Re: [PATCH] arm64: efi: Make runtime service wrapper more robust

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2 Dec 2022 at 00:45, Kees Cook <keescook@xxxxxxxxxxxx> wrote:
>
> On Mon, Nov 28, 2022 at 10:49:39AM +0100, Ard Biesheuvel wrote:
> > Prevent abuse of the runtime service wrapper code by avoiding restoring
> > the shadow call stack pointer from the ordinary stack, or the stack
> > pointer itself from a GPR. Also, given that the exception recovery
> > routine is never called in an ordinary way, it doesn't need BTI landing
> > pads so it can be SYM_CODE rather than SYM_FUNC.
>
> Does this mean x18 is now being spilled to the stack? (Do we already
> spill it in other places?)
>

I've found a better way of addressing this, by moving this code out of
the kernel .text mapping entirely, and only mapping it executable in
the EFI page tables (which are only active while a runtime service
call is in progress, and only on a single CPU running with preemption
disabled)

https://git.kernel.org/pub/scm/linux/kernel/git/efi/efi.git/commit/?id=47f68266d6ad94860c6cd9d2145cb91350b47e43



[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux