AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2024-11-24 21:30:53 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
074a1e1167
linux_dsm_epyc7002/arch/mips
History
Paul Burton 074a1e1167
MIPS: Bounds check virt_addr_valid 
The virt_addr_valid() function is meant to return true iff
virt_to_page() will return a valid struct page reference. This is true
iff the address provided is found within the unmapped address range
between PAGE_OFFSET & MAP_BASE, but we don't currently check for that
condition. Instead we simply mask the address to obtain what will be a
physical address if the virtual address is indeed in the desired range,
shift it to form a PFN & then call pfn_valid(). This can incorrectly
return true if called with a virtual address which, after masking,
happens to form a physical address corresponding to a valid PFN.

For example we may vmalloc an address in the kernel mapped region
starting a MAP_BASE & obtain the virtual address:

  addr = 0xc000000000002000

When masked by virt_to_phys(), which uses __pa() & in turn CPHYSADDR(),
we obtain the following (bogus) physical address:

  addr = 0x2000

In a common system with PHYS_OFFSET=0 this will correspond to a valid
struct page which should really be accessed by virtual address
PAGE_OFFSET+0x2000, causing virt_addr_valid() to incorrectly return 1
indicating that the original address corresponds to a struct page.

This is equivalent to the ARM64 change made in commit ca219452c6
("arm64: Correctly bounds check virt_addr_valid").

This fixes fallout when hardened usercopy is enabled caused by the
related commit 517e1fbeb6 ("mm/usercopy: Drop extra
is_vmalloc_or_module() check") which removed a check for the vmalloc
range that was present from the introduction of the hardened usercopy
feature.

