From patchwork Fri Sep 7 00:36:53 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sasha Levin X-Patchwork-Id: 10591311 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 755CC13BB for ; Fri, 7 Sep 2018 00:37:49 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5EB8E2AF73 for ; Fri, 7 Sep 2018 00:37:49 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 521C32B15A; Fri, 7 Sep 2018 00:37:49 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0E86D2AF73 for ; Fri, 7 Sep 2018 00:37:47 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 61A276B7B94; Thu, 6 Sep 2018 20:37:46 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 58DFD6B7B96; Thu, 6 Sep 2018 20:37:46 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 456886B7B97; Thu, 6 Sep 2018 20:37:46 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-it0-f69.google.com (mail-it0-f69.google.com [209.85.214.69]) by kanga.kvack.org (Postfix) with ESMTP id 1A30A6B7B94 for ; Thu, 6 Sep 2018 20:37:46 -0400 (EDT) Received: by mail-it0-f69.google.com with SMTP id 20-v6so16538651itb.7 for ; Thu, 06 Sep 2018 17:37:46 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:thread-topic :thread-index:date:message-id:references:in-reply-to:accept-language :content-language:spamdiagnosticoutput:spamdiagnosticmetadata :content-transfer-encoding:mime-version; bh=4MHaB83DkVxmPbe2gikclHNslR1QrnWGTsU/73wAv7E=; b=VOsnvm19m/+jTldsaY3NoxdTn1U10iuiMuSB3aY3zf0RqrGH9ID6kBusET4eFo5YEd M/MRvzmIiLNK3KqSPPOzWZbMJRgdY/7tSSGij+aiY4SyIyzkDpdx8EGmcyRAinEj42tX 3JhVw4ZE5BV08aJeWK1uDMHUvm9sha1/6AvgNxOOCmVcu4mU/0g8BcB+0VA+jvbImR1c ZAMiaPJMtjEAZZprGj7RXxB68Iux7He+k8uQ/V/6923PbaNlo2tzTpXd3rv63ECEcBKt TASeDjq4hab60LwbnMofsRrAz/0x0flMUf0YZtue+HNEv9uuoqfFWfY/x5L6TQMv9YT+ LEhw== X-Gm-Message-State: APzg51DjChRy9e+AY9uxYqGTaeCqqGQiUEU0iP9kvt0WKii1VNdjnEP7 gtzLUaK+bDJOUz6327ta8M+XYHVnLyRvE60IILVZ421JiY7+tbFx94skqvIQaU9NtgPF8AsVpil DqmC9ovywaoDs7cu+efZamgECwpyKNBfOzLYo787M9bicYmkG1cvvoSD68Q0Ya6+sEg== X-Received: by 2002:a6b:5a01:: with SMTP id o1-v6mr4389569iob.73.1536280665851; Thu, 06 Sep 2018 17:37:45 -0700 (PDT) X-Google-Smtp-Source: ANB0VdYPe2RfXU/cUAf8Z5TvoprKu3U4k05X9dpdG8zxg93hG5/fCqFu0Dkj7EI0Cv7lTq7A2BUj X-Received: by 2002:a6b:5a01:: with SMTP id o1-v6mr4389537iob.73.1536280665059; Thu, 06 Sep 2018 17:37:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1536280665; cv=none; d=google.com; s=arc-20160816; b=M/DdZpnmjHQtZIP5zrwsF9AmjIsbiFqJYKqbPzUhPdH+GmXxyT32SblGx0DUaha4Rr G5NG04Bzpro5uZiZxyBbB3lqFZ7P61CpIF53SBeyEps2Lz/kSNhtyDAw5GKMblScICts CdIM1OqNgnpWdP2mRwE5ch5914bvewX0AttirJaCHRZptCrBqbAS8z1oY5Q5vJunZufZ E24vUcQy4Z/velK42RIStdIUnuLlyEaUaXkGlDjJdfuqBpLBKBjtsyrPv7VNJI7tU6nO BNrq31eaXJY0afUO7XD34PW+9hFkgAQ0i9eVQsz+7wDfpXiL4JRIoOrvrhcbqi5XY3+N iELQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:content-transfer-encoding:spamdiagnosticmetadata :spamdiagnosticoutput:content-language:accept-language:in-reply-to :references:message-id:date:thread-index:thread-topic:subject:cc:to :from:dkim-signature; bh=4MHaB83DkVxmPbe2gikclHNslR1QrnWGTsU/73wAv7E=; b=gGgB5AnzSGlij6U29Mc+WkWrp4njg1bB9dsQ9y7NfsdKwhXWvcZASVhULDp/D5ZS8b umOe0GXKNtRcdFTYjLyAsA6kAHMmx+MQxF0Tk0OvHDF7oHuvyGsZNO/RHr/boZmxnlgH a2Khh2IwNxZvzQYUEtXBNnWtwH6DBBaxAJfwNh60q/vYDCxJplqqycjA7f7fs/J8QkkK mP8uiD7D8L517DkcjqgIyF8LcBGhthHv7aRctr/7R7HBvpiOJzcVyMocHC6dGq8ucTbL vQAL4JS3GidjDMBECP7+NGXLOruC+Su85lCNc+DacYOee/QRB63lUiUnXskSnSdoVOjN S0hA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@microsoft.com header.s=selector1 header.b=e1JfM6Si; spf=pass (google.com: domain of alexander.levin@microsoft.com designates 104.47.36.126 as permitted sender) smtp.mailfrom=Alexander.Levin@microsoft.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=microsoft.com Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on0126.outbound.protection.outlook.com. [104.47.36.126]) by mx.google.com with ESMTPS id l4-v6si3704582ioh.12.2018.09.06.17.37.44 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 06 Sep 2018 17:37:45 -0700 (PDT) Received-SPF: pass (google.com: domain of alexander.levin@microsoft.com designates 104.47.36.126 as permitted sender) client-ip=104.47.36.126; Authentication-Results: mx.google.com; dkim=pass header.i=@microsoft.com header.s=selector1 header.b=e1JfM6Si; spf=pass (google.com: domain of alexander.levin@microsoft.com designates 104.47.36.126 as permitted sender) smtp.mailfrom=Alexander.Levin@microsoft.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=microsoft.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4MHaB83DkVxmPbe2gikclHNslR1QrnWGTsU/73wAv7E=; b=e1JfM6SiUebFfigV0o2fqJmfSG+Al7OLQTi+NNteJeTgj/B87HdSETDksagx47f6BMJu2Yl1Oj8ouU8qj3MSd4uBgcDi+RC60Ik/cq6OmclUdEbsGJEvzLAAjG5cHzB5nUfal3KiSaE64DGdhoc6r3ixA+MPfUEnqVg5BjBPCaw= Received: from CY4PR21MB0776.namprd21.prod.outlook.com (10.173.192.22) by CY4PR21MB0181.namprd21.prod.outlook.com (10.173.193.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1143.8; Fri, 7 Sep 2018 00:37:40 +0000 Received: from CY4PR21MB0776.namprd21.prod.outlook.com ([fe80::7c3a:eea8:1391:1611]) by CY4PR21MB0776.namprd21.prod.outlook.com ([fe80::7c3a:eea8:1391:1611%7]) with mapi id 15.20.1143.008; Fri, 7 Sep 2018 00:37:40 +0000 From: Sasha Levin To: "stable@vger.kernel.org" , "linux-kernel@vger.kernel.org" CC: Joerg Roedel , Thomas Gleixner , "H . Peter Anvin" , "linux-mm@kvack.org" , Linus Torvalds , Andy Lutomirski , Dave Hansen , Josh Poimboeuf , Juergen Gross , Peter Zijlstra , Borislav Petkov , Jiri Kosina , Boris Ostrovsky , Brian Gerst , David Laight , Denys Vlasenko , Eduardo Valentin , Greg KH , Will Deacon , "aliguori@amazon.com" , Daniel Gruss , "hughd@google.com" , "keescook@google.com" , Andrea Arcangeli , Waiman Long , "David H . Gutteridge" , "joro@8bytes.org" , Sasha Levin Subject: [PATCH AUTOSEL 4.18 87/88] x86/mm/pti: Add an overflow check to pti_clone_pmds() Thread-Topic: [PATCH AUTOSEL 4.18 87/88] x86/mm/pti: Add an overflow check to pti_clone_pmds() Thread-Index: AQHURkLfBdAoKRBJBE+KJ3vVDo65pA== Date: Fri, 7 Sep 2018 00:36:53 +0000 Message-ID: <20180907003547.57567-87-alexander.levin@microsoft.com> References: <20180907003547.57567-1-alexander.levin@microsoft.com> In-Reply-To: <20180907003547.57567-1-alexander.levin@microsoft.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [52.168.54.252] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1;CY4PR21MB0181;6:9Y4KDxRKkl+8OYwvpgmX6iBuEcieApMKYv5fZrBeMExK3e2ZPX4DscrZHijvuJApRmvVRRkFLdxeWPia2rvqGPlgzpK3lmUQOZfcl1mhKl0GmXNSdPKDFs7RR1v5kq234keff8uAMLGQ93Lx2cvstyjzqIZmq5ZldYEsq4V1O7th72+qHqkoT0831AR0u9XPszvsj34ZuxyJyu3LH+GADiD6whWgAIoiOgJgDVCbVS0Kn8M6UpmI+syKgunypcUz0Zje5B86JeR3bCtChciwNgmNdwJ8R+kp8ZbUjJbz9SEfmW10ZVqeiGfxGPp1xF7bY7ObaqZKkXAoJCM7WCvNBDpFU31I6z9X3bOKZA9gXHpvnvzLUU4/GDdhjGPX471weiEhpzxrDsyo+ouqCKe4LbfpfVu945kJRuzqnA24axV6pfJHvddw2Khy2d0R+lS76UEZ9IKmq6Uyf0PnOMKOOQ==;5:dOvqL8uopa9Px3hZloRiulbN7uCE9olpjQ6RQ8V25oob14VaUna5VieWQ52hV9cD9YJhVkVDzeQCLvA7RW3wmXdVmw/BAfe4VA5FBY7jeIWNvBcK+lNVHUJY/kJFYLzVYMX6mMom4JrVWUmP6B6ZFl2DDXzunY2PSFcRCJij0Nc=;7:rjer4zvvHGE7wxg1TZtUcp3yp8sxpScmBOjSc0qGIZMrO3reUQd2Xto1uYa2vP6CqWxWjjNgJoRU1zlqYQK/9SVQXiyrVJB6AytvnZipap3PI91YM9f1q3h7UgbQa1vSkP6DBRdhxjIkqoi8k5wAW+gb37nQES1+Lwk6lHF4wRg/+UE9rwDJ+Bd5N9jNGzHGnRzzjx8PtWZed2+gEIIyK4tRmIGLF+zbDl6acmKMWyJREWjnJt8k8yVZ6zhsP9vn x-ms-office365-filtering-correlation-id: d9dffca8-b137-431d-cfbb-08d6145a1e71 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: BCL:0;PCL:0;RULEID:(7020095)(4652040)(8989137)(4534165)(4627221)(201703031133081)(201702281549075)(8990107)(5600074)(711020)(4618075)(2017052603328)(7193020);SRVR:CY4PR21MB0181; x-ms-traffictypediagnostic: CY4PR21MB0181: x-ld-processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(20283166320243)(28532068793085)(180628864354917)(89211679590171)(33061846794335)(85827821059158)(211936372134217)(42068640409301)(146099531331640)(47284530071512); x-ms-exchange-senderadcheck: 1 x-exchange-antispam-report-cfa-test: BCL:0;PCL:0;RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(10201501046)(93006095)(93001095)(3002001)(3231344)(944501410)(52105095)(2018427008)(6055026)(149027)(150027)(6041310)(20161123564045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(20161123558120)(201708071742011)(7699049)(76991033);SRVR:CY4PR21MB0181;BCL:0;PCL:0;RULEID:;SRVR:CY4PR21MB0181; x-forefront-prvs: 07880C4932 x-forefront-antispam-report: