Re: [PATCH v2 3/4] mm: page_table_check: Make it dependent on EXCLUSIVE_SYSTEM_RAM

From: Pasha Tatashin
Date: Mon May 15 2023 - 12:36:44 EST

Next message: Greg Kroah-Hartman: "[PATCH 4.19 000/191] 4.19.283-rc1 review"
Previous message: Ahmed S. Darwish: "Re: [PATCH v2 1/2] scripts/tags.sh: Resolve gtags empty index generation"
In reply to: Ruihan Li: "[PATCH v2 3/4] mm: page_table_check: Make it dependent on EXCLUSIVE_SYSTEM_RAM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, May 15, 2023 at 9:10 AM Ruihan Li <lrh2000@xxxxxxxxxx> wrote:
>
> Without EXCLUSIVE_SYSTEM_RAM, users are allowed to map arbitrary
> physical memory regions into the userspace via /dev/mem. At the same
> time, pages may change their properties (e.g., from anonymous pages to
> named pages) while they are still being mapped in the userspace, leading
> to "corruption" detected by the page table check.
>
> To avoid these false positives, this patch makes PAGE_TABLE_CHECK
> depends on EXCLUSIVE_SYSTEM_RAM. This dependency is understandable
> because PAGE_TABLE_CHECK is a hardening technique but /dev/mem without
> STRICT_DEVMEM (i.e., !EXCLUSIVE_SYSTEM_RAM) is itself a security
> problem.
>
> Even with EXCLUSIVE_SYSTEM_RAM, I/O pages may be still allowed to be
> mapped via /dev/mem. However, these pages are always considered as named
> pages, so they won't break the logic used in the page table check.
>
> Cc: <stable@xxxxxxxxxxxxxxx> # 5.17
> Signed-off-by: Ruihan Li <lrh2000@xxxxxxxxxx>

Acked-by: Pasha Tatashin <pasha.tatashin@xxxxxxxxxx>

Thank you,
Pasha

Next message: Greg Kroah-Hartman: "[PATCH 4.19 000/191] 4.19.283-rc1 review"
Previous message: Ahmed S. Darwish: "Re: [PATCH v2 1/2] scripts/tags.sh: Resolve gtags empty index generation"
In reply to: Ruihan Li: "[PATCH v2 3/4] mm: page_table_check: Make it dependent on EXCLUSIVE_SYSTEM_RAM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]