linux_dsm_epyc7002/arch/x86/include/asm
Andy Lutomirski bd902c5362 x86/vdso: Disallow vvar access to vclock IO for never-used vclocks
It makes me uncomfortable that even modern systems grant every
process direct read access to the HPET.

While fixing this for real without regressing anything is a mess
(unmapping the HPET is tricky because we don't adequately track
all the mappings), we can do almost as well by tracking which
vclocks have ever been used and only allowing pages associated
with used vclocks to be faulted in.

This will cause rogue programs that try to peek at the HPET to
get SIGBUS instead on most systems.

We can't restrict faults to vclock pages that are associated
with the currently selected vclock due to a race: a process
could start to access the HPET for the first time and race
against a switch away from the HPET as the current clocksource.
We can't segfault the process trying to peek at the HPET in this
case, even though the process isn't going to do anything useful
with the data.

Signed-off-by: Andy Lutomirski <luto@kernel.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Fenghua Yu <fenghua.yu@intel.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Quentin Casasnovas <quentin.casasnovas@oracle.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/e79d06295625c02512277737ab55085a498ac5d8.1451446564.git.luto@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2016-01-12 11:59:35 +01:00
..
crypto
fpu x86/fpu: Disable AVX when eagerfpu is off 2016-01-12 11:51:21 +01:00
numachip
trace
uv
xen xen/arm: Enable cpu_hotplug.c 2015-10-23 14:20:47 +01:00
a.out-core.h
acenv.h
acpi.h
agp.h
alternative-asm.h
alternative.h
amd_nb.h x86/amd_nb, EDAC: Rename amd_get_node_id() 2015-10-21 11:10:55 +02:00
apb_timer.h
apic_flat_64.h
apic.h x86/apic: Introduce apic_extnmi command line parameter 2015-12-19 11:07:01 +01:00
apicdef.h
apm.h
arch_hweight.h
archrandom.h
asm-offsets.h
asm.h
atomic64_32.h x86/headers: Don't include asm/processor.h in asm/atomic.h 2015-12-06 12:56:03 +01:00
atomic64_64.h
atomic.h x86/headers: Don't include asm/processor.h in asm/atomic.h 2015-12-06 12:56:03 +01:00
barrier.h
bios_ebda.h
bitops.h
boot.h x86/boot: Double BOOT_HEAP_SIZE to 64KB 2016-01-11 12:30:50 +01:00
bootparam_utils.h
bug.h
bugs.h
cache.h
cacheflush.h
calgary.h x86/platform/calgary: Constify cal_chipset_ops structures 2015-11-29 08:50:58 +01:00
ce4100.h
checksum_32.h
checksum_64.h
checksum.h
clocksource.h x86/vdso: Disallow vvar access to vclock IO for never-used vclocks 2016-01-12 11:59:35 +01:00
cmdline.h
cmpxchg_32.h x86/cpufeature: Remove unused and seldomly used cpu_has_xx macros 2015-12-19 11:49:55 +01:00
cmpxchg_64.h x86/cpufeature: Remove unused and seldomly used cpu_has_xx macros 2015-12-19 11:49:55 +01:00
cmpxchg.h
compat.h
cpu_device_id.h
cpu.h x86/cpu: Unify CPU family, model, stepping calculation 2015-11-24 09:15:54 +01:00
cpufeature.h Merge branch 'x86-cleanups-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2016-01-11 16:26:03 -08:00
cpumask.h
crash.h
current.h
debugreg.h
delay.h
desc_defs.h
desc.h
device.h
disabled-features.h
div64.h
dma-mapping.h
dma.h
dmi.h
dwarf2.h x86/asm: Remove the xyz_cfi macros from dwarf2.h 2015-10-14 16:56:28 +02:00
