diff options
| author | Avi Kivity <avi@qumranet.com> | 2010-01-10 16:28:09 +0200 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@suse.de> | 2010-05-12 14:57:00 -0700 |
| commit | 5d5890b7cdde133721fc3050abd28085b8dbb2e3 (patch) | |
| tree | c6569022c97b46baaf291372d856cb167c077327 /arch/x86 | |
| parent | 669805f0492eb6415a6c621fcd1ef6e29fee32b8 (diff) | |
core, x86: make LIST_POISON less deadly
commit a29815a333c6c6e677294bbe5958e771d0aad3fd upstream.
The list macros use LIST_POISON1 and LIST_POISON2 as undereferencable
pointers in order to trap erronous use of freed list_heads. Unfortunately
userspace can arrange for those pointers to actually be dereferencable,
potentially turning an oops to an expolit.
To avoid this allow architectures (currently x86_64 only) to override
the default values for these pointers with truly-undereferencable values.
This is easy on x86_64 as the virtual address space is large and contains
areas that cannot be mapped.
Other 64-bit architectures will likely find similar unmapped ranges.
[ingo: switch to 0xdead000000000000 as the unmapped area]
[ingo: add comments, cleanup]
[jaswinder: eliminate sparse warnings]
Acked-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Jaswinder Singh Rajput <jaswinderrajput@gmail.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Diffstat (limited to 'arch/x86')
| -rw-r--r-- | arch/x86/Kconfig | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 4fdb669e8469..2063d7f1d72e 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1236,6 +1236,11 @@ config ARCH_MEMORY_PROBE def_bool X86_64 depends on MEMORY_HOTPLUG +config ILLEGAL_POINTER_VALUE + hex + default 0 if X86_32 + default 0xdead000000000000 if X86_64 + source "mm/Kconfig" config HIGHPTE |