[PATCH v2 1/2] x86/asm: Pin sensitive CR4 bits

From: Kees Cook
Date: Tue Jun 04 2019 - 19:49:20 EST

Next message: Kees Cook: "[PATCH v2 0/2] x86/asm: Pin sensitive CR4 and CR0 bits"
Previous message: Kees Cook: "[PATCH v2 2/2] x86/asm: Pin sensitive CR0 bits"
In reply to: Kees Cook: "[PATCH v2 2/2] x86/asm: Pin sensitive CR0 bits"
Next in thread: Kees Cook: "Re: [PATCH v2 1/2] x86/asm: Pin sensitive CR4 bits"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Several recent exploits have used direct calls to the native_write_cr4()
function to disable SMEP and SMAP before then continuing their exploits
using userspace memory access. This pins bits of CR4 so that they cannot
be changed through a common function. This is not intended to be general
ROP protection (which would require CFI to defend against properly), but
rather a way to avoid trivial direct function calling (or CFI bypasses
via a matching function prototype) as seen in:

https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html
(https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-7308)

The goals of this change:
- pin specific bits (SMEP, SMAP, and UMIP) when writing CR4.
- avoid setting the bits too early (they must become pinned only after
CPU feature detection and selection has finished).
- pinning mask needs to be read-only during normal runtime.
- pinning needs to be checked after write to avoid jumps past the
preceding "or".

Using __ro_after_init on the mask is done so it can't be first disabled
with a malicious write.

Since these bits are global state (once established by the boot CPU
and kernel boot parameters), they are safe to write to secondary CPUs
before those CPUs have finished feature detection. As such, the bits are
written with an "or" performed before the register write as that is both
easier and uses a few bytes less storage of a location we don't have:
read-only per-CPU data. (Note that initialization via cr4_init_shadow()
isn't early enough to avoid early native_write_cr4() calls.)

A check is performed after the register write because an attack could
just skip over the "or" before the register write. Such a direct jump
is possible because of how this function may be built by the compiler
(especially due to the removal of frame pointers) where it doesn't add
a stack frame (function exit may only be a retq without pops) which
is sufficient for trivial exploitation like in the timer overwrites
mentioned above).

The asm argument constraints gain the "+" modifier to convince the
compiler that it shouldn't make ordering assumptions about the arguments
or memory, and treat them as changed.

Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
---
v2:
- move setup until after CPU feature detection and selection.
- refactor to use static branches to have atomic enabling.
- only perform the "or" after a failed check.
---
arch/x86/include/asm/special_insns.h | 24 +++++++++++++++++++++++-
arch/x86/kernel/cpu/common.c | 18 ++++++++++++++++++
2 files changed, 41 insertions(+), 1 deletion(-)

diff --git a/arch/x86/include/asm/special_insns.h b/arch/x86/include/asm/special_insns.h
index 0a3c4cab39db..284a77d52fea 100644
--- a/arch/x86/include/asm/special_insns.h
+++ b/arch/x86/include/asm/special_insns.h
@@ -6,6 +6,8 @@
#ifdef __KERNEL__

#include <asm/nops.h>
+#include <asm/processor-flags.h>
+#include <linux/jump_label.h>

/*
* Volatile isn't enough to prevent the compiler from reordering the
@@ -16,6 +18,10 @@
*/
extern unsigned long __force_order;

+/* Starts false and gets enabled once CPU feature detection is done. */
+DECLARE_STATIC_KEY_FALSE(cr_pinning);
+extern unsigned long cr4_pinned_bits;
+
static inline unsigned long native_read_cr0(void)
{
unsigned long val;
@@ -74,7 +80,23 @@ static inline unsigned long native_read_cr4(void)

static inline void native_write_cr4(unsigned long val)
{
- asm volatile("mov %0,%%cr4": : "r" (val), "m" (__force_order));
+ unsigned long bits_missing = 0;
+
+set_register:
+ if (static_branch_likely(&cr_pinning))
+ val |= cr4_pinned_bits;
+
+ asm volatile("mov %0,%%cr4": "+r" (val), "+m" (cr4_pinned_bits));
+
+ if (static_branch_likely(&cr_pinning)) {
+ if (unlikely((val & cr4_pinned_bits) != cr4_pinned_bits)) {
+ bits_missing = ~val & cr4_pinned_bits;
+ goto set_register;
+ }
+ /* Warn after we've set the missing bits. */
+ WARN_ONCE(bits_missing, "CR4 bits went missing: %lx!?\n",
+ bits_missing);
+ }
}

#ifdef CONFIG_X86_64
diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index 2c57fffebf9b..6b210be12734 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -366,6 +366,23 @@ static __always_inline void setup_umip(struct cpuinfo_x86 *c)
cr4_clear_bits(X86_CR4_UMIP);
}

+DEFINE_STATIC_KEY_FALSE_RO(cr_pinning);
+unsigned long cr4_pinned_bits __ro_after_init;
+
+/*
+ * Once CPU feature detection is finished (and boot params have been
+ * parsed), record any of the sensitive CR bits that are set, and
+ * enable CR pinning.
+ */
+static void __init setup_cr_pinning(void)
+{
+ unsigned long mask;
+
+ mask = (X86_CR4_SMEP | X86_CR4_SMAP | X86_CR4_UMIP);
+ cr4_pinned_bits = this_cpu_read(cpu_tlbstate.cr4) & mask;
+ static_key_enable(&cr_pinning.key);
+}
+
/*
* Protection Keys are not available in 32-bit mode.
*/
@@ -1464,6 +1481,7 @@ void __init identify_boot_cpu(void)
enable_sep_cpu();
#endif
cpu_detect_tlb(&boot_cpu_data);
+ setup_cr_pinning();
}

void identify_secondary_cpu(struct cpuinfo_x86 *c)
--
2.17.1

Next message: Kees Cook: "[PATCH v2 0/2] x86/asm: Pin sensitive CR4 and CR0 bits"
Previous message: Kees Cook: "[PATCH v2 2/2] x86/asm: Pin sensitive CR0 bits"
In reply to: Kees Cook: "[PATCH v2 2/2] x86/asm: Pin sensitive CR0 bits"
Next in thread: Kees Cook: "Re: [PATCH v2 1/2] x86/asm: Pin sensitive CR4 bits"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]