]> git.baikalelectronics.ru Git - kernel.git/commit
arm64: entry: Apply BP hardening for suspicious interrupts from EL0
authorWill Deacon <will.deacon@arm.com>
Fri, 2 Feb 2018 17:31:40 +0000 (17:31 +0000)
committerCatalin Marinas <catalin.marinas@arm.com>
Tue, 6 Feb 2018 22:53:46 +0000 (22:53 +0000)
commitd064277e7cb058d31f6555c20f72aaaa447abaa9
tree84996f5e1a90fe3e95cd54b821da1e624007970d
parent6a77cd868db983adee7f01ca0f6f3a72f4731b34
arm64: entry: Apply BP hardening for suspicious interrupts from EL0

It is possible to take an IRQ from EL0 following a branch to a kernel
address in such a way that the IRQ is prioritised over the instruction
abort. Whilst an attacker would need to get the stars to align here,
it might be sufficient with enough calibration so perform BP hardening
in the rare case that we see a kernel address in the ELR when handling
an IRQ from EL0.

Reported-by: Dan Hettena <dhettena@nvidia.com>
Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
arch/arm64/kernel/entry.S
arch/arm64/mm/fault.c