Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751821AbdITXZw (ORCPT ); Wed, 20 Sep 2017 19:25:52 -0400 Received: from mga09.intel.com ([134.134.136.24]:52269 "EHLO mga09.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751594AbdITXZv (ORCPT ); Wed, 20 Sep 2017 19:25:51 -0400 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.42,422,1500966000"; d="scan'208";a="1016772790" Subject: Re: [PATCH v5 03/10] swiotlb: Map the buffer if it was unmapped by XPFO To: Tycho Andersen References: <20170809200755.11234-1-tycho@docker.com> <20170809200755.11234-4-tycho@docker.com> <5877eed8-0e8e-0dec-fdc7-de01bdbdafa8@intel.com> <20170920224739.3kgzmntabmkedohw@smitten> Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org, kernel-hardening@lists.openwall.com, Marco Benatto , Juerg Haefliger , Juerg Haefliger From: Dave Hansen Message-ID: <370bb00d-8c1c-1a69-7c7f-f6135b16b4fa@intel.com> Date: Wed, 20 Sep 2017 16:25:48 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0 MIME-Version: 1.0 In-Reply-To: <20170920224739.3kgzmntabmkedohw@smitten> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 824 Lines: 19 On 09/20/2017 03:47 PM, Tycho Andersen wrote: > >>> static inline void *skcipher_map(struct scatter_walk *walk) >>> { >>> struct page *page = scatterwalk_page(walk); >>> >>> return (PageHighMem(page) ? kmap_atomic(page) : page_address(page)) + >>> offset_in_page(walk->offset); >>> } >> Is there any better way to catch these? Like, can we add some debugging >> to check for XPFO pages in __va()? > Yes, and perhaps also a debugging check in PageHighMem? I'm not sure what PageHighMem() would check. It's OK to use as long as you don't depend on the contents of the page. > Would __va have caught either of the two cases you've pointed out? Yes. __va() is what is eventually called by lowmem_page_address(), which is only OK to call on things that are actually mapped into the kernel.