Re: [PATCH 4/4] x86,module: Detect CRn and DRn manipulation

From: Jan Kiszka
Date: Wed Apr 08 2020 - 05:02:59 EST


On 08.04.20 10:51, Peter Zijlstra wrote:
On Wed, Apr 08, 2020 at 07:58:53AM +0200, Jan Kiszka wrote:
On 07.04.20 23:48, Steven Rostedt wrote:

Hmm, wont this break jailhouse?

Breaking it isn't a problem, it's out of tree and it should be fixable.

Yes, possibly. We load the hypervisor binary via request_firmware into
executable memory and then jump into it. So most of the "suspicious" code is

W.T.H. does the firmware loader have the ability to give executable
memory? We need to kill that too. /me goes find.


At the risk of cutting our own branch off: That's not the firmware loader, it's ioremap with PAGE_KERNEL_EXEC.

Jan

--
Siemens AG, Corporate Technology, CT RDA IOT SES-DE
Corporate Competence Center Embedded Linux