diff options
| author | Kirill A. Shutemov <[email protected]> | 2018-10-26 12:28:55 +0000 |
|---|---|---|
| committer | Thomas Gleixner <[email protected]> | 2018-11-06 20:35:11 +0000 |
| commit | a0e6e0831c516860fc7f9be1db6c081fe902ebcf (patch) | |
| tree | 4ab250ebf9add4debdd238e620fe15b3838db159 /tools/perf/scripts/python/mem-phys-addr.py | |
| parent | x86/mm: Move LDT remap out of KASLR region on 5-level paging (diff) | |
| download | kernel-a0e6e0831c516860fc7f9be1db6c081fe902ebcf.tar.gz kernel-a0e6e0831c516860fc7f9be1db6c081fe902ebcf.zip | |
x86/ldt: Unmap PTEs for the slot before freeing LDT pages
modify_ldt(2) leaves the old LDT mapped after switching over to the new
one. The old LDT gets freed and the pages can be re-used.
Leaving the mapping in place can have security implications. The mapping is
present in the userspace page tables and Meltdown-like attacks can read
these freed and possibly reused pages.
It's relatively simple to fix: unmap the old LDT and flush TLB before
freeing the old LDT memory.
This further allows to avoid flushing the TLB in map_ldt_struct() as the
slot is unmapped and flushed by unmap_ldt_struct() or has never been mapped
at all.
[ tglx: Massaged changelog and removed the needless line breaks ]
Fixes: f55f0501cbf6 ("x86/pti: Put the LDT in its own PGD if PTI is on")
Signed-off-by: Kirill A. Shutemov <[email protected]>
Signed-off-by: Thomas Gleixner <[email protected]>
Cc: [email protected]
Cc: [email protected]
Cc: [email protected]
Cc: [email protected]
Cc: [email protected]
Cc: [email protected]
Cc: [email protected]
Cc: [email protected]
Cc: [email protected]
Cc: [email protected]
Cc: [email protected]
Link: https://lkml.kernel.org/r/[email protected]
Diffstat (limited to 'tools/perf/scripts/python/mem-phys-addr.py')
0 files changed, 0 insertions, 0 deletions