From patchwork Thu Jun 20 19:00:49 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Qian Cai X-Patchwork-Id: 11007785 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A7258112C for ; Thu, 20 Jun 2019 19:01:10 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9563828841 for ; Thu, 20 Jun 2019 19:01:10 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 86D3028856; Thu, 20 Jun 2019 19:01:10 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0C32928841 for ; Thu, 20 Jun 2019 19:01:09 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id DFDE08E0005; Thu, 20 Jun 2019 15:01:08 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id D870F8E0001; Thu, 20 Jun 2019 15:01:08 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C4D1A8E0005; Thu, 20 Jun 2019 15:01:08 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-qk1-f198.google.com (mail-qk1-f198.google.com [209.85.222.198]) by kanga.kvack.org (Postfix) with ESMTP id 9F1B38E0001 for ; Thu, 20 Jun 2019 15:01:08 -0400 (EDT) Received: by mail-qk1-f198.google.com with SMTP id 11so3486785qkg.3 for ; Thu, 20 Jun 2019 12:01:08 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id; bh=fxS7BF5YnKVYas/qowRkmGk4FPNWJ865a8LlJ7jJcM4=; b=VbgnPBhbgIt8C1SCMbrj30A4NpPpOpa8zz17rPD50VGpqFSLcMA9MebikBPl8gm0VN 468kFm57iew5T86G0b05679ncQpirWbz3Dj1tJ9m/5x62Fan8zTxaiMHHMqbWm093MUg pGFqmQiNK8wAo9bejLvSXQQFMX4hJ8v07mCuF8i8gJB5qs7MEBq+2qzFVGqoF2/FiS0d m9J/gSZGD6E4vQjro2LbxtZ1jQbjkboxFtHvHY8v3itbDy0hX4pJR4OVsiXnBl6B/K53 kzLUImMR1tTw2ZYY3mevaNYPJA/uV64OuRBmzRuAe+/KuaCtFVCdmAJD1CLF+6OCJrHf ToKA== X-Gm-Message-State: APjAAAUYVrPMEe+zMRpuBfstkneIcxywMh8rlFv1YM0cNPhR8D2zXs8C 5S5QYMVDEOQa4CvO/L1J0o14yXOdU+nyTWP5RhJxfuApkENKrPKjsBEw+eKBPwoj0PQUcflbFgn T82PyFAev3LPgHM0Lhpnc+EX+/IaFeoWZjWkozMUvcW3SGrlRu7b72Nv4BLVDNn7wiQ== X-Received: by 2002:ac8:17f7:: with SMTP id r52mr15676794qtk.235.1561057268383; Thu, 20 Jun 2019 12:01:08 -0700 (PDT) X-Received: by 2002:ac8:17f7:: with SMTP id r52mr15676725qtk.235.1561057267607; Thu, 20 Jun 2019 12:01:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561057267; cv=none; d=google.com; s=arc-20160816; b=qZwcqVNgI7KMhPJeGXUW70W8DTvXLIy3nO3OP5U3u+zX8YQiteEsCopk2ATHL/D8SI 84q5yU8R7b6U9cCY2WoafUWlxmE3K3T9122QiPDtzcSMV6+3aeRxVy4hMp1urPPaVXh0 qc3Ku0WeDxIRzWBbx0Wcaw6v8JbJ1bY5NDO9QCQfA6/KDkW2lAcKKn7RVwfQ2zYgUqC3 iEZPLqgSMklVrE3dn5SD0om6BaTu9YBnz+U1jfrHKj8/gux2suQLAdn4Djc3u9/pEkOr JNbPwtvdSkc/SQ7y2NcoeSU3aZjGHS66W7qeZHucC4HhOt1YCsvGl0nlQAj0AWt1Kmku /NGg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=message-id:date:subject:cc:to:from:dkim-signature; bh=fxS7BF5YnKVYas/qowRkmGk4FPNWJ865a8LlJ7jJcM4=; b=q6s3nY0T980FKcdzaUP1z4vaxkXXhOdj+0q8krhFmNRcWVZTBhVFV8h60I6pEJkfmy jrnMVuSNPQEE5Vm2B6LONXGUcHVwZ6nGihHZqQmNVc7ktQII+cvlazTUELwI8WAeZ0rI 3gPRAcH2SFrmSsZjl31B6OBEgHAiWWx0aECJaIWbd7tVNKB+en1fRQPppT2Wekirer83 357FO1jI11Q7YYdxnHIdtk22WzsnSxj3hGRjmQuRyeCmqcLbOwSwmN09qSiq+TukHaWJ PTQEjXAf5yT/khyqtwW0saOTU6qynCduSv66E8rnEQzdMmO1tfWcrt4anZpV8f0f3sfu bWSg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lca.pw header.s=google header.b=esuVGuPH; spf=pass (google.com: domain of cai@lca.pw designates 209.85.220.65 as permitted sender) smtp.mailfrom=cai@lca.pw Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id u44sor287762qvh.40.2019.06.20.12.01.07 for (Google Transport Security); Thu, 20 Jun 2019 12:01:07 -0700 (PDT) Received-SPF: