mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-24 11:25:43 +00:00
Code Issues Releases Wiki Activity
linux-stable/Documentation
History
Ruihan Li 08378f0314 mm: page_table_check: Make it dependent on EXCLUSIVE_SYSTEM_RAM 
commit 81a31a860b upstream.

Without EXCLUSIVE_SYSTEM_RAM, users are allowed to map arbitrary
physical memory regions into the userspace via /dev/mem. At the same
time, pages may change their properties (e.g., from anonymous pages to
named pages) while they are still being mapped in the userspace, leading
to "corruption" detected by the page table check.

To avoid these false positives, this patch makes PAGE_TABLE_CHECK
depends on EXCLUSIVE_SYSTEM_RAM. This dependency is understandable
because PAGE_TABLE_CHECK is a hardening technique but /dev/mem without
STRICT_DEVMEM (i.e., !EXCLUSIVE_SYSTEM_RAM) is itself a security
problem.

Even with EXCLUSIVE_SYSTEM_RAM, I/O pages may be still allowed to be
mapped via /dev/mem. However, these pages are always considered as named
pages, so they won't break the logic used in the page table check.

Cc: <stable@vger.kernel.org> # 5.17
Signed-off-by: Ruihan Li <lrh2000@pku.edu.cn>
Acked-by: David Hildenbrand <david@redhat.com>
Acked-by: Pasha Tatashin <pasha.tatashin@soleen.com>
Link: https://lore.kernel.org/r/20230515130958.32471-4-lrh2000@pku.edu.cn
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-06-14 11:15:29 +02:00
..
ABI usb: gadget: uvc: Make bSourceID read/write 2023-03-11 13:55:38 +01:00
accounting
admin-guide mm: memcontrol: deprecate charge moving 2023-03-10 09:34:26 +01:00
arc
arm EFI updates for v6.1 2022-10-09 08:56:54 -07:00
arm64 irqchip/gicv3: Workaround for NVIDIA erratum T241-FABRIC-4 2023-05-24 17:32:36 +01:00
block blk-crypto: don't use struct request_queue for public interfaces 2023-05-11 23:03:00 +09:00
bpf bpf, docs: Fix modulo zero, division by zero, overflow, and underflow 2023-03-10 09:33:50 +01:00
cdrom
core-api overflow: Fix kern-doc markup for functions 2022-10-25 14:57:42 -07:00
cpu-freq
crypto
dev-tools docs/scripts/gdb: add necessary make scripts_gdb step 2023-03-10 09:33:58 +01:00
devicetree dt-bindings: usb: snps,dwc3: Fix "snps,hsphy_interface" type 2023-06-09 10:34:20 +02:00
doc-guide Rust introduction for v6.1-rc1 2022-10-03 16:39:37 -07:00
driver-api spi: Update reference to struct spi_controller 2022-12-31 13:32:06 +01:00
fault-injection debugfs: fix error when writing negative value to atomic_t debugfs file 2022-12-31 13:31:58 +01:00
fb Documentation: fb: udlfb: clean up text and formatting 2022-09-27 13:21:44 -06:00
features
filesystems docs: Correct missing "d_" prefix for dentry_operations member d_weak_revalidate 2023-03-22 13:33:40 +01:00
firmware-guide Merge branches 'acpi-misc', 'acpi-tools' and 'acpi-docs' 2022-10-03 20:03:49 +02:00
firmware_class
fpga
gpu drm/vmwgfx: Remove vmwgfx_hashtab 2023-01-18 11:58:28 +01:00
hid
hwmon hwmon: (ftsteutates) Fix scaling of measurements 2023-03-10 09:33:10 +01:00
i2c docs: i2c: slave-interface: return errno when handle I2C_SLAVE_WRITE_REQUESTED 2022-09-28 21:41:59 +02:00
ia64
iio
images
infiniband
input Merge branch 'next' into for-linus 2022-10-09 22:30:23 -07:00
isdn
kbuild Documentation: kbuild: Add description of git for reproducible builds 2022-10-28 00:16:29 +09:00
kernel-hacking Documentation: Fix spelling mistake in hacking.rst 2022-10-24 11:27:51 -06:00
leds
litmus-tests
livepatch
locking
loongarch docs/LoongArch: Add booting description 2022-12-08 14:59:15 +08:00
m68k
maintainer
mhi
mips
misc-devices
mm mm: page_table_check: Make it dependent on EXCLUSIVE_SYSTEM_RAM 2023-06-14 11:15:29 +02:00
netlabel
networking net/ipv4: ping_group_range: allow GID from 2147483648 to 4294967294 2023-06-14 11:15:16 +02:00
nios2
nvdimm
openrisc
parisc
PCI
pcmcia
peci
power
powerpc powerpc/64s: update cpu selection options 2022-09-28 19:22:10 +10:00
process Char/Misc driver fixes for 6.1-rc6 2022-11-18 10:29:25 -08:00
RCU There's not a huge amount of activity in the docs tree this time around, 2022-10-03 10:23:32 -07:00
riscv riscv: Move early dtb mapping into the fixmap region 2023-05-01 08:26:28 +09:00
rust x86: enable initial Rust support 2022-09-28 09:02:45 +02:00
s390 vfio/mdev: embedd struct mdev_parent in the parent data structure 2022-10-04 12:06:58 -06:00
scheduler
scsi
security KEYS: encrypted: fix key instantiation with user-provided data 2022-12-21 17:48:11 +01:00
sh
sound ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard 2023-04-20 12:35:05 +02:00
sparc
sphinx docs: Fix the docs build with Sphinx 6.0 2023-01-18 11:58:10 +01:00
sphinx-static
spi
staging docs: put atomic*.txt and memory-barriers.txt into the core-api book 2022-09-29 12:55:06 -06:00
target
timers
tools A handful of relatively simple documentation fixes, plus a set of patches 2022-10-13 10:58:32 -07:00
trace attr: use consistent sgid stripping checks 2023-03-03 11:52:25 +01:00
translations docs/zh_CN: Add LoongArch booting description's translation 2022-12-08 15:03:14 +08:00
usb
userspace-api media fixes for v6.1-rc2 2022-10-22 15:30:15 -07:00
virt KVM: s390: disable migration mode when dirty tracking is disabled 2023-03-10 09:34:05 +01:00
w1 Documentation: W1: minor typo corrections 2022-09-27 13:21:44 -06:00
watchdog
x86 x86/sev: Add SEV-SNP guest feature negotiation support 2023-02-01 08:34:50 +01:00
xtensa
.gitignore
arch.rst
atomic_bitops.txt
atomic_t.txt
Changes
CodingStyle
conf.py There's not a huge amount of activity in the docs tree this time around, 2022-10-03 10:23:32 -07:00
docutils.conf
dontdiff
index.rst Rust introduction for v6.1-rc1 2022-10-03 16:39:37 -07:00
Kconfig
Makefile
memory-barriers.txt
SubmittingPatches
subsystem-apis.rst docs: Rewrite the front page 2022-09-29 12:55:06 -06:00