From patchwork Sun Sep 2 13:16:08 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sasha Levin X-Patchwork-Id: 10585161 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 7B6A114E0 for ; Sun, 2 Sep 2018 13:16:35 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6B6AA28DCB for ; Sun, 2 Sep 2018 13:16:35 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 5EB8729708; Sun, 2 Sep 2018 13:16:35 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A97B228DCB for ; Sun, 2 Sep 2018 13:16:34 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 36C916B6274; Sun, 2 Sep 2018 09:16:32 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 249D16B6275; Sun, 2 Sep 2018 09:16:32 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E31026B6276; Sun, 2 Sep 2018 09:16:31 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pl1-f198.google.com (mail-pl1-f198.google.com [209.85.214.198]) by kanga.kvack.org (Postfix) with ESMTP id 925526B6274 for ; Sun, 2 Sep 2018 09:16:31 -0400 (EDT) Received: by mail-pl1-f198.google.com with SMTP id g12-v6so9052222plo.1 for ; Sun, 02 Sep 2018 06:16:31 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:thread-topic :thread-index:date:message-id:references:in-reply-to:accept-language :content-language:spamdiagnosticoutput:spamdiagnosticmetadata :content-transfer-encoding:mime-version; bh=U5zfbb2/wNo2xPTtgYa9lD3IJrnve2w/0AcqYcsK+6Y=; b=nWQFaysK3qZlmTw80CJ12KNkZaLGT4bb+ymlNeBgpYvxJWYZQHj9TBv+mznKRU6PiA 8wv1xzgzQq2zYdG/ezC9aDXu7MS7X6Pr9bqAbzJ+M8dNU6cO/vVcpRlBZ1waTYWFbJMN 3aSkPZ/o90Dbvdq0jbhSfBTpMe1Gg1Nxz8tKk9iNJp1CuLuEI716fu92hQBs1v5h3/73 y4o5fUJZFWeMUpSLCBvyok2fowaULmvivs8tu3mO2pM0AVOIyfTuROw+V0JTFee+9F1E QK5HZhYunowinmW2a9F695z8PdcXKZCl8xyn6eC3zg72LYvIj5nE+88MTE7LrX8RwW/G fAkQ== X-Gm-Message-State: APzg51BZt2dUemgy/wIJ3wRVeyTWoeJnPSDZbq+DlM06WLBK0Ob+7QyV lcEYfXCc+m076v27Ipiy1Y4+rIrCGaytE/PQqXu3PUAOZFwFkyLX5+oscVARXaZTythpfI38oOv puLmLUdku9giFeH16tfXqd5DQdIHg0UNZjQEb1A4qKIoZBvTFMyRd3dONkeCWpJ9KLw== X-Received: by 2002:a17:902:22e:: with SMTP id 43-v6mr24133896plc.118.1535894191279; Sun, 02 Sep 2018 06:16:31 -0700 (PDT) X-Google-Smtp-Source: ANB0Vdb2aOyp5pieEfrZ8Akt1LMm/oQL+nMswJ7PQml8Yk0qVRunh091iAwLzh6E9adWKH/yj9rT X-Received: by 2002:a17:902:22e:: with SMTP id 43-v6mr24133860plc.118.1535894190708; Sun, 02 Sep 2018 06:16:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1535894190; cv=none; d=google.com; s=arc-20160816; b=Xs0HFXIUs7MZBzd+5NJJBfa/WAWItXZmeVt/hc9WvIcovj/yiOKeRsTAfxD3WiXzea PQ75Q4qZ8IAunaRdga5pwgW4VCBIalMHnIbnFQfnU3bkL4pnUQru20x8PJL52uN9/q3K t1hb1Uvrh8aTzYQ8Guzi4zwTJZx6Kl9sa9f8glyr0yBSkw7vGPtbBldO74WoyTrH3zd/ 4E3NMzj/4TKre3+0awGnW9m1fQ0afm08nsRrUBirQgJYPuRT4z80PR0F/xWLiroGoBx3 0dDjK+9INL8oaG96GiFKe0L8IF6KX1ftL7eF3yBIHz99LiE6oBAJxpPBa1No8GAc2vVn 8HmA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:content-transfer-encoding:spamdiagnosticmetadata :spamdiagnosticoutput:content-language:accept-language:in-reply-to :references:message-id:date:thread-index:thread-topic:subject:cc:to :from:dkim-signature:arc-authentication-results; bh=U5zfbb2/wNo2xPTtgYa9lD3IJrnve2w/0AcqYcsK+6Y=; b=rt8quQZ3z1TQSxvvUBfA/6Aw1/cv2cQQdkTU1JTQHcHASNDLDSrZSqRJI+nx2iQRIK pax1bRsCPvmQi84sggXd3IdaoJeJbzeBdYQm5gu6LAoMsodx4Yxf+4QiVF1v5leuTFxs orgeFx3/BxhWlECQdBFLYv4yWs39++Rbafc484R11n1K9xHtZpYcU4bYIslI9nLGSlHq 2Wj4R+xG5ACiREUJXZgf8rYyC3nRiufzghUrwgQN9MFslW/mbJbf+K1d2EOFSSsGu5Fc A1qt4Ymhxh6iELjxXX186vAlWGYF4aldv6LwzrluSlIM7oSRDyovO9jdDPdHHVuE9Lmi vxKA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@microsoft.com header.s=selector1 header.b=GIZ8oEfK; spf=pass (google.com: domain of alexander.levin@microsoft.com designates 104.47.37.138 as permitted sender) smtp.mailfrom=Alexander.Levin@microsoft.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=microsoft.com Received: from NAM02-CY1-obe.outbound.protection.outlook.com (mail-cys01nam02on0138.outbound.protection.outlook.com. [104.47.37.138]) by mx.google.com with ESMTPS id f16-v6si12605027pgf.474.2018.09.02.06.16.30 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sun, 02 Sep 2018 06:16:30 -0700 (PDT) Received-SPF: pass (google.com: domain of alexander.levin@microsoft.com designates 104.47.37.138 as permitted sender) client-ip=104.47.37.138; Authentication-Results: mx.google.com; dkim=pass header.i=@microsoft.com header.s=selector1 header.b=GIZ8oEfK; spf=pass (google.com: domain of alexander.levin@microsoft.com designates 104.47.37.138 as permitted sender) smtp.mailfrom=Alexander.Levin@microsoft.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=microsoft.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=U5zfbb2/wNo2xPTtgYa9lD3IJrnve2w/0AcqYcsK+6Y=; b=GIZ8oEfKw/v92+2ls6coCzcs56LT4Fu60ICtXSakvUSirDOc0OveMAZZZ1FF+FiCGE8yhogFYXDNksWsFab464O23eO+8dSNDbZzHAkaCk0sevLP6SK1Bgh09J4cVa0KXT67z8Ue9En99+h9/U1TEnc0BOkIKqfx23J0jhBWFU4= Received: from CY4PR21MB0776.namprd21.prod.outlook.com (10.173.192.22) by CY4PR21MB0629.namprd21.prod.outlook.com (10.175.115.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1122.7; Sun, 2 Sep 2018 13:16:24 +0000 Received: from CY4PR21MB0776.namprd21.prod.outlook.com ([fe80::7c3a:eea8:1391:1611]) by CY4PR21MB0776.namprd21.prod.outlook.com ([fe80::7c3a:eea8:1391:1611%7]) with mapi id 15.20.1143.000; Sun, 2 Sep 2018 13:16:24 +0000 From: Sasha Levin To: "stable@vger.kernel.org" , "linux-kernel@vger.kernel.org" CC: Joerg Roedel , Thomas Gleixner , "H . Peter Anvin" , "linux-mm@kvack.org" , Linus Torvalds , Andy Lutomirski , Dave Hansen , Josh Poimboeuf , Juergen Gross , Peter Zijlstra , Borislav Petkov , Jiri Kosina , Boris Ostrovsky , Brian Gerst , David Laight , Denys Vlasenko , Eduardo Valentin , Greg KH , Will Deacon , "aliguori@amazon.com" , Daniel Gruss , "hughd@google.com" , "keescook@google.com" , Andrea Arcangeli , Waiman Long , Pavel Machek , Arnaldo Carvalho de Melo , Alexander Shishkin , Jiri Olsa , Namhyung Kim , "joro@8bytes.org" , Sasha Levin Subject: [PATCH AUTOSEL 4.4 23/47] x86/kexec: Allocate 8k PGDs for PTI Thread-Topic: [PATCH AUTOSEL 4.4 23/47] x86/kexec: Allocate 8k PGDs for PTI Thread-Index: AQHUQr8cQlafy3ciR0q/ULSflFCkLA== Date: Sun, 2 Sep 2018 13:16:08 +0000 Message-ID: <20180902131533.184092-23-alexander.levin@microsoft.com> References: <20180902131533.184092-1-alexander.levin@microsoft.com> In-Reply-To: <20180902131533.184092-1-alexander.levin@microsoft.