From patchwork Mon Jan 11 13:50:21 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 59503 Delivered-To: patch@linaro.org Received: by 10.112.130.2 with SMTP id oa2csp2121929lbb; Mon, 11 Jan 2016 05:51:53 -0800 (PST) X-Received: by 10.66.189.200 with SMTP id gk8mr14930721pac.36.1452520312913; Mon, 11 Jan 2016 05:51:52 -0800 (PST) Return-Path: Received: from bombadil.infradead.org (bombadil.infradead.org. [2001:1868:205::9]) by mx.google.com with ESMTPS id lr5si40456503pab.147.2016.01.11.05.51.52 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 11 Jan 2016 05:51:52 -0800 (PST) Received-SPF: pass (google.com: domain of linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org designates 2001:1868:205::9 as permitted sender) client-ip=2001:1868:205::9; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org designates 2001:1868:205::9 as permitted sender) smtp.mailfrom=linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org; dkim=neutral (body hash did not verify) header.i=@linaro.org Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux)) id 1aIcrz-0006ny-F7; Mon, 11 Jan 2016 13:50:51 +0000 Received: from mail-wm0-x22b.google.com ([2a00:1450:400c:c09::22b]) by bombadil.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat Linux)) id 1aIcrw-0006Xr-EA for linux-arm-kernel@lists.infradead.org; Mon, 11 Jan 2016 13:50:49 +0000 Received: by mail-wm0-x22b.google.com with SMTP id f206so212303684wmf.0 for ; Mon, 11 Jan 2016 05:50:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id; bh=QW8mOfs2EOtPRAjHogVWPntU9mCmVoVdHcfuzYfBStc=; b=blqswcqxvwOmPJc/w6QgLEiJX6JlaslxH/EIXOk8CdQU3vdPkMHvp0BnsyUD7R9LBQ zV2t8Q+pbpkcy7QLG78/yN+f3i/Ai/C0N1I+pB81K9ZKLfDcqdEOFyCX2idXy/sCS/Oq +yBw2YRF9MNIvkolXJ+gJ7TlG/wG7Z9ZBBS3s= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=QW8mOfs2EOtPRAjHogVWPntU9mCmVoVdHcfuzYfBStc=; b=aREyJVoZMecHHDc6A9oXGYeV0EGg+oERBMb3x7ROS8hE9s8rGaeNyvjEjhBS2WA5FN VR6s9w0pjbcfkLKyEbV2RVaVmR7Av+GlLWOK3s4sOZM6Yv2Reucfkj9AmXG9X6cT2vPj sOqLFvsvmXUWL/V27Xs5G6z7d797S+latbOQBeKQqDTaORyp3zRFhaRddFsP2JpJUmnc C6LmLV2Ah354KeCGVb/51Gl/hVuWaZUFfCu2HA73koyrOkhYdJf25AnBw5N1U6lZxYxy mklR6OA7Ul00JMqI2DVe3pEr99sX+MiHIIIi8VB1oOkcsjdH/igI/Wn1hCk4iwOrilAZ jOfA== X-Gm-Message-State: ALoCoQn6ArmdIIMOUSPlW9aIzz3kL8CuF/L4OrJTSmV6KYE44yGjpALc2/qrVCjdbPWcK2RtLxTX5KhZXtqR+jnxbl2Jaq4Naw== X-Received: by 10.28.228.87 with SMTP id b84mr13279636wmh.81.1452520226276; Mon, 11 Jan 2016 05:50:26 -0800 (PST) Received: from localhost.localdomain (cag06-7-83-153-85-71.fbx.proxad.net. [83.153.85.71]) by smtp.gmail.com with ESMTPSA id l67sm12893897wmf.11.2016.01.11.05.50.25 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 11 Jan 2016 05:50:25 -0800 (PST) From: Ard Biesheuvel To: linux-arm-kernel@lists.infradead.org, will.deacon@arm.com Subject: [PATCH] arm64: kasan: ensure that the KASAN zero page is mapped read-only Date: Mon, 11 Jan 2016 14:50:21 +0100 Message-Id: <1452520221-6219-1-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.5.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20160111_055048_737591_AAFE3798 X-CRM114-Status: GOOD ( 13.31 ) X-Spam-Score: -2.7 (--) X-Spam-Report: SpamAssassin version 3.4.0 on bombadil.infradead.org summary: Content analysis details: (-2.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low trust [2a00:1450:400c:c09:0:0:0:22b listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: catalin.marinas@arm.com, Ard Biesheuvel MIME-Version: 1.0 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org When switching from the early KASAN shadow region, which maps the entire shadow space read-write, to the permanent KASAN shadow region, which uses a zero page to shadow regions that are not subject to instrumentation, the lowest level table kasan_zero_pte[] may be reused unmodified, which means that the mappings of the zero page that it contains will still be read-write. So update it explicitly to map the zero page read only when we activate the permanent mapping. Acked-by: Andrey Ryabinin Acked-by: Catalin Marinas Signed-off-by: Ard Biesheuvel --- arch/arm64/mm/kasan_init.c | 9 +++++++++ 1 file changed, 9 insertions(+) -- 2.5.0 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel diff --git a/arch/arm64/mm/kasan_init.c b/arch/arm64/mm/kasan_init.c index cf038c7d9fa9..cab7a5be40aa 100644 --- a/arch/arm64/mm/kasan_init.c +++ b/arch/arm64/mm/kasan_init.c @@ -120,6 +120,7 @@ static void __init cpu_set_ttbr1(unsigned long ttbr1) void __init kasan_init(void) { struct memblock_region *reg; + int i; /* * We are going to perform proper setup of shadow memory. @@ -155,6 +156,14 @@ void __init kasan_init(void) pfn_to_nid(virt_to_pfn(start))); } + /* + * KAsan may reuse the contents of kasan_zero_pte directly, so we + * should make sure that it maps the zero page read-only. + */ + for (i = 0; i < PTRS_PER_PTE; i++) + set_pte(&kasan_zero_pte[i], + pfn_pte(virt_to_pfn(kasan_zero_page), PAGE_KERNEL_RO)); + memset(kasan_zero_page, 0, PAGE_SIZE); cpu_set_ttbr1(__pa(swapper_pg_dir)); flush_tlb_all();