From patchwork Mon Jul 24 15:57:06 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "kirill.shutemov@linux.intel.com" X-Patchwork-Id: 13324933 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id BB132C001B0 for ; Mon, 24 Jul 2023 15:57:21 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4D2C76B0071; Mon, 24 Jul 2023 11:57:21 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 4824A6B0074; Mon, 24 Jul 2023 11:57:21 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 323788E0001; Mon, 24 Jul 2023 11:57:21 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 1BE176B0071 for ; Mon, 24 Jul 2023 11:57:21 -0400 (EDT) Received: from smtpin07.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id C77731409E3 for ; Mon, 24 Jul 2023 15:57:20 +0000 (UTC) X-FDA: 81046959840.07.91DC74B Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by imf22.hostedemail.com (Postfix) with ESMTP id 2747DC0003 for ; Mon, 24 Jul 2023 15:57:17 +0000 (UTC) Authentication-Results: imf22.hostedemail.com; dkim=pass header.d=intel.com header.s=Intel header.b=Ui1SRClv; dmarc=pass (policy=none) header.from=intel.com; spf=none (imf22.hostedemail.com: domain of kirill.shutemov@linux.intel.com has no SPF policy when checking 134.134.136.20) smtp.mailfrom=kirill.shutemov@linux.intel.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1690214238; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:references:dkim-signature; bh=Y3oDSz7r/mQ9mXFqjT3RdK/ReY6MTrCQVkFQcQpYCV8=; b=pcveG5Wv65HhR8rQM9tgOyPYsrHkuxaZEwJn8//R6ol7+FeHE7/Eql9CHQmDEB+1OK5A9n H66WeSBQQd6htoCWNsB1+jY3CqnloYT6saoBrHa+BLGrsUFsWCA04HFrYwFuZ2Aw/aSEg0 PE8vgHAY6NPxa0aReuD6KyNQnodNndc= ARC-Authentication-Results: i=1; imf22.hostedemail.com; dkim=pass header.d=intel.com header.s=Intel header.b=Ui1SRClv; dmarc=pass (policy=none) header.from=intel.com; spf=none (imf22.hostedemail.com: domain of kirill.shutemov@linux.intel.com has no SPF policy when checking 134.134.136.20) smtp.mailfrom=kirill.shutemov@linux.intel.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1690214238; a=rsa-sha256; cv=none; b=VaZlCQ+SH1ZRNQOGZ0a4l5+G1gXdnSwu4zbo4WpMvtk0dpJ45quWUvEAfViZdicUE7Qiwl /3JNBGo9VeqguPkH//jhv2CTEBWA85hUXmqtHOyanwaQnieyWngNWf4JOWmdQxQzjNJ5t3 AxYNvgrKik0XzKhmUzqJVp7EuUOVkus= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1690214238; x=1721750238; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=ECnmIZRK76SlIiCRyT4Ym1T9771ErnINKZxbxO8WZEg=; b=Ui1SRClv1ndaOzXBQ10c374i9ENDncck8JM7LPb58m0RS2E3arxlO6Zi FKBsiPFdsf9upar13of/LIiIZ5GyuCN8cg22eUPZIFgIGBLvFanzEgiQy m0DYV1dHar1HrPtSlczwcU3vXtmwyg+4/y0+94HjPi2AGcTWfFAuHTA3E 4ejDji0hjBghm3Cm/Xr5RQ9dl08EHKNM3PpauVtEAWudEDAjDbk1Cm2Jv mUzGw9jgga1E+IHoTk0PQhHkp2bPHs31up5/p0i8S8ixYCVvR4bPL5Q5Q ruUyVGm8p0BIYzol+jfYOELbKrYE6K3viXosgLAfzgItsTjazdrnrrI8H g==; X-IronPort-AV: E=McAfee;i="6600,9927,10781"; a="357478801" X-IronPort-AV: E=Sophos;i="6.01,228,1684825200"; d="scan'208";a="357478801" Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Jul 2023 08:57:15 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10781"; a="725770275" X-IronPort-AV: E=Sophos;i="6.01,228,1684825200"; d="scan'208";a="725770275" Received: from asmaaabd-mobl.ger.corp.intel.com (HELO box.shutemov.name) ([10.251.208.137]) by orsmga002-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Jul 2023 08:57:13 -0700 Received: by box.shutemov.name (Postfix, from userid 1000) id 9A2ED103A25; Mon, 24 Jul 2023 18:57:10 +0300 (+03) From: "Kirill A. Shutemov" To: dave.hansen@intel.