[amd64] Don't WARN about expected W+X pages on Xen (see #852324)
This commit is contained in:
parent
8851d0b7ac
commit
4c22453363
|
@ -147,6 +147,7 @@ linux (4.9.14-1) UNRELEASED; urgency=medium
|
|||
* Ignore ABI changes in rds and ufshcd, not useful to OOT modules
|
||||
* ucount: Remove the atomicity from ucount->count (CVE-2017-6874)
|
||||
* userns: Avoid ABI change for CVE-2017-6874 fix
|
||||
* [amd64] Don't WARN about expected W+X pages on Xen (see #852324)
|
||||
|
||||
[ Salvatore Bonaccorso ]
|
||||
* ACPI / EC: Use busy polling mode when GPE is not enabled.
|
||||
|
|
32
debian/patches/debian/amd64-don-t-warn-about-expected-w+x-pages-on-xen.patch
vendored
Normal file
32
debian/patches/debian/amd64-don-t-warn-about-expected-w+x-pages-on-xen.patch
vendored
Normal file
|
@ -0,0 +1,32 @@
|
|||
From: Ben Hutchings <ben@decadent.org.uk>
|
||||
Date: Thu, 16 Mar 2017 03:05:43 +0000
|
||||
Subject: [amd64] Don't WARN about expected W+X pages on Xen
|
||||
Bug-Debian: https://bugs.debian.org/852324
|
||||
Forwarded: not-needed
|
||||
|
||||
Currently Xen PV domains (or at least dom0) on amd64 tend to have a
|
||||
large number of low kernel pages with W+X permissions. It's not
|
||||
obvious how to fix this, and we're not going to get any new
|
||||
information by WARNing about this, but we do still want to hear about
|
||||
other W+X cases. So add a condition to the WARN_ON.
|
||||
|
||||
---
|
||||
--- a/arch/x86/mm/dump_pagetables.c
|
||||
+++ b/arch/x86/mm/dump_pagetables.c
|
||||
@@ -17,6 +17,7 @@
|
||||
#include <linux/init.h>
|
||||
#include <linux/sched.h>
|
||||
#include <linux/seq_file.h>
|
||||
+#include <xen/xen.h>
|
||||
|
||||
#include <asm/pgtable.h>
|
||||
|
||||
@@ -220,7 +221,7 @@ static void note_page(struct seq_file *m
|
||||
pgprotval_t pr = pgprot_val(st->current_prot);
|
||||
|
||||
if (st->check_wx && (pr & _PAGE_RW) && !(pr & _PAGE_NX)) {
|
||||
- WARN_ONCE(1,
|
||||
+ WARN_ONCE(!(IS_ENABLED(CONFIG_X86_64) && xen_pv_domain()),
|
||||
"x86/mm: Found insecure W+X mapping at address %p/%pS\n",
|
||||
(void *)st->start_address,
|
||||
(void *)st->start_address);
|
|
@ -46,6 +46,9 @@ bugfix/x86/viafb-autoload-on-olpc-xo1.5-only.patch
|
|||
# Taint if dangerous features are used
|
||||
debian/fanotify-taint-on-use-of-fanotify_access_permissions.patch
|
||||
|
||||
# Reduce noise for bug #852324
|
||||
debian/amd64-don-t-warn-about-expected-w+x-pages-on-xen.patch
|
||||
|
||||
# Arch bug fixes
|
||||
bugfix/x86/asoc-intel-select-dw_dmac_core-since-it-s-mandatory.patch
|
||||
bugfix/x86/platform-x86-acer-wmi-setup-accelerometer-when-machi.patch
|
||||
|
|
Loading…
Reference in New Issue