pass (google.com: domain of cai@lca.pw designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@lca.pw header.s=google header.b=esuVGuPH; spf=pass (google.com: domain of cai@lca.pw designates 209.85.220.65 as permitted sender) smtp.mailfrom=cai@lca.pw DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lca.pw; s=google; h=from:to:cc:subject:date:message-id; bh=fxS7BF5YnKVYas/qowRkmGk4FPNWJ865a8LlJ7jJcM4=; b=esuVGuPHL56ybvaqOi4wr1sfCwyi7F90uFQQg9tDD7rakbJPt06CIihYvU6E/v7e+I uENQ4kzNchpmVv/XoVJiEEgg378BnrefimklEXz6CAeEB311DR3h8OgJjMntqg4AoGmi tCa7K0JPelfWIG5PvLB+98Sg0cEYB5XPVyjpvIiLjStcU4LZ7t3vbLUYjlTCNkRXFHIT ecPYI7BNUFg0LIRkX/JlHlb6+HXYysZkx8gm54zyBF88Bz2MDiqMSyQCsK0hOVv4L958 nP76/otkB76YZk9ir5BcKU7vVwQXXZWENpXaQeFy0FRIwaiisCKVarXEjd78H0mYBEqL X0Kg== X-Google-Smtp-Source: APXvYqysIE3Ly6ZIllbwREVHhww7QCrn4Q3w2CO3KTEKsTltsmi4QX8G1yOr8xqJrrtRaWd1Y93z4Q== X-Received: by 2002:a0c:add8:: with SMTP id x24mr41689584qvc.167.1561057267285; Thu, 20 Jun 2019 12:01:07 -0700 (PDT) Received: from qcai.nay.com (nat-pool-bos-t.redhat.com. [66.187.233.206]) by smtp.gmail.com with ESMTPSA id k58sm279904qtc.38.2019.06.20.12.01.05 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 20 Jun 2019 12:01:06 -0700 (PDT) From: Qian Cai To: akpm@linux-foundation.org Cc: glider@google.com, keescook@chromium.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, Qian Cai Subject: [PATCH -next] mm/page_poison: fix a false memory corruption Date: Thu, 20 Jun 2019 15:00:49 -0400 Message-Id: <1561057249-7493-1-git-send-email-cai@lca.pw> X-Mailer: git-send-email 1.8.3.1 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP The linux-next commit "mm: security: introduce init_on_alloc=1 and init_on_free=1 boot options" [1] introduced a false positive when init_on_free=1 and page_poison=on, due to the page_poison expects the pattern 0xaa when allocating pages which were overwritten by init_on_free=1 with 0. It is not possible to switch the order between kernel_init_free_pages() and kernel_poison_pages() in free_pages_prepare(), because at least on powerpc the formal will call clear_page() and the subsequence access by kernel_poison_pages() will trigger the kernel access of bad area errors. Fix it by treating init_on_free=1 the same as CONFIG_PAGE_POISONING_ZERO=y. [1] https://patchwork.kernel.org/patch/10999465/ Signed-off-by: Qian Cai --- mm/page_poison.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/mm/page_poison.c b/mm/page_poison.c index 21d4f97cb49b..272403b992d3 100644 --- a/mm/page_poison.c +++ b/mm/page_poison.c @@ -68,22 +68,26 @@ static void check_poison_mem(unsigned char *mem, size_t bytes) static DEFINE_RATELIMIT_STATE(ratelimit, 5 * HZ, 10); unsigned char *start; unsigned char *end; + int pattern = PAGE_POISON; if (IS_ENABLED(CONFIG_PAGE_POISONING_NO_SANITY)) return; - start = memchr_inv(mem, PAGE_POISON, bytes); + if (static_branch_unlikely(&init_on_free)) + pattern = 0; + + start = memchr_inv(mem, pattern, bytes); if (!start) return; for (end = mem + bytes - 1; end > start; end--) { - if (*end != PAGE_POISON) + if (*end != pattern) break; } if (!__ratelimit(&ratelimit)) return; - else if (start == end && single_bit_flip(*start, PAGE_POISON)) + else if (start == end && single_bit_flip(*start, pattern)) pr_err("pagealloc: single bit error\n"); else pr_err("pagealloc: memory corruption\n");