e820.h
edac.h
efi.h * Make the EFI System Resource Table (ESRT) driver explicitly 2015-10-14 16:51:34 +02:00
elf.h x86/elf/64: Clear more registers in elf_common_init() 2015-10-09 09:41:06 +02:00
emergency-restart.h
entry_arch.h
espfix.h
exec.h
fb.h
fixmap.h x86/vdso: Remove pvclock fixmap machinery 2015-12-11 08:56:03 +01:00
floppy.h
frame.h
ftrace.h
futex.h
gart.h
genapic.h
geode.h
gpio.h
hardirq.h
highmem.h kmap_atomic_to_page() has no users, remove it 2015-11-09 15:11:24 -08:00
hpet.h timers/x86/hpet: Type adjustments 2015-10-21 11:17:32 +02:00
hugetlb.h
hw_breakpoint.h
hw_irq.h
hypertransport.h
hypervisor.h
i8259.h x86/irq: Probe for PIC presence before allocating descs for legacy IRQs 2015-11-07 10:37:37 +01:00
ia32_unistd.h
ia32.h
idle.h
imr.h
inat_types.h
inat.h
init.h
insn.h
inst.h
intel_mid_vrtc.h
intel_pmc_ipc.h
intel_pt.h perf/x86/intel/pt: Add interface to stop Intel PT logging 2015-11-23 09:58:26 +01:00
intel_scu_ipc.h
intel-mid.h
io_apic.h
io.h
iomap.h
iommu_table.h
iommu.h
iosf_mbi.h
ipi.h x86/apic: Provide default send single IPI wrapper 2015-11-05 13:07:53 +01:00
irq_regs.h
irq_remapping.h irq_remapping: move structs outside #ifdef 2015-10-01 15:06:42 +02:00
irq_vectors.h
irq_work.h
irq.h
irqdomain.h
irqflags.h
ist.h
jump_label.h x86/asm: Add asm macros for static keys/jump labels 2015-11-24 09:56:44 +01:00
kasan.h
kbdleds.h
Kbuild
kdebug.h x86/kexec: Remove obsolete 'in_crash_kexec' flag 2015-10-12 09:43:11 +02:00
kexec-bzimage64.h
kexec.h
kgdb.h
kmap_types.h
kmemcheck.h
kprobes.h
kvm_emulate.h KVM: x86: add read_phys to x86_emulate_ops 2015-11-04 16:24:31 +01:00
kvm_guest.h
kvm_host.h KVM: x86: rename update_db_bp_intercept to update_bp_intercept 2015-11-10 12:06:25 +01:00
kvm_para.h
lguest_hcall.h
lguest.h
linkage.h
livepatch.h
local64.h
local.h
mach_timer.h
mach_traps.h
math_emu.h
mc146818rtc.h
mce.h x86/mce: Add a Scalable MCA vendor flags bit 2015-11-01 11:26:13 +01:00
microcode_amd.h x86/microcode: Merge the early microcode loader 2015-10-21 11:22:12 +02:00
microcode_intel.h x86/microcode: Merge the early microcode loader 2015-10-21 11:22:12 +02:00
microcode.h x86/cpu: Unify CPU family, model, stepping calculation 2015-11-24 09:15:54 +01:00
misc.h
mmconfig.h
mmu_context.h x86/mm: Add barriers and document switch_mm()-vs-flush synchronization 2016-01-11 12:03:15 +01:00
mmu.h x86/vdso: Track each mm's loaded vDSO image as well as its base 2016-01-12 11:59:34 +01:00
mmx.h
mmzone_32.h
mmzone_64.h
mmzone.h
module.h
mpspec_def.h
mpspec.h
mpx.h
mshyperv.h
msi.h x86/irq: Export functions to allow MSI domains in modules 2015-12-20 12:40:49 +01:00
msidef.h
msr-index.h x86/cpu/amd, kvm: Satisfy guest kernel reads of IC_CFG MSR 2015-11-24 09:15:54 +01:00
msr-trace.h x86, tracing, perf: Add trace point for MSR accesses 2015-12-06 12:56:10 +01:00
msr.h Merge branch 'x86-platform-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2016-01-11 17:45:32 -08:00
mtrr.h
mutex_32.h
mutex_64.h
mutex.h
mwait.h
nmi.h
nops.h
numa_32.h
numa.h
olpc_ofw.h
olpc.h
page_32_types.h
page_32.h
page_64_types.h
page_64.h
page_types.h x86/mm: Align macro defines 2015-12-19 11:53:40 +01:00
page.h
