• Kees Cook's avatar
    x86: Use a read-only IDT alias on all CPUs · 4eefbe79
    Kees Cook authored
    Make a copy of the IDT (as seen via the "sidt" instruction) read-only.
    This primarily removes the IDT from being a target for arbitrary memory
    write attacks, and has the added benefit of also not leaking the kernel
    base offset, if it has been relocated.
    
    We already did this on vendor == Intel and family == 5 because of the
    F0 0F bug -- regardless of if a particular CPU had the F0 0F bug or
    not.  Since the workaround was so cheap, there simply was no reason to
    be very specific.  This patch extends the readonly alias to all CPUs,
    but does not activate the #PF to #UD conversion code needed to deliver
    the proper exception in the F0 0F case except on Intel family 5
    processors.
    Signed-off-by: default avatarKees Cook <keescook@chromium.org>
    Link: http://lkml.kernel.org/r/20130410192422.GA17344@www.outflux.net
    Cc: Eric Northup <digitaleric@google.com>
    Signed-off-by: default avatarH. Peter Anvin <hpa@linux.intel.com>
    4eefbe79
fixmap.h 7.06 KB