_dti@icloud.com> Cc: <will.deacon@arm.com> Cc: Andy Lutomirski <luto@kernel.org> Cc: Borislav Petkov <bp@alien8.de> Cc: Dave Hansen <dave.hansen@intel.com> Cc: H. Peter Anvin <hpa@zytor.com> Cc: Kees Cook <keescook@chromium.org> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Masami Hiramatsu <mhiramat@kernel.org> Cc: Rik van Riel <riel@surriel.com> Cc: Thomas Gleixner <tglx@linutronix.de> Link: https://lkml.kernel.org/r/20190426001143.4983-8-namit@vmware.com Signed-off-by: Ingo Molnar <mingo@kernel.org>		2019-04-30 12:37:52 +02:00
..
alpha	arch: add pidfd and io_uring syscalls everywhere	2019-04-23 13:34:17 -07:00
arc	syscalls: Remove start and number from syscall_get_arguments() args	2019-04-05 09:26:43 -04:00
arm	A small number of ARM fixes	2019-04-28 10:50:57 -07:00
arm64	arm64 fixes:	2019-04-26 11:26:53 -07:00
c6x	syscalls: Remove start and number from syscall_set_arguments() args	2019-04-05 09:27:23 -04:00
csky	syscalls: Remove start and number from syscall_set_arguments() args	2019-04-05 09:27:23 -04:00
h8300	syscalls: Remove start and number from syscall_get_arguments() args	2019-04-05 09:26:43 -04:00
hexagon	syscalls: Remove start and number from syscall_get_arguments() args	2019-04-05 09:26:43 -04:00
ia64	arch: add pidfd and io_uring syscalls everywhere	2019-04-23 13:34:17 -07:00
m68k	arch: add pidfd and io_uring syscalls everywhere	2019-04-23 13:34:17 -07:00
microblaze	arch: add pidfd and io_uring syscalls everywhere	2019-04-23 13:34:17 -07:00
mips	arch: add pidfd and io_uring syscalls everywhere	2019-04-23 13:34:17 -07:00
nds32	syscalls: Remove start and number from syscall_set_arguments() args	2019-04-05 09:27:23 -04:00
nios2	syscalls: Remove start and number from syscall_set_arguments() args	2019-04-05 09:27:23 -04:00
openrisc	syscalls: Remove start and number from syscall_set_arguments() args	2019-04-05 09:27:23 -04:00
parisc	arch: add pidfd and io_uring syscalls everywhere	2019-04-23 13:34:17 -07:00
powerpc	powerpc fixes for 5.1 #6	2019-04-28 10:43:15 -07:00
riscv	RISC-V: Fix Maximum Physical Memory 2GiB option for 64bit systems	2019-04-10 09:41:40 -07:00
s390	arch: add pidfd and io_uring syscalls everywhere	2019-04-23 13:34:17 -07:00
sh	arch: add pidfd and io_uring syscalls everywhere	2019-04-23 13:34:17 -07:00
sparc	arch: add pidfd and io_uring syscalls everywhere	2019-04-23 13:34:17 -07:00
um	syscalls: Remove start and number from syscall_set_arguments() args	2019-04-05 09:27:23 -04:00
unicore32	KVM: export <linux/kvm_para.h> and <asm/kvm_para.h> iif KVM is supported	2019-03-28 17:27:42 +01:00
x86	x86/alternatives: Use temporary mm for text poking	2019-04-30 12:37:52 +02:00
xtensa	arch: add pidfd and io_uring syscalls everywhere	2019-04-23 13:34:17 -07:00
.gitignore
Kconfig	Char/Misc driver patches for 5.1-rc1	2019-03-06 14:18:59 -08:00