x86/pti: Disallow global kernel text with RANDSTRUCT
commit 26d35ca6c3776784f8156e1d6f80cc60d9a2a915
RANDSTRUCT derives its hardening benefits from the attacker's lack of
knowledge about the layout of kernel data structures. Keep the kernel
image non-global in cases where RANDSTRUCT is in use to help keep the
layout a secret.
Fixes: 8c06c7740
(x86/pti: Leave kernel text global for !PCID)
Reported-by: Kees Cook <keescook@google.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Ingo Molnar <mingo@kernel.org>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Juergen Gross <jgross@suse.com>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: Hugh Dickins <hughd@google.com>
Cc: linux-mm@kvack.org
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Nadav Amit <namit@vmware.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Arjan van de Ven <arjan@linux.intel.com>
Cc: Vlastimil Babka <vbabka@suse.cz>
Link: https://lkml.kernel.org/r/20180420222026.D0B4AAC9@viggo.jf.intel.com
This commit is contained in:
parent
a44ca8f5a3
commit
b7c21bc56f
|
@ -421,6 +421,16 @@ static inline bool pti_kernel_image_global_ok(void)
|
|||
if (boot_cpu_has(X86_FEATURE_K8))
|
||||
return false;
|
||||
|
||||
/*
|
||||
* RANDSTRUCT derives its hardening benefits from the
|
||||
* attacker's lack of knowledge about the layout of kernel
|
||||
* data structures. Keep the kernel image non-global in
|
||||
* cases where RANDSTRUCT is in use to help keep the layout a
|
||||
* secret.
|
||||
*/
|
||||
if (IS_ENABLED(CONFIG_GCC_PLUGIN_RANDSTRUCT))
|
||||
return false;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue