redonkable
/
remarkable-linux
1
0
Fork 0
Code Releases Activity
Fork of reMarkable kernel https://github.com/reMarkable/linux
840,999 Commits
26 Branches
0 Tags
2.7 GiB
C 97.7%
Assembly 1.6%
Makefile 0.3%
Perl 0.1%
 
 
 
 
Go to file
Kees Cook 06b32fdb03 lkdtm: Check for SMEP clearing protections 
This adds an x86-specific test for pinned cr4 bits. A successful test
will validate pinning and check the ROP-style call-middle-of-function
defense, if needed. For example, in the case of native_write_cr4()
looking like this:

ffffffff8171bce0 <native_write_cr4>:
ffffffff8171bce0:       48 8b 35 79 46 f2 00    mov    0xf24679(%rip),%rsi
ffffffff8171bce7:       48 09 f7                or     %rsi,%rdi
ffffffff8171bcea:       0f 22 e7                mov    %rdi,%cr4
...
ffffffff8171bd5a:       c3                      retq

The UNSET_SMEP test will jump to ffffffff8171bcea (the mov to cr4)
instead of ffffffff8171bce0 (native_write_cr4() entry) to simulate a
direct-call bypass attempt.

Expected successful results:

  # echo UNSET_SMEP > /sys/kernel/debug/provoke-crash/DIRECT
  # dmesg
  [   79.594433] lkdtm: Performing direct entry UNSET_SMEP
  [   79.596459] lkdtm: trying to clear SMEP normally
  [   79.598406] lkdtm: ok: SMEP did not get cleared
  [   79.599981] lkdtm: trying to clear SMEP with call gadget
  [   79.601810] ------------[ cut here ]------------
  [   79.603421] Attempt to unpin cr4 bits: 100000; bypass attack?!
  ...
  [   79.650170] ---[ end trace 2452ca0f6126242e ]---
  [   79.650937] lkdtm: ok: SMEP removal was reverted

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2019-06-23 07:05:56 +02:00
Documentation dt-bindings: memory: jz4780: Add compatible string for JZ4740 SoC 2019-06-21 16:08:19 +02:00
LICENSES LICENSES: Rename other to deprecated 2019-05-03 06:34:32 -06:00
arch s390 updates for 5.2-rc4 2019-06-08 13:12:54 -07:00
block block, bfq: add weight symlink to the bfq.weight cgroup parameter 2019-06-07 01:29:40 -06:00
certs treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36 2019-05-24 17:27:11 +02:00
crypto SPDX update for 5.2-rc4 2019-06-08 12:52:42 -07:00
drivers lkdtm: Check for SMEP clearing protections 2019-06-23 07:05:56 +02:00
fs Merge 5.2-rc4 into char-misc-next 2019-06-09 09:11:21 +02:00
include VMCI: Fix integer overflow in VMCI handle arrays 2019-06-21 16:04:05 +02:00
init Char/Misc driver fixes for 5.2-rc4 2019-06-08 12:50:36 -07:00
ipc treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
kernel SPDX update for 5.2-rc4 2019-06-08 12:52:42 -07:00
lib fonts: Prefer a bigger font for high resolution screens 2019-06-20 10:11:24 +02:00
mm Merge 5.2-rc4 into char-misc-next 2019-06-09 09:11:21 +02:00
net SPDX update for 5.2-rc4 2019-06-08 12:52:42 -07:00
samples SPDX update for 5.2-rc4 2019-06-08 12:52:42 -07:00
scripts SPDX update for 5.2-rc4 2019-06-08 12:52:42 -07:00
security treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
sound treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
tools SPDX update for 5.2-rc4 2019-06-08 12:52:42 -07:00
usr user/Makefile: Fix typo and capitalization in comment section 2018-12-11 00:18:03 +09:00
virt treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 333 2019-06-05 17:37:06 +02:00
.clang-format Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-04-17 11:26:25 -07:00
.cocciconfig scripts: add Linux .cocciconfig for coccinelle 2016-07-22 12:13:39 +02:00
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl 2019-05-16 10:53:40 -07:00
.gitattributes .gitattributes: set git diff driver for C source code files 2016-10-07 18:46:30 -07:00
.gitignore .gitignore: exclude .get_maintainer.ignore and .gitattributes 2019-05-18 11:49:54 +09:00
.mailmap A reasonably busy cycle for docs, including: 2019-05-08 12:42:50 -07:00
COPYING COPYING: use the new text with points to the license files 2018-03-23 12:41:45 -06:00
CREDITS MAINTAINERS: Farewell Martin Schwidefsky 2019-05-31 10:14:11 +02:00
Kbuild Kbuild updates for v5.1 2019-03-10 17:48:21 -07:00
Kconfig kconfig: move the "Executable file formats" menu to fs/Kconfig.binfmt 2018-08-02 08:06:55 +09:00
MAINTAINERS MAINTAINERS: fpga: hand off maintainership to Moritz 2019-06-18 09:18:09 +02:00
Makefile Linux 5.2-rc4 2019-06-08 20:24:46 -07:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.