diff mbox

[24/39] x86/mm/pti: Add an overflow check to pti_clone_pmds()

Message ID 1531906876-13451-25-git-send-email-joro@8bytes.org (mailing list archive)
State New, archived
Headers show

Commit Message

Joerg Roedel July 18, 2018, 9:41 a.m. UTC
From: Joerg Roedel <jroedel@suse.de>

The addr counter will overflow if we clone the last PMD of
the address space, resulting in an endless loop.

Check for that and bail out of the loop when it happens.

Signed-off-by: Joerg Roedel <jroedel@suse.de>
 arch/x86/mm/pti.c | 4 ++++
 1 file changed, 4 insertions(+)
diff mbox


diff --git a/arch/x86/mm/pti.c b/arch/x86/mm/pti.c
index f512222..dc02fd4 100644
--- a/arch/x86/mm/pti.c
+++ b/arch/x86/mm/pti.c
@@ -297,6 +297,10 @@  pti_clone_pmds(unsigned long start, unsigned long end, pmdval_t clear)
 		p4d_t *p4d;
 		pud_t *pud;
+		/* Overflow check */
+		if (addr < start)
+			break;
 		pgd = pgd_offset_k(addr);
 		if (WARN_ON(pgd_none(*pgd)))