1. 27 8月, 2015 3 次提交
    • R
      ARM: software-based priviledged-no-access support · a5e090ac
      Russell King 提交于
      Provide a software-based implementation of the priviledged no access
      support found in ARMv8.1.
      
      Userspace pages are mapped using a different domain number from the
      kernel and IO mappings.  If we switch the user domain to "no access"
      when we enter the kernel, we can prevent the kernel from touching
      userspace.
      
      However, the kernel needs to be able to access userspace via the
      various user accessor functions.  With the wrapping in the previous
      patch, we can temporarily enable access when the kernel needs user
      access, and re-disable it afterwards.
      
      This allows us to trap non-intended accesses to userspace, eg, caused
      by an inadvertent dereference of the LIST_POISON* values, which, with
      appropriate user mappings setup, can be made to succeed.  This in turn
      can allow use-after-free bugs to be further exploited than would
      otherwise be possible.
      Signed-off-by: NRussell King <rmk+kernel@arm.linux.org.uk>
      a5e090ac
    • R
      ARM: entry: provide uaccess assembly macro hooks · 2190fed6
      Russell King 提交于
      Provide hooks into the kernel entry and exit paths to permit control
      of userspace visibility to the kernel.  The intended use is:
      
      - on entry to kernel from user, uaccess_disable will be called to
        disable userspace visibility
      - on exit from kernel to user, uaccess_enable will be called to
        enable userspace visibility
      - on entry from a kernel exception, uaccess_save_and_disable will be
        called to save the current userspace visibility setting, and disable
        access
      - on exit from a kernel exception, uaccess_restore will be called to
        restore the userspace visibility as it was before the exception
        occurred.
      
      These hooks allows us to keep userspace visibility disabled for the
      vast majority of the kernel, except for localised regions where we
      want to explicitly access userspace.
      Signed-off-by: NRussell King <rmk+kernel@arm.linux.org.uk>
      2190fed6
    • R
      ARM: entry: get rid of multiple macro definitions · aa06e5c1
      Russell King 提交于
      The following structure is just asking for trouble:
      
       #ifdef CONFIG_symbol
      	.macro foo
      	...
      	.endm
      	.macro bar
      	...
      	.endm
      	.macro baz
      	...
      	.endm
       #else
      	.macro foo
      	...
      	.endm
      	.macro bar
      	...
      	.endm
       #ifdef CONFIG_symbol2
      	.macro baz
      	...
      	.endm
       #else
      	.macro baz
      	...
      	.endm
       #endif
       #endif
      
      such as one defintion being updated, but the other definitions miss out.
      Where the contents of a macro needs to be conditional, the hint is in
      the first clause of this very sentence.  "contents" "conditional".  Not
      multiple separate definitions, especially not when much of the macro
      is the same between different configs.
      
      This patch fixes this bad style, which had caused the Thumb2 code to
      miss-out on the uaccess updates.
      Signed-off-by: NRussell King <rmk+kernel@arm.linux.org.uk>
      aa06e5c1
  2. 25 8月, 2015 2 次提交
  3. 21 8月, 2015 6 次提交
  4. 02 7月, 2015 3 次提交
  5. 01 7月, 2015 2 次提交
  6. 27 6月, 2015 1 次提交
  7. 26 6月, 2015 1 次提交
  8. 25 6月, 2015 5 次提交
  9. 24 6月, 2015 1 次提交
  10. 22 6月, 2015 2 次提交
  11. 21 6月, 2015 1 次提交
  12. 18 6月, 2015 2 次提交
  13. 17 6月, 2015 11 次提交