From patchwork Fri Sep 7 00:38:10 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sasha Levin X-Patchwork-Id: 10591315 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 472B2921 for ; Fri, 7 Sep 2018 00:40:09 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 357152AD05 for ; Fri, 7 Sep 2018 00:40:09 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 256F62AD1D; Fri, 7 Sep 2018 00:40:09 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 532692AD05 for ; Fri, 7 Sep 2018 00:40:08 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4CB276B7B98; Thu, 6 Sep 2018 20:40:07 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 479F16B7B9A; Thu, 6 Sep 2018 20:40:07 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 31BC06B7B9B; Thu, 6 Sep 2018 20:40:07 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-qt0-f198.google.com (mail-qt0-f198.google.com [209.85.216.198]) by kanga.kvack.org (Postfix) with ESMTP id 03D546B7B98 for ; Thu, 6 Sep 2018 20:40:07 -0400 (EDT) Received: by mail-qt0-f198.google.com with SMTP id l7-v6so12678229qte.2 for ; Thu, 06 Sep 2018 17:40:06 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:thread-topic :thread-index:date:message-id:references:in-reply-to:accept-language :content-language:spamdiagnosticoutput:spamdiagnosticmetadata :content-transfer-encoding:mime-version; bh=hu63KFvTbz8FrX0AfqqJmcmfoc/fUItVNMJse89Lbog=; b=f5O4uhcd0ByeXDaz4ZdAHhYqpNLk4UzTw4Ur2pP7GhY+sS+StzbxhYrRDKdG09BNbY eufbpCYdLbDrHJAL+eFK8Vr/L3JQOKOueY1RkEZVxOLPUoEjIOB/hD4p+nwlS/mSIsNX R7aeKR+KkRo1ps0ooi+VpNbLuK0KVRk8QQ7lvamZdoTOpIjrqMcy7ve4JnYJX/fg0i+Z B63QHzfbKykHo1dliosi237Hljc7UJ2bhIyPxMYJr4qYFbgWWcyUjVrkF+cbu8HruOlu dT1C/a0rceISEj3mQKsWr3CnakoH9ThI2gSuy/GV1tQkD+Y/Avt/JLnVEkm+IHthroPq 0XJw== X-Gm-Message-State: APzg51DlEVmSQsXyFUi/tPrgMyAuhUwrNjUtzSRStaIEWcHap/dztamg 2BnU1Bn0m/UugQU/Lz2uBoj5wixKQYKF58GpOAF2lT7w4IhKTWJ4mUteZ6EhPO9tRZ4SyDNA1pR 3choWFVcb7yua3f4NhpNHTgQPMrTQ0+FyvXg6HDeaKmf3w1gzghbYhCT2ydmxed2MpA== X-Received: by 2002:a37:4c0e:: with SMTP id z14-v6mr4112907qka.233.1536280806752; Thu, 06 Sep 2018 17:40:06 -0700 (PDT) X-Google-Smtp-Source: ANB0VdbkqVXu/jHtSi7yf079DMN0/TSVUHlE4t3dM+JbeAQr8JkB8JS0vhq+qVUQBy27HOHthOa0 X-Received: by 2002:a37:4c0e:: with SMTP id z14-v6mr4112890qka.233.1536280806224; Thu, 06 Sep 2018 17:40:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1536280806; cv=none; d=google.com; s=arc-20160816; b=FTbQH6Sm/RdQG/upW9GqZyHFnowsr+GjMR0BwwsfJFLscP0UjdaBX36Mi9EekuZeNs aHLhKxw2u6knZAMTe8BVUFKOK/fGOXTN2OCUgU/eEXpCGqes0By2NDYH/IkKkZtxm2y0 YwlNpMiEGEtZdfh6gNPPQzxKoOE31x+TXPLNHBxO0nbfEGEKyqHADk/kRU8nS21Y5Cwf JNwxhOfthycsVyuEh+6vLFUzHtS7PlRP2W7bOTJBdFAubW9063Xs1VkaO6uUN4vydF5c 4Mq0hhePz79KNLMy7LpS/Z2LrL/jixpU7DkmFseyzNnGsjNyoOvTFDu2ZaH5ADqGNEAj OLiA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:content-transfer-encoding:spamdiagnosticmetadata :spamdiagnosticoutput:content-language:accept-language:in-reply-to :references:message-id:date:thread-index:thread-topic:subject:cc:to :from:dkim-signature; bh=hu63KFvTbz8FrX0AfqqJmcmfoc/fUItVNMJse89Lbog=; b=rbxhyYfqGYEmH8pRtl02ztI23qQ3tWQbpotNvbiBos5yUa2e1D0/2Bpg2UufY/G5nn KMUleMJsSJpsFyPBEMVDceg+U0WW7mKYGkaRf4xHBl1Qwul3A7wfJF+ItRSP9aV/s40C dW4auIKsm7oLPd3rsuG89ytPLs6WEBzmCNiyQlyU0T9ZB51MbO/1ELuOMK+cIbsFv+hj 2ajpZp+bLQxyMbsWYcfZo+qJg0C4Cj22CUvyvTzgSF8AL1jYEXIddIwkBoqzg2D65YLL hisU1PtbFvzf2zOjCE6RdrTe0H+mtYRzY1Z3euSOpYynQJfDKLHhyYap4pW4LSw4pJNc XK0w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@microsoft.com header.s=selector1 header.b=MAoUPeXh; spf=pass (google.com: domain of alexander.levin@microsoft.com designates 104.47.33.111 as permitted sender) smtp.mailfrom=Alexander.Levin@microsoft.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=microsoft.com Received: from NAM01-BN3-obe.outbound.protection.outlook.com (mail-bn3nam01on0111.outbound.protection.outlook.com. [104.47.33.111]) by mx.google.com with ESMTPS id l8-v6si4477841qvo.196.2018.09.06.17.40.05 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 06 Sep 2018 17:40:06 -0700 (PDT) Received-SPF: pass (google.com: domain of alexander.levin@microsoft.com designates 104.47.33.111 as permitted sender) client-ip=104.47.33.111; Authentication-Results: mx.google.com; dkim=pass header.i=@microsoft.com header.s=selector1 header.b=MAoUPeXh; spf=pass (google.com: domain of alexander.levin@microsoft.com designates 104.47.33.111 as permitted sender) smtp.mailfrom=Alexander.Levin@microsoft.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=microsoft.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hu63KFvTbz8FrX0AfqqJmcmfoc/fUItVNMJse89Lbog=; b=MAoUPeXhhLirG23A+EMoQrJ+opbuViEmCIgM3bFyZ5uuOHNjxcGdCE0DHM3mLFCKlreW9EartEykseZQU74f5oVyWZyQv184D9/nLNU2cNnOEPabiNRJ7qa5bdfER99mmrCgp6xPMc1puvkBL0hUXrvEqnt6G+DkQSGpmVQDnfk= Received: from CY4PR21MB0776.namprd21.prod.outlook.com (10.173.192.22) by CY4PR21MB0855.namprd21.prod.outlook.com (10.173.192.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1143.1; Fri, 7 Sep 2018 00:40:00 +0000 Received: from CY4PR21MB0776.namprd21.prod.outlook.com ([fe80::7c3a:eea8:1391:1611]) by CY4PR21MB0776.namprd21.prod.outlook.com ([fe80::7c3a:eea8:1391:1611%7]) with mapi id 15.20.1143.008; Fri, 7 Sep 2018 00:40:00 +0000 From: Sasha Levin To: "stable@vger.kernel.org" , "linux-kernel@vger.kernel.org" CC: Joerg Roedel , Thomas Gleixner , "H . Peter Anvin" , "linux-mm@kvack.org" , Linus Torvalds , Andy Lutomirski , Dave Hansen , Josh Poimboeuf , Juergen Gross , Peter Zijlstra , Borislav Petkov , Jiri Kosina , Boris Ostrovsky , Brian Gerst , David Laight , Denys Vlasenko , Eduardo Valentin , Greg KH , Will Deacon , "aliguori@amazon.com" , Daniel Gruss , "hughd@google.com" , "keescook@google.com" , Andrea