// SPDX-License-Identifier: GPL-2.0-only /* ----------------------------------------------------------------------- * * * Copyright 2014 Intel Corporation; author: H. Peter Anvin * * ----------------------------------------------------------------------- */ /* * The IRET instruction, when returning to a 16-bit segment, only * restores the bottom 16 bits of the user space stack pointer. This * causes some 16-bit software to break, but it also leaks kernel state * to user space. * * This works around this by creating percpu "ministacks", each of which * is mapped 2^16 times 64K apart. When we detect that the return SS is * on the LDT, we copy the IRET frame to the ministack and use the * relevant alias to return to userspace. The ministacks are mapped * readonly, so if the IRET fault we promote #GP to #DF which is an IST * vector and thus has its own stack; we then do the fixup in the #DF * handler. * * This file sets up the ministacks and the related page tables. The * actual ministack invocation is in entry_64.S. */ #include <linux/init.h> #include <linux/init_task.h> #include <linux/kernel.h> #include <linux/percpu.h> #include <linux/gfp.h> #include <linux/random.h> #include <linux/pgtable.h> #include <asm/pgalloc.h> #include <asm/setup.h> #include <asm/espfix.h> /* * Note: we only need 6*8 = 48 bytes for the espfix stack, but round * it up to a cache line to avoid unnecessary sharing. */ #define ESPFIX_STACK_SIZE … #define ESPFIX_STACKS_PER_PAGE … /* There is address space for how many espfix pages? */ #define ESPFIX_PAGE_SPACE … #define ESPFIX_MAX_CPUS … #if CONFIG_NR_CPUS > ESPFIX_MAX_CPUS # error "Need more virtual address space for the ESPFIX hack" #endif #define PGALLOC_GFP … /* This contains the *bottom* address of the espfix stack */ DEFINE_PER_CPU_READ_MOSTLY(unsigned long, espfix_stack); DEFINE_PER_CPU_READ_MOSTLY(unsigned long, espfix_waddr); /* Initialization mutex - should this be a spinlock? */ static DEFINE_MUTEX(espfix_init_mutex); /* Page allocation bitmap - each page serves ESPFIX_STACKS_PER_PAGE CPUs */ #define ESPFIX_MAX_PAGES … static void *espfix_pages[ESPFIX_MAX_PAGES]; static __page_aligned_bss pud_t espfix_pud_page[PTRS_PER_PUD] __aligned(…); static unsigned int page_random, slot_random; /* * This returns the bottom address of the espfix stack for a specific CPU. * The math allows for a non-power-of-two ESPFIX_STACK_SIZE, in which case * we have to account for some amount of padding at the end of each page. */ static inline unsigned long espfix_base_addr(unsigned int cpu) { … } #define PTE_STRIDE … #define ESPFIX_PTE_CLONES … #define ESPFIX_PMD_CLONES … #define ESPFIX_PUD_CLONES … #define PGTABLE_PROT … static void init_espfix_random(void) { … } void __init init_espfix_bsp(void) { … } void init_espfix_ap(int cpu) { … }
Codebase Browser
linux