[PATCH 12/24] powerpc/mm: Fix reporting of kernel execute faults

Benjamin Herrenschmidt benh at kernel.crashing.org
Wed Nov 7 21:39:44 AEDT 2018


On Wed, 2018-11-07 at 09:35 +0100, Christophe LEROY wrote:
> Hi Ben,
> 
> I have an issue on the 8xx with this change

Ah ouch...

 .../...
  
> > +/* Is this a bad kernel fault ? */
> > +static bool bad_kernel_fault(bool is_exec, unsigned long error_code,
> > +			     unsigned long address)
> > +{
> > +	if (is_exec && (error_code & (DSISR_NOEXEC_OR_G | DSISR_KEYFAULT))) {
> 
> Do you mind if we had DSISR_PROTFAULT here as well ?

Off the top of my mind, I don't see a problem with that... but it would
definitely require an explanation comment.

> > +		printk_ratelimited(KERN_CRIT "kernel tried to execute"
> > +				   " exec-protected page (%lx) -"
> > +				   "exploit attempt? (uid: %d)\n",
> > +				   address, from_kuid(&init_user_ns,
> > +						      current_uid()));
> > +	}
> > +	return is_exec || (address >= TASK_SIZE);
> > +}
> > +
> >   /*
> >    * Define the correct "is_write" bit in error_code based
> >    * on the processor family
> > @@ -252,7 +266,7 @@ static int __do_page_fault(struct pt_regs *regs, unsigned long address,
> >   	 * The kernel should never take an execute fault nor should it
> >   	 * take a page fault to a kernel address.
> >   	 */
> > -	if (!is_user && (is_exec || (address >= TASK_SIZE)))
> > +	if (unlikely(!is_user && bad_kernel_fault(is_exec, error_code, address)))
> >   		return SIGSEGV;
> >   
> >   	/* We restore the interrupt state now */
> > @@ -491,11 +505,6 @@ static int __do_page_fault(struct pt_regs *regs, unsigned long address,
> >   		return 0;
> >   	}
> >   
> > -	if (is_exec && (error_code & DSISR_PROTFAULT))
> > -		printk_ratelimited(KERN_CRIT "kernel tried to execute NX-protected"
> > -				   " page (%lx) - exploit attempt? (uid: %d)\n",
> > -				   address, from_kuid(&init_user_ns, current_uid()));
> > -
> >   	return SIGSEGV;
> >   }
> >   NOKPROBE_SYMBOL(__do_page_fault);
> > 



More information about the Linuxppc-dev mailing list