4.4-stable patches

added patches:
	vsyscall-fix-permissions-for-emulate-mode-with-kaiser-pti.patch

diff --git a/queue-4.4/series b/queue-4.4/series
index 4e23a80260372f38ffea4bf43396d2e3581846b0..d04ce54e82d667f30982e9707f087d4d89d26ac6 100644 (file)
--- a/queue-4.4/series
+++ b/queue-4.4/series
@@ -51,3 +51,4 @@ usbip-fix-stub_rx-get_pipe-to-validate-endpoint-number.patch
 usbip-fix-stub_rx-harden-cmd_submit-path-to-handle-malicious-input.patch
 usbip-prevent-leaking-socket-pointer-address-in-messages.patch
 um-link-vmlinux-with-no-pie.patch
+vsyscall-fix-permissions-for-emulate-mode-with-kaiser-pti.patch

diff --git a/queue-4.4/vsyscall-fix-permissions-for-emulate-mode-with-kaiser-pti.patch b/queue-4.4/vsyscall-fix-permissions-for-emulate-mode-with-kaiser-pti.patch
new file mode 100644 (file)
index 0000000..9df924d
--- /dev/null
+++ b/queue-4.4/vsyscall-fix-permissions-for-emulate-mode-with-kaiser-pti.patch
@@ -0,0 +1,70 @@
+From ben.hutchings@codethink.co.uk  Fri Jan 26 17:35:59 2018
+From: Ben Hutchings <ben.hutchings@codethink.co.uk>
+Date: Fri, 26 Jan 2018 16:23:02 +0000
+Subject: vsyscall: Fix permissions for emulate mode with KAISER/PTI
+To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Cc: Borislav Petkov <bp@suse.de>, Hugh Dickins <hughd@google.com>, stable@vger.kernel.org
+Message-ID: <20180126162302.ei4tmiltl73npmr6@xylophone.i.decadent.org.uk>
+
+From: Ben Hutchings <ben.hutchings@codethink.co.uk>
+
+The backport of KAISER to 4.4 turned vsyscall emulate mode into native
+mode.  Add a vsyscall_pgprot variable to hold the correct page
+protections, like Borislav and Hugh did for 3.2 and 3.18.
+
+Cc: Borislav Petkov <bp@suse.de>
+Cc: Hugh Dickins <hughd@google.com>
+Signed-off-by: Ben Hutchings <ben.hutchings@codethink.co.uk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/entry/vsyscall/vsyscall_64.c |    7 ++++---
+ arch/x86/include/asm/vsyscall.h       |    1 +
+ arch/x86/mm/kaiser.c                  |    2 +-
+ 3 files changed, 6 insertions(+), 4 deletions(-)
+
+--- a/arch/x86/entry/vsyscall/vsyscall_64.c
++++ b/arch/x86/entry/vsyscall/vsyscall_64.c
+@@ -46,6 +46,7 @@ static enum { EMULATE, NATIVE, NONE } vs
+ #else
+       EMULATE;
+ #endif
++unsigned long vsyscall_pgprot = __PAGE_KERNEL_VSYSCALL;
+ 
+ static int __init vsyscall_setup(char *str)
+ {
+@@ -336,11 +337,11 @@ void __init map_vsyscall(void)
+       extern char __vsyscall_page;
+       unsigned long physaddr_vsyscall = __pa_symbol(&__vsyscall_page);
+ 
++      if (vsyscall_mode != NATIVE)
++              vsyscall_pgprot = __PAGE_KERNEL_VVAR;
+       if (vsyscall_mode != NONE)
+               __set_fixmap(VSYSCALL_PAGE, physaddr_vsyscall,
+-                           vsyscall_mode == NATIVE
+-                           ? PAGE_KERNEL_VSYSCALL
+-                           : PAGE_KERNEL_VVAR);
++                           __pgprot(vsyscall_pgprot));
+ 
+       BUILD_BUG_ON((unsigned long)__fix_to_virt(VSYSCALL_PAGE) !=
+                    (unsigned long)VSYSCALL_ADDR);
+--- a/arch/x86/include/asm/vsyscall.h
++++ b/arch/x86/include/asm/vsyscall.h
+@@ -13,6 +13,7 @@ extern void map_vsyscall(void);
+  */
+ extern bool emulate_vsyscall(struct pt_regs *regs, unsigned long address);
+ extern bool vsyscall_enabled(void);
++extern unsigned long vsyscall_pgprot;
+ #else
+ static inline void map_vsyscall(void) {}
+ static inline bool emulate_vsyscall(struct pt_regs *regs, unsigned long address)
+--- a/arch/x86/mm/kaiser.c
++++ b/arch/x86/mm/kaiser.c
+@@ -345,7 +345,7 @@ void __init kaiser_init(void)
+       if (vsyscall_enabled())
+               kaiser_add_user_map_early((void *)VSYSCALL_ADDR,
+                                         PAGE_SIZE,
+-                                         __PAGE_KERNEL_VSYSCALL);
++                                        vsyscall_pgprot);
+ 
+       for_each_possible_cpu(cpu) {
+               void *percpu_vaddr = __per_cpu_user_mapped_start +