paravirt_types.h Merge branch 'x86-cleanups-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2016-01-11 16:26:03 -08:00
paravirt.h Merge branch 'x86-cleanups-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2016-01-11 16:26:03 -08:00
parport.h
pat.h
pci_64.h
pci_x86.h
pci-direct.h
pci-functions.h
pci.h
percpu.h
perf_event_p4.h
perf_event.h
pgalloc.h
pgtable_32_types.h
pgtable_32.h
pgtable_64_types.h
pgtable_64.h
pgtable_types.h x86/mm: Fix regression with huge pages on PAE 2015-12-04 09:14:27 +01:00
pgtable-2level_types.h
pgtable-2level.h
pgtable-3level_types.h
pgtable-3level.h
pgtable.h Merge branch 'linus' into x86/cleanups 2015-12-19 11:49:13 +01:00
platform_sst_audio.h
pm-trace.h
pmc_atom.h
pmem.h
posix_types.h
preempt.h sched/core, sched/x86: Kill thread_info::saved_preempt_count 2015-10-06 17:08:18 +02:00
probe_roms.h
processor-cyrix.h
processor-flags.h
processor.h x86/paravirt: Prevent rtc_cmos platform device init on PV guests 2015-12-19 21:35:13 +01:00
prom.h
proto.h
ptrace.h
pvclock-abi.h
pvclock.h x86/vsdo: Fix build on PARAVIRT_CLOCK=y, KVM_GUEST=n 2016-01-06 10:49:53 +01:00
qrwlock.h
qspinlock_paravirt.h locking/pvqspinlock, x86: Optimize the PV unlock code path 2015-11-23 10:02:02 +01:00
qspinlock.h
realmode.h
reboot_fixups.h
reboot.h x86/nmi: Save regs in crash dump on external NMI 2015-12-19 11:07:01 +01:00
required-features.h
rio.h
rmwcc.h
rtc.h
rwsem.h
seccomp.h
sections.h
segment.h
serial.h
setup_arch.h
setup.h
shmparam.h
sigcontext.h
sigframe.h
sighandling.h
signal.h
simd.h
smap.h
smp.h x86/paravirt: Remove unused pv_apic_ops structure 2015-11-19 11:03:58 +01:00
sparsemem.h
special_insns.h
spinlock_types.h
spinlock.h
sta2x11.h
stackprotector.h
stacktrace.h
string_32.h
string_64.h x86, kasan: Fix build failure on KASAN=y && KMEMCHECK=y kernels 2015-10-19 10:07:23 +02:00
string.h
suspend_32.h x86/pm: Introduce quirk framework to save/restore extra MSR registers around suspend/resume 2015-11-26 10:04:53 +01:00
suspend_64.h x86/pm: Introduce quirk framework to save/restore extra MSR registers around suspend/resume 2015-11-26 10:04:53 +01:00
suspend.h
svm.h
swiotlb.h
switch_to.h
sync_bitops.h
sys_ia32.h
syscall.h x86/syscalls: Give sys_call_ptr_t a useful type 2015-10-09 09:41:08 +02:00
syscalls.h
sysfb.h
tce.h
thread_info.h Merge branch 'x86-asm-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2015-11-03 18:59:10 -08:00
time.h
timer.h
timex.h
tlb.h
tlbflush.h
topology.h
trace_clock.h
traps.h
tsc.h
uaccess_32.h
uaccess_64.h
uaccess.h x86: Add an inlined __copy_from_user_nmi() variant 2015-11-23 09:58:24 +01:00
unaligned.h
unistd.h
uprobes.h
user32.h
user_32.h
user_64.h
user.h
vdso.h x86/vdso: Use .fault for the vDSO text mapping 2016-01-12 11:59:34 +01:00
vga.h
vgtod.h x86/vdso: Disallow vvar access to vclock IO for never-used vclocks 2016-01-12 11:59:35 +01:00
virtext.h
vm86.h
vmx.h KVM: VMX: Enable and initialize VMX TSC scaling 2015-11-10 12:06:19 +01:00
vsyscall.h
vvar.h
word-at-a-time.h
x2apic.h
x86_init.h Merge branch 'linus' into x86/cleanups 2015-12-19 11:49:13 +01:00
xor_32.h x86/cpufeature: Remove unused and seldomly used cpu_has_xx macros 2015-12-19 11:49:55 +01:00
xor_64.h
xor_avx.h
xor.h