x86/mm: Do not shuffle CPU entry areas without KASLR
The commit 97e3d26b5e5f ("x86/mm: Randomize per-cpu entry area") fixed
an omission of KASLR on CPU entry areas. It doesn't take into account
KASLR switches though, which may result in unintended non-determinism
when a user wants to avoid it (e.g. debugging, benchmarking).
Generate only a single combination of CPU entry areas offsets -- the
linear array that existed prior randomization when KASLR is turned off.
Since we have 3f148f331814 ("x86/kasan: Map shadow for percpu pages on
demand") and followups, we can use the more relaxed guard
kasrl_enabled() (in contrast to kaslr_memory_enabled()).
BUG=b/293702795
TEST=presubmit
RELEASE_NOTE=Fixed CVE-2023-0597 in the Linux kernel.
Fixes: 97e3d26b5e5f ("x86/mm: Randomize per-cpu entry area")
Signed-off-by: Michal Koutný <mkoutny@suse.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/all/20230306193144.24605-1-mkoutny%40suse.com
CVE-2023-0597
(cherry picked from commit a3f547addcaa10df5a226526bc9e2d9a94542344)
cos-patch: security-moderate
Signed-off-by: Cengiz Can <cengiz.can@canonical.com>
Acked-by: Tim Gardner <tim.gardner@canonical.com>
Acked-by: Andrei Gherzan <andrei.gherzan@canonical.com>
Signed-off-by: Luke Nowakowski-Krijger <luke.nowakowskikrijger@canonical.com>
Change-Id: I80816cb87df1070a1c94f6aec544198adad11beb
Reviewed-on: https://cos-review.googlesource.com/c/third_party/kernel/+/78813
Reviewed-by: Arnav Kansal <rnv@google.com>
Reviewed-by: Kevin Berry <kpberry@google.com>
Main-Branch-Verified: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
Tested-by: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
1 file changed
