On Mon, May 15, 2023 at 9:10 AM Ruihan Li <lrh2000@xxxxxxxxxx> wrote: > > Without EXCLUSIVE_SYSTEM_RAM, users are allowed to map arbitrary > physical memory regions into the userspace via /dev/mem. At the same > time, pages may change their properties (e.g., from anonymous pages to > named pages) while they are still being mapped in the userspace, leading > to "corruption" detected by the page table check. > > To avoid these false positives, this patch makes PAGE_TABLE_CHECK > depends on EXCLUSIVE_SYSTEM_RAM. This dependency is understandable > because PAGE_TABLE_CHECK is a hardening technique but /dev/mem without > STRICT_DEVMEM (i.e., !EXCLUSIVE_SYSTEM_RAM) is itself a security > problem. > > Even with EXCLUSIVE_SYSTEM_RAM, I/O pages may be still allowed to be > mapped via /dev/mem. However, these pages are always considered as named > pages, so they won't break the logic used in the page table check. > > Cc: <stable@xxxxxxxxxxxxxxx> # 5.17 > Signed-off-by: Ruihan Li <lrh2000@xxxxxxxxxx> Acked-by: Pasha Tatashin <pasha.tatashin@xxxxxxxxxx> Thank you, Pasha
