Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1754646AbbGFPiV (ORCPT <rfc822;w@1wt.eu>);
	Mon, 6 Jul 2015 11:38:21 -0400
Received: from terminus.zytor.com ([198.137.202.10]:49114 "EHLO
	terminus.zytor.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1753554AbbGFPiS (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Mon, 6 Jul 2015 11:38:18 -0400
Date: Mon, 6 Jul 2015 08:37:27 -0700
From: tip-bot for Andrey Ryabinin <tipbot@zytor.com>
Message-ID: <tip-d4f86beacc21d538dc41e1fc75a22e084f547edf@git.kernel.org>
Cc: linux-kernel@vger.kernel.org, adech.fo@gmail.com, a.ryabinin@samsung.com,
        torvalds@linux-foundation.org, alpopov@ptsecurity.com, hpa@zytor.com,
        mingo@kernel.org, peterz@infradead.org, glider@google.com,
        bp@alien8.de, tglx@linutronix.de, dvyukov@google.com
Reply-To: dvyukov@google.com, tglx@linutronix.de, bp@alien8.de,
        glider@google.com, peterz@infradead.org, hpa@zytor.com,
        mingo@kernel.org, alpopov@ptsecurity.com,
        torvalds@linux-foundation.org, a.ryabinin@samsung.com,
        adech.fo@gmail.com, linux-kernel@vger.kernel.org
In-Reply-To: <1435828178-10975-5-git-send-email-a.ryabinin@samsung.com>
References: <1435828178-10975-5-git-send-email-a.ryabinin@samsung.com>
To: linux-tip-commits@vger.kernel.org
Subject: [tip:x86/urgent] x86/kasan: Fix boot crash on AMD processors
Git-Commit-ID: d4f86beacc21d538dc41e1fc75a22e084f547edf
X-Mailer: tip-git-log-daemon
Robot-ID: <tip-bot.git.kernel.org>
Robot-Unsubscribe: Contact <mailto:hpa@kernel.org>
  to get blacklisted from these emails
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=UTF-8
Content-Disposition: inline
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 2913
Lines: 72

Commit-ID:  d4f86beacc21d538dc41e1fc75a22e084f547edf
Gitweb:     http://git.kernel.org/tip/d4f86beacc21d538dc41e1fc75a22e084f547edf
Author:     Andrey Ryabinin <a.ryabinin@samsung.com>
AuthorDate: Thu, 2 Jul 2015 12:09:36 +0300
Committer:  Ingo Molnar <mingo@kernel.org>
CommitDate: Mon, 6 Jul 2015 14:53:14 +0200

x86/kasan: Fix boot crash on AMD processors

While populating zero shadow wrong bits in upper level page
tables used. __PAGE_KERNEL_RO that was used for pgd/pud/pmd has
_PAGE_BIT_GLOBAL set. Global bit is present only in the lowest
level of the page translation hierarchy (ptes), and it should be
zero in upper levels.

This bug seems doesn't cause any troubles on Intel cpus, while
on AMDs it cause kernel crash on boot.

Use _KERNPG_TABLE bits for pgds/puds/pmds to fix this.

Reported-by: Borislav Petkov <bp@alien8.de>
Signed-off-by: Andrey Ryabinin <a.ryabinin@samsung.com>
Cc: <stable@vger.kernel.org> # 4.0+
Cc: Alexander Popov <alpopov@ptsecurity.com>
Cc: Alexander Potapenko <glider@google.com>
Cc: Andrey Konovalov <adech.fo@gmail.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/1435828178-10975-5-git-send-email-a.ryabinin@samsung.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
 arch/x86/mm/kasan_init_64.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/arch/x86/mm/kasan_init_64.c b/arch/x86/mm/kasan_init_64.c
index 5d26642..9a54dbe 100644
--- a/arch/x86/mm/kasan_init_64.c
+++ b/arch/x86/mm/kasan_init_64.c
@@ -85,7 +85,7 @@ static int __init zero_pmd_populate(pud_t *pud, unsigned long addr,
 	while (IS_ALIGNED(addr, PMD_SIZE) && addr + PMD_SIZE <= end) {
 		WARN_ON(!pmd_none(*pmd));
 		set_pmd(pmd, __pmd(__pa_nodebug(kasan_zero_pte)
-					| __PAGE_KERNEL_RO));
+					| _KERNPG_TABLE));
 		addr += PMD_SIZE;
 		pmd = pmd_offset(pud, addr);
 	}
@@ -111,7 +111,7 @@ static int __init zero_pud_populate(pgd_t *pgd, unsigned long addr,
 	while (IS_ALIGNED(addr, PUD_SIZE) && addr + PUD_SIZE <= end) {
 		WARN_ON(!pud_none(*pud));
 		set_pud(pud, __pud(__pa_nodebug(kasan_zero_pmd)
-					| __PAGE_KERNEL_RO));
+					| _KERNPG_TABLE));
 		addr += PUD_SIZE;
 		pud = pud_offset(pgd, addr);
 	}
@@ -136,7 +136,7 @@ static int __init zero_pgd_populate(unsigned long addr, unsigned long end)
 	while (IS_ALIGNED(addr, PGDIR_SIZE) && addr + PGDIR_SIZE <= end) {
 		WARN_ON(!pgd_none(*pgd));
 		set_pgd(pgd, __pgd(__pa_nodebug(kasan_zero_pud)
-					| __PAGE_KERNEL_RO));
+					| _KERNPG_TABLE));
 		addr += PGDIR_SIZE;
 		pgd = pgd_offset_k(addr);
 	}
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/