linux/arch/x86/lib
Andy Lutomirski 4012e77a90 x86/nmi: Fix NMI uaccess race against CR3 switching
A NMI can hit in the middle of context switching or in the middle of
switch_mm_irqs_off().  In either case, CR3 might not match current->mm,
which could cause copy_from_user_nmi() and friends to read the wrong
memory.

Fix it by adding a new nmi_uaccess_okay() helper and checking it in
copy_from_user_nmi() and in __copy_from_user_nmi()'s callers.

Signed-off-by: Andy Lutomirski <luto@kernel.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Rik van Riel <riel@surriel.com>
Cc: Nadav Amit <nadav.amit@gmail.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Jann Horn <jannh@google.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: stable@vger.kernel.org
Link: https://lkml.kernel.org/r/dd956eba16646fd0b15c3c0741269dfd84452dac.1535557289.git.luto@kernel.org
2018-08-31 17:08:22 +02:00
..
.gitignore
atomic64_32.c
atomic64_386_32.S
atomic64_cx8_32.S
cache-smp.c
checksum_32.S
clear_page_64.S x86/asm: Trim clear_page.S includes 2018-02-13 17:37:07 +01:00
cmdline.c
cmpxchg8b_emu.S
cmpxchg16b_emu.S
copy_page_64.S
copy_user_64.S
cpu.c x86/cpu: Rename cpu_data.x86_mask to cpu_data.x86_stepping 2018-02-15 01:15:52 +01:00
csum-copy_64.S
csum-partial_64.c
csum-wrappers_64.c
delay.c Merge branch 'x86-cleanups-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-01-30 13:01:09 -08:00
error-inject.c x86/error_inject: Make just_return_func() globally visible 2018-02-13 14:33:35 +01:00
getuser.S x86/get_user: Use pointer masking to limit speculation 2018-01-30 21:54:31 +01:00
hweight.S
inat.c
insn-eval.c
insn.c
iomap_copy_64.S
kaslr.c
Makefile Revert "x86/retpoline: Simplify vmexit_fill_RSB()" 2018-02-20 09:38:26 +01:00
memcpy_32.c
memcpy_64.S x86/asm/64: Use 32-bit XOR to zero registers 2018-07-03 09:59:29 +02:00
memmove_64.S
memset_64.S
misc.c
mmx_32.c
msr-reg-export.c
msr-reg.S
msr-smp.c x86/msr: Make rdmsrl_safe_on_cpu() scheduling safe as well 2018-03-28 10:34:13 +02:00
msr.c
putuser.S
retpoline.S Revert "x86/retpoline: Simplify vmexit_fill_RSB()" 2018-02-20 09:38:26 +01:00
rwsem.S
string_32.c
strstr_32.c
usercopy_32.c x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec 2018-01-30 21:54:31 +01:00
usercopy_64.c Merge branch 'x86-dax-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-06-04 19:23:13 -07:00
usercopy.c x86/nmi: Fix NMI uaccess race against CR3 switching 2018-08-31 17:08:22 +02:00
x86-opcode-map.txt