[PATCH 1/1] x86/kaiser/efi: unbreak tboot

From: Dave Hansen
Date: Sat Jan 06 2018 - 12:41:14 EST

Next message: Christophe JAILLET: "[PATCH] ASoC: Intel: sst: Fix the return value of 'sst_send_byte_stream_mrfld()'"
Previous message: Matthias Kaehlcke: "[PATCH] ASoC: rockchip: i2s: Support mono capture"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This is another case similar to what EFI does: create a new set of
page tables, map some code at a low address, and jump to it. PTI
mistakes this low address for userspace and mistakenly marks it
non-executable in an effort to make it unusable for userspace. Undo
the poison to allow execution.

Signed-off-by: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>
Cc: Ning Sun <ning.sun@xxxxxxxxx>
Cc: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
Cc: Ingo Molnar <mingo@xxxxxxxxxx>
Cc: "H. Peter Anvin" <hpa@xxxxxxxxx>
Cc: x86@xxxxxxxxxx
Cc: tboot-devel@xxxxxxxxxxxxxxxxxxxxx
Cc: linux-kernel@xxxxxxxxxxxxxxx
Signed-off-by: Andrea Arcangeli <aarcange@xxxxxxxxxx>
---
arch/x86/kernel/tboot.c | 1 +
1 file changed, 1 insertion(+)

diff --git a/arch/x86/kernel/tboot.c b/arch/x86/kernel/tboot.c
index a4eb27918ceb..75869a4b6c41 100644
--- a/arch/x86/kernel/tboot.c
+++ b/arch/x86/kernel/tboot.c
@@ -127,6 +127,7 @@ static int map_tboot_page(unsigned long vaddr, unsigned long pfn,
p4d = p4d_alloc(&tboot_mm, pgd, vaddr);
if (!p4d)
return -1;
+ pgd->pgd &= ~_PAGE_NX;
pud = pud_alloc(&tboot_mm, p4d, vaddr);
if (!pud)
return -1;

If I can help and assist in any other way let me know.

Thanks,
Andrea

Next message: Christophe JAILLET: "[PATCH] ASoC: Intel: sst: Fix the return value of 'sst_send_byte_stream_mrfld()'"
Previous message: Matthias Kaehlcke: "[PATCH] ASoC: rockchip: i2s: Support mono capture"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]