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [52.168.54.252] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1;CY4PR21MB0629;6:n+lRPJ0T4F3wGXbMIvq8HwGgMFehaf/GI8FXV92tS+eOP7mUHipaLq3XUuiSoJgmLjgo7kkxHzGRkUQd89Y3vIn6bfAG3aJWNLUZ/0D6NWT0CICbv1OcqzHFvisnsAYxaILhCDjDCCGMd4hnyYa1WMm9crwZZckzJC5zzhB9TXb351S0Qkqcmtcyo/O2RcGwGuNVNM+fokP5w2pnTrt1afrdJBf/YiyiyCyB5FUkdFUAq4RKyYPZLcELI/5vqt7kEBCGWhcpg7qIg5/bTyNxAbDysfyKiiWDXgf30qhk2ogomRRvzu5nRkNGZoVM5mAfcFS4cbvZrHnSiBp8uaqCUys328JwK097L90Z/+yLZkn3h6sYzp6n8SWTuEf7bGRMQVtY7s4RF9XduBGwN0xSP0fjV5d/8PSpa29yL3izbKZqtNIkOjHSVezJNEFuUf9IKM7HkCnNYCgKACHB7wHiaQ==;5:qsR6fth6eLvLf5FvvBNXhmvEngXc48fwYEol5RgEAiLXmceQWXhqLblxNxBQn3DV2RmOkGc/cM7QXfAMxbTKRsfY/ezG1x/72mAtDQpALEpfxfy4wLjPU+4Qu2ak4hkxbUXKyu3VD4APb1D+spIjhaCI9X3BaZo/kLn2teqfYLw=;7:BGn1SMAA3LT3lRylG+fEfLihrK4j5IOlDMu4T72UDZt1Dz9jlranqfc52gblXVZur982fm89hC4+cdc8j8Fr9bfcWSsA/QlK+5/rLlojvjIZOb2eQGwY+bpgecoRu4RaQzykv8ARVajB5klCN37WJf7kiEr+Uvpjhbqo9h+vcV3XwekfdFmpcFMPcES2H6qC2JHQ5zMXN6wmBXdOnxQ42X8RFOq/xSOJoRqn3uVzsRUG2iyIGGJddhOXJYn7UV3W x-ms-office365-filtering-correlation-id: dbae3e62-4741-441b-1674-08d610d6488f x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: BCL:0;PCL:0;RULEID:(7020095)(4652040)(4534165)(4627221)(201703031133081)(201702281549075)(5600074)(711020)(4618075)(2017052603328)(7193020);SRVR:CY4PR21MB0629; x-ms-traffictypediagnostic: CY4PR21MB0629: x-ld-processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(20283166320243)(28532068793085)(180628864354917)(89211679590171)(33061846794335)(85827821059158)(211936372134217)(42068640409301)(146099531331640)(47284530071512); x-ms-exchange-senderadcheck: 1 x-exchange-antispam-report-cfa-test: BCL:0;PCL:0;RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(93006095)(93001095)(10201501046)(3002001)(3231340)(944501410)(52105095)(2018427008)(6055026)(149027)(150027)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123564045)(20161123558120)(20161123562045)(201708071742011)(7699049)(76991033);SRVR:CY4PR21MB0629;BCL:0;PCL:0;RULEID:;SRVR:CY4PR21MB0629; x-forefront-prvs: 078310077C x-forefront-antispam-report: SFV:NSPM;SFS:(10019020)(396003)(136003)(366004)(39860400002)(346002)(376002)(199004)(189003)(8676002)(478600001)(10090500001)(14454004)(966005)(10290500003)(72206003)(476003)(5660300001)(5250100002)(106356001)(110136005)(54906003)(316002)(105586002)(86612001)(102836004)(14444005)(26005)(256004)(6506007)(2616005)(6116002)(217873002)(305945005)(446003)(1076002)(3846002)(2906002)(11346002)(97736004)(6346003)(81166006)(81156014)(7736002)(6436002)(66066001)(25786009)(86362001)(4326008)(39060400002)(186003)(53936002)(8936002)(7416002)(7406005)(6486002)(22452003)(6306002)(6512007)(99286004)(2501003)(36756003)(68736007)(6666003)(2900100001)(486006)(107886003)(76176011);DIR:OUT;SFP:1102;SCL:1;SRVR:CY4PR21MB0629;H:CY4PR21MB0776.namprd21.