Arcangeli , Waiman Long , "David H . Gutteridge" , "joro@8bytes.org" , Sasha Levin Subject: [PATCH AUTOSEL 4.14 67/67] x86/mm/pti: Add an overflow check to pti_clone_pmds() Thread-Topic: [PATCH AUTOSEL 4.14 67/67] x86/mm/pti: Add an overflow check to pti_clone_pmds() Thread-Index: AQHURkMNr95K6teAAEuHaXPPdMkYqQ== Date: Fri, 7 Sep 2018 00:38:10 +0000 Message-ID: <20180907003716.57737-67-alexander.levin@microsoft.com> References: <20180907003716.57737-1-alexander.levin@microsoft.com> In-Reply-To: <20180907003716.57737-1-alexander.levin@microsoft.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [52.168.54.252] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1;CY4PR21MB0855;6:ozd7wRviIT3JW9iZijaNsaKX71jR5myxR2h0lolar9jMvZhyA/yGI+DbsBu6LzBc0SZvwELwb5HIXjn7x5RBKe7xpQAc1xF8H9yrHgQJDQVTm26zMbTtG1LwGjo2a7Ylcrj5nbdCFhVu1wZdA4rMiZj3ysmcmAs//T56tWToi++yB23mm8XkTlxJMXrh/W8MASQL9YvdLiBdh+SWuqBuEAelIMTfv4ZXDdB9/a+39C9rVJFqqjzTIm7imSKWtD634zQej1hd8/RiPCv2PgOb3zGtx8a7GRFXAsxELPxbPI5YaSgCos+1+yw7/hKVYH2Tg+gZZGv+2iFdVuuo9qtBu7OOsU53e+8SnNAH247lL/4n6ee1boacbDWUWm0mNA+fj4fQQ7tLKgezWFNWFnPTTBSs6PY1IGy9cGLq2eyJnmiabU2V3jwYlCOAmdC3MCCUNLFLhBSAjLWOLciAcwGWWw==;5:hCLNR4t5Fk24PSxLd/gGmN07h9/9X5RSxVWr4+cxr0jKQK0Hhy+3FU4Idin8uJgFx2S3UnVp6h/611I2RoLplAVo0AUkk1o3JM64jQDAjcuSXpdU4eY5PZl4lopBLRYFRuH2XAh7uxSJt679OOf5fJYzSQBqKW1VqmgvSrc3M6Q=;7:NOS9M+SbudBlrYhnouENDQJKc5dVMf2WX8ev/1F4ydLWq3Dn1RVyhLsBD74Z39w5bX4im+g3Cveb+l4RHljmeeIsBoF+ADN2GXs5kdXYgpeiXZO5fUc3fg4XSSuMzE6zJN5xYdb/iIlwe9GgvqjXHvhc8j55lXeO8VDgXYzsGE9jcBBWFLC2svdgZUGfDhRu8rRWICLKsQ8UMrvyU5O9WgqL3StNUmgmkWhtre31ExQd9/cKuHgBxGfmlhPx1N83 x-ms-office365-filtering-correlation-id: 3e4e3081-db58-48c9-8546-08d6145a7195 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: BCL:0;PCL:0;RULEID:(7020095)(4652040)(4534165)(4627221)(201703031133081)(201702281549075)(5600074)(711020)(4618075)(2017052603328)(7193020);SRVR:CY4PR21MB0855; x-ms-traffictypediagnostic: CY4PR21MB0855: authentication-results: spf=none (sender IP is ) smtp.mailfrom=Alexander.Levin@microsoft.com; x-ld-processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(20283166320243)(28532068793085)(180628864354917)(89211679590171)(33061846794335)(85827821059158)(211936372134217)(42068640409301)(146099531331640)(47284530071512); x-ms-exchange-senderadcheck: 1 x-exchange-antispam-report-cfa-test: BCL:0;PCL:0;RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3231344)(944501410)(52105095)(2018427008)(93006095)(93001095)(3002001)(10201501046)(6055026)(149027)(150027)(6041310)(20161123564045)(20161123560045)(20161123562045)(20161123558120)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(201708071742011)(7699049)(76991033);SRVR:CY4PR21MB0855;BCL:0;PCL:0;RULEID:;SRVR:CY4PR21MB0855; x-forefront-prvs: 07880C4932 x-forefront-antispam-report: SFV:NSPM;SFS:(10019020)(346002)(136003)(396003)(366004)(376002)(39860400002)(189003)(199004)(53936002)(316002)(97736004)(2900100001)(86612001)(25786009)(86362001)(2906002)(6306002)(6512007)(54906003)(39060400002)(107886003)(68736007)(110136005)(4326008)(81156014)(10290500003)(14454004)(8936002)(66066001)(81166006)(8676002)(3846002)(966005)(6116002)(478600001)(72206003)(7736002)(305945005)(1076002)(7416002)(106356001)(105586002)(6506007)(76176011)(10090500001)(6486002)(99286004)(256004)(36756003)(2501003)(26005)(186003)(6666003)(5250100002)(6436002)(5660300001)(102836004)(217873002)(476003)(2616005)(486006)(22452003)(11346002)(446003);DIR:OUT;SFP:1102;SCL:1;SRVR:CY4PR21MB0855;H:CY4PR21MB0776.namprd21.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords;MX:1;A:1; received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts) x-microsoft-antispam-message-info: BU6m1QXa0Vh6EI/0EjloCyLAGk8uU64+n8qmM6+7Mjk01kW12jDHsVxVtiWuCoUoR3nQl9RzSwaDPQiAJ6lbHfe62SOF3WVQE3U0d7ozSNvMcWemJl/XXo/e3QebXhbmHT+terjgxA/riZD0sF0sl4ixV0KOsMN5/mt120thwRkF6ZiMexWPf6Bv/NBXLCh0f/NRmdrPm3vceTg9rDaHpIlPiVSxKGD5othms4wDPpeBtk6gGFhM/d89HZyKIjIf+HJlwCli97jcHaDEsDqgnTQcAKHrroSif/hdpmlmQZ7ljKdvc/OuGehY1rmLLAnNsxN32eYd+/YHJN5PKId+NZsUoV71nhPR4kUSN7fTNDM= spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: 3e4e3081-db58-48c9-8546-08d6145a7195 X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Sep 2018 00:38:10.0701 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0855 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Joerg Roedel [ Upstream commit 935232ce28dfabff1171e5a7113b2d865fa9ee63 ] The addr counter will overflow if the last PMD of the address space is cloned, resulting in an endless loop. Check for that and bail out of the loop when it happens. Signed-off-by: Joerg Roedel Signed-off-by: Thomas Gleixner Tested-by: Pavel Machek Cc: "H . Peter Anvin" Cc: linux-mm@kvack.org Cc: Linus Torvalds Cc: Andy Lutomirski Cc: Dave Hansen Cc: Josh Poimboeuf Cc: Juergen Gross Cc: Peter Zijlstra Cc: Borislav Petkov Cc: Jiri Kosina Cc: Boris Ostrovsky Cc: Brian Gerst Cc: David Laight Cc: Denys Vlasenko Cc: Eduardo Valentin Cc: Greg KH Cc: Will Deacon Cc: aliguori@amazon.com Cc: daniel.gruss@iaik.tugraz.at Cc: hughd@google.com Cc: keescook@google.com Cc: Andrea Arcangeli Cc: Waiman Long Cc: "David H . Gutteridge" Cc: joro@8bytes.org Link: https://lkml.kernel.org/r/1531906876-13451-25-git-send-email-joro@8bytes.org Signed-off-by: Sasha Levin --- arch/x86/mm/pti.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/x86/mm/pti.c b/arch/x86/mm/pti.c index 7786ab306225..b07e3ffc5ac5 100644 --- a/arch/x86/mm/pti.c +++ b/arch/x86/mm/pti.c @@ -291,6 +291,10 @@ pti_clone_pmds(unsigned long start, unsigned long end, pmdval_t clear) p4d_t *p4d; pud_t *pud; + /* Overflow check */ + if (addr < start) + break; + pgd = pgd_offset_k(addr); if (WARN_ON(pgd_none(*pgd))) return;