SFV:NSPM;SFS:(10019020)(366004)(39860400002)(396003)(136003)(376002)(346002)(189003)(199004)(217873002)(72206003)(22452003)(966005)(2900100001)(8676002)(10290500003)(2501003)(478600001)(68736007)(305945005)(76176011)(81156014)(105586002)(81166006)(7416002)(256004)(10090500001)(8936002)(14454004)(2906002)(5660300001)(110136005)(54906003)(316002)(106356001)(6346003)(6436002)(26005)(25786009)(1076002)(99286004)(6116002)(6512007)(39060400002)(3846002)(7736002)(186003)(4326008)(6666003)(107886003)(6306002)(476003)(66066001)(97736004)(86612001)(2616005)(6486002)(446003)(53936002)(575784001)(86362001)(11346002)(102836004)(486006)(36756003)(6506007)(5250100002);DIR:OUT;SFP:1102;SCL:1;SRVR:CY4PR21MB0181;H:CY4PR21MB0776.namprd21.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords;MX:1;A:1; received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts) authentication-results: spf=none (sender IP is ) smtp.mailfrom=Alexander.Levin@microsoft.com; x-microsoft-antispam-message-info: dvRseBMDdOoqoEcjTQohqjPLC83sl078TawctBQ6AC/wVS2WvKxgszV7TqQScu9+Sc4tPVapYwOIm2Kuylzwsyhi7jdgOO8hWrRtchFi4QdzQT8PdOSZumzidhrmmLn3y3PQ6naJhzsxxm1uBazTGlzGFryu5V1SCAQWQ069B5ET1gR/EkTjtkB5XOAIO/+sU/+ixKRpxx+haG/uMc7nroYvkJwYA7IIy9GLdSSkgO7DIASmF4XXish5+xZS3z8cfSGhiFxQYZ5FPuE6DoIYplwQtlokngdslFCBDSxEJrzyhT5PIpgRO+VqAm3mqkMMoMwis2Ele8O4mGFCEdoOvGRZ33nwwQ1Hz8/IPmeRMKk= spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: d9dffca8-b137-431d-cfbb-08d6145a1e71 X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Sep 2018 00:36:53.6975 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0181 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Joerg Roedel [ Upstream commit 935232ce28dfabff1171e5a7113b2d865fa9ee63 ] The addr counter will overflow if the last PMD of the address space is cloned, resulting in an endless loop. Check for that and bail out of the loop when it happens. Signed-off-by: Joerg Roedel Signed-off-by: Thomas Gleixner Tested-by: Pavel Machek Cc: "H . Peter Anvin" Cc: linux-mm@kvack.org Cc: Linus Torvalds Cc: Andy Lutomirski Cc: Dave Hansen Cc: Josh Poimboeuf Cc: Juergen Gross Cc: Peter Zijlstra Cc: Borislav Petkov Cc: Jiri Kosina Cc: Boris Ostrovsky Cc: Brian Gerst Cc: David Laight Cc: Denys Vlasenko Cc: Eduardo Valentin Cc: Greg KH Cc: Will Deacon Cc: aliguori@amazon.com Cc: daniel.gruss@iaik.tugraz.at Cc: hughd@google.com Cc: keescook@google.com Cc: Andrea Arcangeli Cc: Waiman Long Cc: "David H . Gutteridge" Cc: joro@8bytes.org Link: https://lkml.kernel.org/r/1531906876-13451-25-git-send-email-joro@8bytes.org Signed-off-by: Sasha Levin --- arch/x86/mm/pti.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/x86/mm/pti.c b/arch/x86/mm/pti.c index ffa2f0f67904..1d2106d83b4e 100644 --- a/arch/x86/mm/pti.c +++ b/arch/x86/mm/pti.c @@ -306,6 +306,10 @@ pti_clone_pmds(unsigned long start, unsigned long end, pmdval_t clear) p4d_t *p4d; pud_t *pud; + /* Overflow check */ + if (addr < start) + break; + pgd = pgd_offset_k(addr); if (WARN_ON(pgd_none(*pgd))) return;