From 63c0fc38f67ff81c894df45de71bccdbe13f4059 Mon Sep 17 00:00:00 2001 From: Nikolay Borisov Date: Jan 30 2024 13:38:29 +0000 Subject: x86: Clear .brk area at early boot (git-fixes). --- diff --git a/patches.suse/x86-Clear-.brk-area-at-early-boot.patch b/patches.suse/x86-Clear-.brk-area-at-early-boot.patch new file mode 100644 index 0000000..7ab981f --- /dev/null +++ b/patches.suse/x86-Clear-.brk-area-at-early-boot.patch @@ -0,0 +1,40 @@ +From: Juergen Gross +Date: Thu, 30 Jun 2022 09:14:40 +0200 +Subject: x86: Clear .brk area at early boot +Git-commit: 38fa5479b41376dc9d7f57e71c83514285a25ca0 +Patch-mainline: v5.19-rc6 +References: git-fixes + +The .brk section has the same properties as .bss: it is an alloc-only +section and should be cleared before being used. + +Not doing so is especially a problem for Xen PV guests, as the +hypervisor will validate page tables (check for writable page tables +and hypervisor private bits) before accepting them to be used. + +Make sure .brk is initially zero by letting clear_bss() clear the brk +area, too. + +Signed-off-by: Juergen Gross +Signed-off-by: Borislav Petkov +Link: https://lore.kernel.org/r/20220630071441.28576-3-jgross@suse.com + +Acked-by: Nikolay Borisov +--- + arch/x86/kernel/head64.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c +index e7e233209a8c..6a3cfaf6b72a 100644 +--- a/arch/x86/kernel/head64.c ++++ b/arch/x86/kernel/head64.c +@@ -430,6 +430,8 @@ void __init clear_bss(void) + { + memset(__bss_start, 0, + (unsigned long) __bss_stop - (unsigned long) __bss_start); ++ memset(__brk_base, 0, ++ (unsigned long) __brk_limit - (unsigned long) __brk_base); + } + + static unsigned long get_cmd_line_ptr(void) + diff --git a/series.conf b/series.conf index d6056db..2b6b7f1 100644 --- a/series.conf +++ b/series.conf @@ -63408,6 +63408,7 @@ patches.suse/fbcon-Prevent-that-screen-size-is-smaller-than-font-.patch patches.suse/fbmem-Check-virtual-screen-sizes-in-fb_set_var.patch patches.suse/powerpc-powernv-delay-rng-platform-device-creation-u.patch + patches.suse/x86-Clear-.brk-area-at-early-boot.patch patches.suse/x86-cpufeatures-Move-RETPOLINE-flags-to-word-11.patch patches.suse/x86-retpoline-Use-mfunction-return.patch patches.suse/x86-Undo-return-thunk-damage.patch