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de Cc: x86@kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" , Yingcong Wu Subject: [PATCH] x86/mm: Fix VDSO and VVAR placement on 5-level paging machines Date: Mon, 24 Jul 2023 18:57:06 +0300 Message-ID: <20230724155706.29900-1-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.41.0 MIME-Version: 1.0 X-Rspamd-Queue-Id: 2747DC0003 X-Rspam-User: X-Rspamd-Server: rspam04 X-Stat-Signature: yfx1gsg7rty39yac57ofk5i1cfjsggws X-HE-Tag: 1690214237-243537 X-HE-Meta: U2FsdGVkX189mw4fYhgXJ29gFBJ/cnVO/MNsUCa0OBi0joGlF9U9+2KacLeQBWsOYuJWXar9XiB5qDFtVlyuYrowpIGIQ7LORQ3F/xN3jz4i5L41wdTt3HUtTGnfJejmnfFepULwkO+J7WWxn3hKwAUMAX1BgFqiguODLyIVhLHJWGmVvqrx3FBy6yJaRa2DGh56tfG6HHVurzzvJ85CVY6Xm3alVOw1dZrfL8253gHyUFTExtBU50Z1+djgsIG1LjSURc/J9QQS+zjy+yrzbuGjxP2Kx5Gg8NaHdQcBM5NxLcrmpYAYaceoqaJhm8peKbZewQNX4N6/vBV4jpOO8//R+u7RQ8U04vR6lqNBr/qp3rrjRhtBNAzx+t0MAblzBs2Prw4Xmj67K9D9L1XlyC6W6sgi0q3aw2D+G1Q5ikHHR1RLI1aUnNdivg/hCI48P8rFkGIOPMhdfAR5DWmTzkl3oXj1bhlYXukGjJ7RTpQtkk7fxIvtZygh2XdKh2UjG0ccmGZIoXmjx3Rz5s/hSjpSntXkAI6gWGQ8uUra9Ad0ogr7vHdN5gvy0Zx/y2BSBZW1OuLOAH/RLKVInKAZruNBfbTqZCBrUIOlcqVlYIClp0MwGkMCwQYur2pk1iOfd2n4vPE8kHOFEgRF5FHq1Bxr+8VXZcf7EWoo2KYgWAePm5XuWzVdK2kvIQpQ45EvErFQe29C9bdBWuBuMQSEsDTXvxs8lyaNhYfhAv1ppb06a274N9MlatNUiD4SS5eaomS7fnuo+L2B2BEC58feP8eiFH7sujceo0+lgpqBFuY+S/g9Ke+4bpmGZjyl1wUNzNIaLODLRxrdmEQE3B9hwd/9PNd3SO1Z2zvlufEUakjOxY69XLeK0iDkoQgHeZTBZY+Zdz+/Eq1bhMH6XbAFbw0aDox+aLZD7q5owsAxu/tIYPCPJq7XbR283VJIselY1Q2N/HI9ugFkiOMOcem 3VSYB66G pvaBjEO1tTFxWZ/kxwMw3IaGhVDgLOJiN3VS0Oz+mhEzgdxk9L0i+44Y87b03FPOnhD96iHf8FqtdFGxPORQM5tJ6CMS5GOpIV9JvLPmO7ufFW1eHriRmVEyZdDVesPnYChIEeiA5dcHafA0= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Yingcong has noticed that on 5-level paging machine VDSO and VVAR VMAs are placed above 47-bit border: 8000001a9000-8000001ad000 r--p 00000000 00:00 0 [vvar] 8000001ad000-8000001af000 r-xp 00000000 00:00 0 [vdso] It might confused users who not aware about 5-level paging and expect all userspace addresses to be under 47-bit border. So far I only saw it triggered with ASLR disabled, but I guess it can be also triggered with ASLR enabled if the layout gets randomized just right. The problem happens due to custom placement for the VMAs in the VDSO code: vdso_addr() tries to place them above stack and checks the result against TASK_SIZE_MAX which is wrong. TASK_SIZE_MAX set to 56-bit border on 5-level paging machines. Use DEFAULT_MAP_WINDOW instead. Signed-off-by: Kirill A. Shutemov Reported-by: Yingcong Wu Fixes: b569bab78d8d ("x86/mm: Prepare to expose larger address space to userspace") --- arch/x86/entry/vdso/vma.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/entry/vdso/vma.c b/arch/x86/entry/vdso/vma.c index 11a5c68d1218..7645730dc228 100644 --- a/arch/x86/entry/vdso/vma.c +++ b/arch/x86/entry/vdso/vma.c @@ -299,8 +299,8 @@ static unsigned long vdso_addr(unsigned long start, unsigned len) /* Round the lowest possible end address up to a PMD boundary. */ end = (start + len + PMD_SIZE - 1) & PMD_MASK; - if (end >= TASK_SIZE_MAX) - end = TASK_SIZE_MAX; + if (end >= DEFAULT_MAP_WINDOW) + end = DEFAULT_MAP_WINDOW; end -= len; if (end > start) {