2
0
mirror of https://github.com/edk2-porting/linux-next.git synced 2024-12-23 12:43:55 +08:00
linux-next/security
Joerg Roedel 61a6bd83ab Revert "x86/mm/legacy: Populate the user page-table with user pgd's"
This reverts commit 1f40a46cf4.

It turned out that this patch is not sufficient to enable PTI on 32 bit
systems with legacy 2-level page-tables. In this paging mode the huge-page
PTEs are in the top-level page-table directory, where also the mirroring to
the user-space page-table happens. So every huge PTE exits twice, in the
kernel and in the user page-table.

That means that accessed/dirty bits need to be fetched from two PTEs in
this mode to be safe, but this is not trivial to implement because it needs
changes to generic code just for the sake of enabling PTI with 32-bit
legacy paging. As all systems that need PTI should support PAE anyway,
remove support for PTI when 32-bit legacy paging is used.

Fixes: 7757d607c6 ('x86/pti: Allow CONFIG_PAGE_TABLE_ISOLATION for x86_32')
Reported-by: Meelis Roos <mroos@linux.ee>
Signed-off-by: Joerg Roedel <jroedel@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: hpa@zytor.com
Cc: linux-mm@kvack.org
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Link: https://lkml.kernel.org/r/1536922754-31379-1-git-send-email-joro@8bytes.org
2018-09-14 17:08:45 +02:00
..
apparmor apparmor: fix bad debug check in apparmor_secid_to_secctx() 2018-09-03 11:15:29 -07:00
integrity Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2018-08-15 22:54:12 -07:00
keys uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name 2018-09-04 16:45:02 -07:00
loadpin module: replace the existing LSM hook in init_module 2018-07-16 12:31:57 -07:00
selinux Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-08-15 15:04:25 -07:00
smack Merge branch 'next-smack' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2018-08-15 22:49:04 -07:00
tomoyo Kbuild updates for v4.19 2018-08-15 12:09:03 -07:00
yama pids: introduce find_get_task_by_vpid() helper 2018-02-06 18:32:46 -08:00
commoncap.c cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias() 2018-08-11 02:05:53 -05:00
device_cgroup.c docs: fix broken references with multiple hints 2018-06-15 18:10:01 -03:00
inode.c securityfs: add the ability to support symlinks 2017-06-08 12:51:43 -07:00
Kconfig Revert "x86/mm/legacy: Populate the user page-table with user pgd's" 2018-09-14 17:08:45 +02:00
lsm_audit.c audit: use inline function to get audit context 2018-05-14 17:24:18 -04:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
min_addr.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
security.c init: allow initcall tables to be emitted using relative references 2018-08-22 10:52:47 -07:00