[RFC][PATCH 04/10] x86/espfix: use kernel-default PTE mask
From: Dave Hansen
Date: Thu Feb 22 2018 - 15:37:20 EST
From: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>
In creating its page tables, the espfix code masks its PGTABLE_PROT
value with the supported mask: __supported_pte_mask. This ensures
that unsupported bits are not set in the final PTE. But, it also
sets _PAGE_GLOBAL which we do not want for PTE. Use
__default_kernel_pte_mask instead which clears _PAGE_GLOBAL for PTI.
Signed-off-by: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>
Cc: Andrea Arcangeli <aarcange@xxxxxxxxxx>
Cc: Andy Lutomirski <luto@xxxxxxxxxx>
Cc: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Cc: Kees Cook <keescook@xxxxxxxxxx>
Cc: Hugh Dickins <hughd@xxxxxxxxxx>
Cc: Juergen Gross <jgross@xxxxxxxx>
Cc: x86@xxxxxxxxxx
Cc: Nadav Amit <namit@xxxxxxxxxx>
---
b/arch/x86/kernel/espfix_64.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff -puN arch/x86/kernel/espfix_64.c~espfix-use-kern-defaults-not-supported arch/x86/kernel/espfix_64.c
--- a/arch/x86/kernel/espfix_64.c~espfix-use-kern-defaults-not-supported 2018-02-22 12:36:19.217036552 -0800
+++ b/arch/x86/kernel/espfix_64.c 2018-02-22 12:36:19.221036552 -0800
@@ -167,7 +167,7 @@ void init_espfix_ap(int cpu)
goto unlock_done;
node = cpu_to_node(cpu);
- ptemask = __supported_pte_mask;
+ ptemask = __default_kernel_pte_mask;
pud_p = &espfix_pud_page[pud_index(addr)];
pud = *pud_p;
_