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords;A:1;MX:1; received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts) authentication-results: spf=none (sender IP is ) smtp.mailfrom=Alexander.Levin@microsoft.com; x-microsoft-antispam-message-info: 0Q/9ZjT6c6xKUxgKOBCNoVQuH9S3paoT1EczMPEkNFe4bHY9FzaToLvbvUUPbiL4jtk84xea2Pj+h/n//oFHQYkkney4OJ9GV9tg4CWLEqBDsOqAu0rIeDZ/EPP7b+10NrBuCOG1uhbFaG+OwMnBQLgL+7IC31anPO5eoGPXf+u7RmeiyHbl7hSj+m4FlpHHsIiFWP83Pbx1tjn30Gvu9AsC3ilke8Xy09sL4NYXkY8OxrTNuBFdxT/EIheUtBbYQMfckROfccaElwOwzfq95/GKyKqDc7NzE2Ob8BKA1d2c7+ORDKoeu/0KHV1EbdiXwSA799gd2F2zczuvZmGssgzUVi8axRPL/dplhUTuXq8= spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: dbae3e62-4741-441b-1674-08d610d6488f X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Sep 2018 13:16:08.0310 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0629 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Joerg Roedel [ Upstream commit ca38dc8f2724d101038b1205122c93a1c7f38f11 ] Fuzzing the PTI-x86-32 code with trinity showed unhandled kernel paging request oops-messages that looked a lot like silent data corruption. Lot's of debugging and testing lead to the kexec-32bit code, which is still allocating 4k PGDs when PTI is enabled. But since it uses native_set_pud() to build the page-table, it will unevitably call into __pti_set_user_pgtbl(), which writes beyond the allocated 4k page. Use PGD_ALLOCATION_ORDER to allocate PGDs in the kexec code to fix the issue. Signed-off-by: Joerg Roedel Signed-off-by: Thomas Gleixner Tested-by: David H. Gutteridge Cc: "H . Peter Anvin" Cc: linux-mm@kvack.org Cc: Linus Torvalds Cc: Andy Lutomirski Cc: Dave Hansen Cc: Josh Poimboeuf Cc: Juergen Gross Cc: Peter Zijlstra Cc: Borislav Petkov Cc: Jiri Kosina Cc: Boris Ostrovsky Cc: Brian Gerst Cc: David Laight Cc: Denys Vlasenko Cc: Eduardo Valentin Cc: Greg KH Cc: Will Deacon Cc: aliguori@amazon.com Cc: daniel.gruss@iaik.tugraz.at Cc: hughd@google.com Cc: keescook@google.com Cc: Andrea Arcangeli Cc: Waiman Long Cc: Pavel Machek Cc: Arnaldo Carvalho de Melo Cc: Alexander Shishkin Cc: Jiri Olsa Cc: Namhyung Kim Cc: joro@8bytes.org Link: https://lkml.kernel.org/r/1532533683-5988-4-git-send-email-joro@8bytes.org Signed-off-by: Sasha Levin --- arch/x86/kernel/machine_kexec_32.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/machine_kexec_32.c b/arch/x86/kernel/machine_kexec_32.c index fd7e9937ddd6..e9359272c5cb 100644 --- a/arch/x86/kernel/machine_kexec_32.c +++ b/arch/x86/kernel/machine_kexec_32.c @@ -70,7 +70,7 @@ static void load_segments(void) static void machine_kexec_free_page_tables(struct kimage *image) { - free_page((unsigned long)image->arch.pgd); + free_pages((unsigned long)image->arch.pgd, PGD_ALLOCATION_ORDER); image->arch.pgd = NULL; #ifdef CONFIG_X86_PAE free_page((unsigned long)image->arch.pmd0); @@ -86,7 +86,8 @@ static void machine_kexec_free_page_tables(struct kimage *image) static int machine_kexec_alloc_page_tables(struct kimage *image) { - image->arch.pgd = (pgd_t *)get_zeroed_page(GFP_KERNEL); + image->arch.pgd = (pgd_t *)__get_free_pages(GFP_KERNEL | __GFP_ZERO, + PGD_ALLOCATION_ORDER); #ifdef CONFIG_X86_PAE image->arch.pmd0 = (pmd_t *)get_zeroed_page(GFP_KERNEL); image->arch.pmd1 = (pmd_t *)get_zeroed_page(GFP_KERNEL);