From: Lai Jiangshan <laijs@linux.alibaba.com>
To: linux-kernel@vger.kernel.org
Cc: Lai Jiangshan <laijs@linux.alibaba.com>,
Andy Lutomirski <luto@kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Thomas Gleixner <tglx@linutronix.de>,
x86@kernel.org, Ingo Molnar <mingo@redhat.com>,
Borislav Petkov <bp@alien8.de>, "H. Peter Anvin" <hpa@zytor.com>,
Alexandre Chartre <alexandre.chartre@oracle.com>
Subject: [RFC PATCH 5/5] x86/hw_breakpoint: Prevent data breakpoints on debug_idt_table
Date: Mon, 25 May 2020 14:51:02 +0000 [thread overview]
Message-ID: <20200525145102.122557-6-laijs@linux.alibaba.com> (raw)
In-Reply-To: <20200525145102.122557-1-laijs@linux.alibaba.com>
A data breakpoint on the IDT is terrifying and should be avoided.
The IDT on CPU entry area is already protected. The debug IDT
should be also protected, although it is seldom used and only
used for short time.
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: x86@kernel.org
Signed-off-by: Lai Jiangshan <laijs@linux.alibaba.com>
---
Please drop this patch when Peter's work to remove debug_idt_table
is merged.
arch/x86/kernel/hw_breakpoint.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/arch/x86/kernel/hw_breakpoint.c b/arch/x86/kernel/hw_breakpoint.c
index 9579bd6fb589..83d8b1fcbc76 100644
--- a/arch/x86/kernel/hw_breakpoint.c
+++ b/arch/x86/kernel/hw_breakpoint.c
@@ -284,6 +284,11 @@ static inline bool within_cpu_entry(unsigned long addr, unsigned long end)
return true;
}
+ /* debug_idt_table is used when load_debug_idt() */
+ if (within_area(addr, end, (unsigned long)debug_idt_table,
+ sizeof(debug_idt_table[0]) * IDT_ENTRIES))
+ return true;
+
return false;
}
--
2.20.1
next prev parent reply other threads:[~2020-05-25 14:51 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-25 14:50 [RFC PATCH 0/5] x86/hw_breakpoint: protects more cpu entry data Lai Jiangshan
2020-05-25 14:50 ` [RFC PATCH 1/5] x86/hw_breakpoint: add within_area() to check data breakpoints Lai Jiangshan
2020-05-25 14:50 ` [RFC PATCH 2/5] x86/hw_breakpoint: Prevent data breakpoints on direct GDT Lai Jiangshan
2020-05-25 14:51 ` [RFC PATCH 3/5] x86/hw_breakpoint: Prevent data breakpoints on per_cpu cpu_tss_rw Lai Jiangshan
2020-05-25 14:51 ` [RFC PATCH 4/5] x86/hw_breakpoint: Prevent data breakpoints on user_pcid_flush_mask Lai Jiangshan
2020-05-25 14:51 ` Lai Jiangshan [this message]
2020-05-25 15:25 ` [RFC PATCH 0/5] x86/hw_breakpoint: protects more cpu entry data Peter Zijlstra
2020-05-26 1:42 ` [RFC PATCH V2 0/7] x86/DB: protects more cpu entry data and Lai Jiangshan
2020-05-26 1:42 ` [RFC PATCH V2 1/7] x86/hw_breakpoint: add within_area() to check data breakpoints Lai Jiangshan
2020-05-30 9:57 ` [tip: x86/entry] x86/hw_breakpoint: Add " tip-bot2 for Lai Jiangshan
2020-05-26 1:42 ` [RFC PATCH V2 2/7] x86/hw_breakpoint: Prevent data breakpoints on direct GDT Lai Jiangshan
2020-05-30 9:57 ` [tip: x86/entry] " tip-bot2 for Lai Jiangshan
2020-05-26 1:42 ` [RFC PATCH V2 3/7] x86/hw_breakpoint: Prevent data breakpoints on per_cpu cpu_tss_rw Lai Jiangshan
2020-05-30 9:57 ` [tip: x86/entry] " tip-bot2 for Lai Jiangshan
2020-05-26 1:42 ` [RFC PATCH V2 4/7] x86/hw_breakpoint: Prevent data breakpoints on user_pcid_flush_mask Lai Jiangshan
2020-05-26 4:17 ` Andy Lutomirski
2020-05-26 4:31 ` Lai Jiangshan
2020-05-26 4:38 ` Andy Lutomirski
2020-05-26 5:48 ` Lai Jiangshan
2020-05-30 9:57 ` [tip: x86/entry] " tip-bot2 for Lai Jiangshan
2020-05-26 1:42 ` [RFC PATCH V2 5/7] x86/entry: don't shift stack on #DB Lai Jiangshan
2020-05-26 9:10 ` Peter Zijlstra
2020-05-26 1:42 ` [RFC PATCH V2 6/7] x86/entry: is_debug_stack() don't check of DB1 stack Lai Jiangshan
2020-05-26 1:42 ` [RFC PATCH V2 7/7] x86/entry: remove DB1 stack and DB2 hole from cpu entry area Lai Jiangshan
2020-05-26 1:48 ` [RFC PATCH 0/5] x86/hw_breakpoint: protects more cpu entry data Lai Jiangshan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200525145102.122557-6-laijs@linux.alibaba.com \
--to=laijs@linux.alibaba.com \
--cc=alexandre.chartre@oracle.com \
--cc=bp@alien8.de \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).