From: Dave Hansen <[email protected]> The IDT table it references are another structure where the CPU references a virtual address. It also obviously needs these to handle an interrupt in userspace, so these need to be mapped into the user copy of the page tables.
Signed-off-by: Dave Hansen <[email protected]> Cc: Moritz Lipp <[email protected]> Cc: Daniel Gruss <[email protected]> Cc: Michael Schwarz <[email protected]> Cc: Richard Fellner <[email protected]> Cc: Andy Lutomirski <[email protected]> Cc: Linus Torvalds <[email protected]> Cc: Kees Cook <[email protected]> Cc: Hugh Dickins <[email protected]> Cc: [email protected] --- b/arch/x86/mm/kaiser.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff -puN arch/x86/mm/kaiser.c~kaiser-user-map-trace-and-debug-idt arch/x86/mm/kaiser.c --- a/arch/x86/mm/kaiser.c~kaiser-user-map-trace-and-debug-idt 2017-11-08 10:45:35.124681380 -0800 +++ b/arch/x86/mm/kaiser.c 2017-11-08 10:45:35.127681380 -0800 @@ -275,6 +275,14 @@ int kaiser_add_user_map_ptrs(const void flags); } +static int kaiser_user_map_ptr_early(const void *start_addr, unsigned long size, + unsigned long flags) +{ + int ret = kaiser_add_user_map(start_addr, size, flags); + WARN_ON(ret); + return ret; +} + /* * Ensure that the top level of the (shadow) page tables are * entirely populated. This ensures that all processes that get @@ -363,6 +371,10 @@ void __init kaiser_init(void) sizeof(gate_desc) * NR_VECTORS, __PAGE_KERNEL_RO | _PAGE_GLOBAL); + kaiser_user_map_ptr_early(&debug_idt_table, + sizeof(gate_desc) * NR_VECTORS, + __PAGE_KERNEL | _PAGE_GLOBAL); + /* * We could theoretically do this in setup_fixmap_gdt(). * But, we would need to rewrite the above page table _
