Received: by 2002:a25:2c96:0:0:0:0:0 with SMTP id s144csp1618619ybs; Mon, 25 May 2020 22:32:48 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyNeM/kYWoT4qS/7hOPxH8OMnckutqHLcfOjNmDSF6y4H2p2I3rj0WIZcic1IaIW8DDGSlC X-Received: by 2002:a17:906:dc2:: with SMTP id p2mr21303473eji.212.1590471168539; Mon, 25 May 2020 22:32:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1590471168; cv=none; d=google.com; s=arc-20160816; b=iKN7qWVayIS0eDt6QhYenooHQF5+pmtzCuaFYjfSaBDqzLkN5goFo0D7/2GExI+p0Z hdQXUaeIMSDzNTKCOLq8zB2hJVzrkOzc9DRaKMlMzkLsGrO/5HPnX9BB7IbnA+/tKRHJ 8AJHajXchS3PSvh8q3uJmjN/1tHVqDk/308MGRN0Al0kH6rvSZLQsuEIZMbyJPZBDHlG ojbcYBxuoLTj/686F3iBVIX+n5yqyJ67n0mEjF3woO6LG9S0qyhQn0TQNgGRDzbxu6cu alUIDjlY8Hlf39U72gecsargdmCYP9sZit/S+8Ep97RRqik4pGLPcDODZ1CLQIW0oEGs kwow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:ironport-sdr:ironport-sdr; bh=qNXYP5fTYc7X81ds1t3hEYOqgLu7QNSvsAmk1TDsRWs=; b=N0Lj6n0IWzieh3EYPXDg0UB55ZuTJfZ/sNrjJu9OJgebJy1UctypNQk2pZWJeIQsLx lTXrsOj2Qf9E7EJObR7/4yZ4hdIVil8BFdD/SpR4HW/sZaEKksUymm2o+fXSLR4RGA2m CLvHbI9ggD/cFeGYacCe+CcOOzdLMpABFJeJwm3mOSqmNTtjfJb+wzTKBu4d2OiSTH8d w7cwwAKL1KFUA+hccS/9jvf4r7T5rIaYuebczNo4952op69ZJdPcoL0g6ITmrUJwqbD3 iMbKGduRBycBSU+d8zG/FfZBMa202F3WJmtrA3qj9cDJqN9yV8hhVz7UtP+INXNNZaB9 cEHQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id nu20si11432959ejb.186.2020.05.25.22.32.25; Mon, 25 May 2020 22:32:48 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726207AbgEZF2v (ORCPT + 99 others); Tue, 26 May 2020 01:28:51 -0400 Received: from mga05.intel.com ([192.55.52.43]:37666 "EHLO mga05.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725771AbgEZF2u (ORCPT ); Tue, 26 May 2020 01:28:50 -0400 IronPort-SDR: R2KPo5WOs7BOqmxknrE1BqnD6MeX6wez7QPVTNsYoy4PeRLXOP8RzxKaRRTlZtLqCpUmQ884iA mrTxho32bMyw== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga003.jf.intel.com ([10.7.209.27]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 May 2020 22:28:50 -0700 IronPort-SDR: PXyP/aEXuYvGVakR4IXAMHD2zuHe9IytR1+X3zCVrRkeyj65kZoSgTG/yPOHnW3ORzNr76Qq3V TYIDCPiYbDwQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.73,436,1583222400"; d="scan'208";a="266334379" Received: from tassilo.jf.intel.com (HELO tassilo.localdomain) ([10.7.201.21]) by orsmga003.jf.intel.com with ESMTP; 25 May 2020 22:28:50 -0700 Received: by tassilo.localdomain (Postfix, from userid 1000) id F2932301C5E; Mon, 25 May 2020 22:28:49 -0700 (PDT) From: Andi Kleen To: x86@kernel.org Cc: keescook@chromium.org, linux-kernel@vger.kernel.org, sashal@kernel.org, Andi Kleen , stable@vger.kernel.org Subject: [PATCH v1] x86: Pin cr4 FSGSBASE Date: Mon, 25 May 2020 22:28:48 -0700 Message-Id: <20200526052848.605423-1-andi@firstfloor.org> X-Mailer: git-send-email 2.25.4 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Andi Kleen Since there seem to be kernel modules floating around that set FSGSBASE incorrectly, prevent this in the CR4 pinning. Currently CR4 pinning just checks that bits are set, this also checks that the FSGSBASE bit is not set, and if it is clears it again. Note this patch will need to be undone when the full FSGSBASE patches are merged. But it's a reasonable solution for v5.2+ stable at least. Sadly the older kernels don't have the necessary infrastructure for this (although a simpler version of this could be added there too) Cc: stable@vger.kernel.org # v5.2+ Signed-off-by: Andi Kleen --- arch/x86/kernel/cpu/common.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index bed0cb83fe24..1f5b7871ae9a 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -385,6 +385,11 @@ void native_write_cr4(unsigned long val) /* Warn after we've set the missing bits. */ WARN_ONCE(bits_missing, "CR4 bits went missing: %lx!?\n", bits_missing); + if (val & X86_CR4_FSGSBASE) { + WARN_ONCE(1, "CR4 unexpectedly set FSGSBASE!?\n"); + val &= ~X86_CR4_FSGSBASE; + goto set_register; + } } } EXPORT_SYMBOL(native_write_cr4); -- 2.25.4