In copy_highpage() the `kto` and `kfrom` local variables are pointers to
struct page, but these are used to hold arbitrary pointers to kernel memory
. Each call to page_address() returns a void pointer to memory associated
with the relevant page, and copy_page() expects void pointers to this
memory.
This inconsistency was introduced in commit 2563776b41c3 ("arm64: mte:
Tags-aware copy_{user_,}highpage() implementations") and while this
doesn't appear to be harmful in practice it is clearly wrong.
Correct this by making `kto` and `kfrom` void pointers.
Fixes: 2563776b41c3 ("arm64: mte: Tags-aware copy_{user_,}highpage() implementations")
Signed-off-by: Tong Tiangen <[email protected]>
Acked-by: Mark Rutland <[email protected]>
---
arch/arm64/mm/copypage.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/arm64/mm/copypage.c b/arch/arm64/mm/copypage.c
index b5447e53cd73..0dea80bf6de4 100644
--- a/arch/arm64/mm/copypage.c
+++ b/arch/arm64/mm/copypage.c
@@ -16,8 +16,8 @@
void copy_highpage(struct page *to, struct page *from)
{
- struct page *kto = page_address(to);
- struct page *kfrom = page_address(from);
+ void *kto = page_address(to);
+ void *kfrom = page_address(from);
copy_page(kto, kfrom);
--
2.18.0.huawei.25
On 2022/4/12 15:25, Tong Tiangen wrote:
> In copy_highpage() the `kto` and `kfrom` local variables are pointers to
> struct page, but these are used to hold arbitrary pointers to kernel memory
> . Each call to page_address() returns a void pointer to memory associated
> with the relevant page, and copy_page() expects void pointers to this
> memory.
>
> This inconsistency was introduced in commit 2563776b41c3 ("arm64: mte:
> Tags-aware copy_{user_,}highpage() implementations") and while this
> doesn't appear to be harmful in practice it is clearly wrong.
>
> Correct this by making `kto` and `kfrom` void pointers.
Reviewed-by: Kefeng Wang <[email protected]>
> Fixes: 2563776b41c3 ("arm64: mte: Tags-aware copy_{user_,}highpage() implementations")
> Signed-off-by: Tong Tiangen <[email protected]>
> Acked-by: Mark Rutland <[email protected]>
> ---
> arch/arm64/mm/copypage.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/arch/arm64/mm/copypage.c b/arch/arm64/mm/copypage.c
> index b5447e53cd73..0dea80bf6de4 100644
> --- a/arch/arm64/mm/copypage.c
> +++ b/arch/arm64/mm/copypage.c
> @@ -16,8 +16,8 @@
>
> void copy_highpage(struct page *to, struct page *from)
> {
> - struct page *kto = page_address(to);
> - struct page *kfrom = page_address(from);
> + void *kto = page_address(to);
> + void *kfrom = page_address(from);
>
> copy_page(kto, kfrom);
>