Signed-off-by: Paul Burton <paul.burton@mips.com>
References: ca219452c6 ("arm64: Correctly bounds check virt_addr_valid")
References: 517e1fbeb6 ("mm/usercopy: Drop extra is_vmalloc_or_module() check")
Reported-by: Julien Cristau <jcristau@debian.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: YunQiang Su <ysu@wavecomp.com>
URL: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929366
Cc: stable@vger.kernel.org # v4.12+
Cc: linux-mips@vger.kernel.org
Cc: Yunqiang Su <ysu@wavecomp.com>
2019-05-29 12:04:18 -07:00
..
alchemy A few more MIPS changes for 5.2: 2019-05-19 10:05:28 -07:00
ar7 net: phy: fixed-phy: Drop GPIO from fixed_phy_add() 2019-02-04 18:33:36 -08:00
ath25 PCI: consolidate PCI config entry in drivers/pci 2018-11-23 11:45:34 +09:00
ath79 clk: Remove io.h from clk-provider.h 2019-05-15 13:21:37 -07:00
bcm47xx A small batch of MIPS fixes for 5.1: 2019-04-09 16:21:13 -07:00
bcm63xx arch: mips: Kconfig: pedantic formatting 2019-03-19 15:34:04 -07:00
bmips mm: remove include/linux/bootmem.h 2018-10-31 08:54:16 -07:00
boot Kbuild updates for v5.1 2019-03-10 17:48:21 -07:00
cavium-octeon treewide: add checks for the return value of memblock_alloc*() 2019-03-12 10:04:02 -07:00
cobalt
configs Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux 2019-05-16 16:16:18 -07:00
crypto MIPS: crypto: Add crc32 and crc32c hw accelerated module 2018-02-19 20:50:36 +00:00
dec mm: remove include/linux/bootmem.h 2018-10-31 08:54:16 -07:00
emma mm: remove include/linux/bootmem.h 2018-10-31 08:54:16 -07:00
fw mm: remove include/linux/bootmem.h 2018-10-31 08:54:16 -07:00
generic generic: fix appended dtb support 2019-05-13 12:02:47 -07:00
include MIPS: mark ginvt() as __always_inline 2019-05-22 18:45:52 -07:00
jazz MIPS: jazz: fix 64bit build 2019-01-09 13:14:34 -08:00
jz4740 MIPS: ingenic: Add support for appended devicetree 2019-02-21 15:55:41 -08:00
kernel A few more MIPS changes for 5.2: 2019-05-19 10:05:28 -07:00
kvm Main MIPS changes for v5.2: 2019-05-08 16:41:47 -07:00
lantiq Here's the main MIPS pull request for v5.1: 2019-03-05 11:28:25 -08:00
lasat mm: remove include/linux/bootmem.h 2018-10-31 08:54:16 -07:00
lib MIPS: MemoryMapID (MMID) Support 2019-02-04 10:56:41 -08:00
loongson32 MIPS: Loongson32: Remove DMA & NAND devices from ls1b/board.c 2019-02-04 14:44:33 -08:00
loongson64 A small batch of MIPS fixes for 5.1: 2019-04-09 16:21:13 -07:00
math-emu mips: math-emu: no need to check return value of debugfs_create functions 2019-01-22 11:17:20 -08:00
mm MIPS: Bounds check virt_addr_valid 2019-05-29 12:04:18 -07:00
mti-malta MIPS: malta: Use img-ascii-lcd driver for LCD display 2018-11-20 21:05:39 -08:00
net Main MIPS changes for v5.2: 2019-05-08 16:41:47 -07:00
netlogic mm: remove include/linux/bootmem.h 2018-10-31 08:54:16 -07:00
oprofile Remove 'type' argument from access_ok() function 2019-01-03 18:57:57 -08:00
paravirt mips: unify prom_putchar() declarations 2018-07-17 09:40:17 -07:00
pci MIPS: SGI-IP27: abstract chipset irq from bridge 2019-05-09 16:48:20 -07:00
pic32 arch: mips: Kconfig: pedantic formatting 2019-03-19 15:34:04 -07:00
pistachio License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
pmcs-msp71xx PCI: consolidate PCI config entry in drivers/pci 2018-11-23 11:45:34 +09:00
pnx833x MIPS: remove a space after -I to cope with header search paths for VDSO 2019-05-22 18:46:15 -07:00
power License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ralink Revert "MIPS: ralink: fix cpu clock of mt7621 and add dt clk devices" 2019-04-12 11:09:31 -07:00
rb532 ata: rb532_cf: Convert to use GPIO descriptors 2018-12-04 17:15:25 -07:00
sgi-ip22 MIPS: SGI-IP22: provide missing dma_mask/coherent_dma_mask 2019-05-13 12:02:55 -07:00
sgi-ip27 MIPS: SGI-IP27: abstract chipset irq from bridge 2019-05-09 16:48:20 -07:00
sgi-ip32 MIPS: IP32: use generic dma noncoherent ops 2018-06-24 09:27:27 -07:00
sibyte Remove 'type' argument from access_ok() function 2019-01-03 18:57:57 -08:00
sni MIPS: sni: Remove the read_persistent_clock() 2018-05-14 23:58:25 +01:00
tools MIPS: Use a custom elf-entry program to find kernel entry point 2018-08-30 09:39:22 -07:00
txx9 MIPS: TXx9: Fix boot crash in free_initmem() 2019-05-22 18:46:32 -07:00
vdso mips: vdso: drop unnecessary cc-ldoption 2019-04-23 14:53:54 -07:00
vr41xx PCI: consolidate PCI config entry in drivers/pci 2018-11-23 11:45:34 +09:00
Kbuild MIPS: Disable Werror when W= is set 2017-04-10 11:56:07 +02:00
Kbuild.platforms MIPS: Xilfpga: Switch to using generic defconfigs 2017-11-08 22:54:14 +00:00
Kconfig A few more MIPS changes for 5.2: 2019-05-19 10:05:28 -07:00
Kconfig.debug Kconfig: consolidate the "Kernel hacking" menu 2018-08-02 08:06:48 +09:00
Makefile MIPS: Add GINVT instruction helpers 2019-02-04 10:56:35 -08:00
Makefile.postlink License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00