Received: by 10.223.185.116 with SMTP id b49csp3209411wrg; Mon, 5 Mar 2018 16:35:57 -0800 (PST) X-Google-Smtp-Source: AG47ELuKodWidNnDwL6qDtdRzOTxTfdiHWPv8bGbQnwjjD2BNOPb5hUE+RAQ+cNHWlQVk+VSyNHw X-Received: by 2002:a17:902:b683:: with SMTP id c3-v6mr14779694pls.154.1520296557318; Mon, 05 Mar 2018 16:35:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520296557; cv=none; d=google.com; s=arc-20160816; b=lUVvuxFmnAw6g2EilNwAe7PsydXG9hy1VN3HOVDLUgqN350rnLkasZp2TjFbHqtqmY HbsB3+FkoP0M9bZ72pOY1lc5Bqu2R5SGD+AsgeUQm5AzhMay4yxf9kY3Sp5dc+OVdyFb ilU6Bhcg95J+xeYFg9oOrFBb94H0Hzdl7lxE63rdISovgg5K3mdiuA3AZad5uVsSZb/V UY22+SyrBrhcUlJkyDYQl1PrS2DShNFAlImADqBSH4g/O0zzzp2W+oL4H+6qDWeboB1O Jn7X2h6nDdi0wffSPaJ5z3XF+bI6AWSvXgmCjqz0OA61QUe9+XVNETtGvdPZzLTaeAoB +nfA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:to:from:dkim-signature:arc-authentication-results; bh=cJNAWvuD/aNJT5KU8hw5bL0s8w9r98pBtgK50rGxgqk=; b=UMpHfFQhDN8MIPNB5KPvtZ1Iqu0MLWfIpq/4A+B+0Wqyj+yy3PS3oyR4txksFBjcaD l2+67YDOZev8hKpYnrJrBAXqqo21tU4q2vs5i75wG0xAV92uu6U+QpWp1nILDixvnT92 dqe8P7ncm6BZebfyoH3kTsrdGA4WJRju0Tma5RG0PknqklzPUZkzDto4mVBFJZ+G4AL2 gLwVoL/7HabgakR6CcYxS3gKLnH9HqGTYmdCzPQXoqLZ25KwRjDxugSmWl89g8/JatFf q3BTbjbvwGzkYYDOyqgEmXH8//4tejCtEChydEvBs2r/JSFdJRex7omWRLLIPuu0MVPT uZ0w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=T+vYwGoT; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f1-v6si10168453plb.73.2018.03.05.16.35.43; Mon, 05 Mar 2018 16:35:57 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=T+vYwGoT; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933322AbeCFA0k (ORCPT + 99 others); Mon, 5 Mar 2018 19:26:40 -0500 Received: from aserp2120.oracle.com ([141.146.126.78]:56430 "EHLO aserp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933101AbeCFA0g (ORCPT ); Mon, 5 Mar 2018 19:26:36 -0500 Received: from pps.filterd (aserp2120.oracle.com [127.0.0.1]) by aserp2120.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w260Ldsi034919; Tue, 6 Mar 2018 00:26:33 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : subject : date : message-id : in-reply-to : references; s=corp-2017-10-26; bh=cJNAWvuD/aNJT5KU8hw5bL0s8w9r98pBtgK50rGxgqk=; b=T+vYwGoTXGT/hVlUxfLyHnWKQV+mVAwrN3XW8TDgBLVw7WaSADy6dgHsJ5cOkX9Io+G+ 6juWCQNWg58jVCLPv+s60IzDizJX2BrkPth0eojGFLuyNm5CIwR6XtvZ8yuO92/xkWTh OLll8hZdEjRtkPn/cjOQ/f3cLzbF2HaPLBDeWes45RHVciKb9fgOX1kw57BKAhR0/xca gZdQ6ah3oBJZlcBtHXcVTN1uBfMgcr+2J96zv12WYVg4W/UXR3FUVSDa9+pNIzifgL0v fQfPlPBFeKf/H4V+UpMZEsm7J3+UcCmywku8GBJqkjUvb0WIPkz5VaAin+PtRJqjPvv1 7w== Received: from userv0021.oracle.com (userv0021.oracle.com [156.151.31.71]) by aserp2120.oracle.com with ESMTP id 2ghe3kgg46-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 06 Mar 2018 00:26:33 +0000 Received: from aserv0122.oracle.com (aserv0122.oracle.com [141.146.126.236]) by userv0021.oracle.com (8.14.4/8.14.4) with ESMTP id w260QW6J025808 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Tue, 6 Mar 2018 00:26:32 GMT Received: from abhmp0008.oracle.com (abhmp0008.oracle.com [141.146.116.14]) by aserv0122.oracle.com (8.14.4/8.14.4) with ESMTP id w260QVpA022194; Tue, 6 Mar 2018 00:26:31 GMT Received: from localhost.localdomain (/98.216.35.41) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Mon, 05 Mar 2018 16:26:31 -0800 From: Pavel Tatashin To: steven.sistare@oracle.com, daniel.m.jordan@oracle.com, linux-kernel@vger.kernel.org, Alexander.Levin@microsoft.com, dan.j.williams@intel.com, sathyanarayanan.kuppuswamy@intel.com, pankaj.laxminarayan.bharadiya@intel.com, akuster@mvista.com, cminyard@mvista.com, pasha.tatashin@oracle.com, gregkh@linuxfoundation.org, stable@vger.kernel.org Subject: [PATCH 4.1 37/65] kaiser: kaiser_remove_mapping() move along the pgd Date: Mon, 5 Mar 2018 19:25:10 -0500 Message-Id: <20180306002538.1761-38-pasha.tatashin@oracle.com> X-Mailer: git-send-email 2.16.2 In-Reply-To: <20180306002538.1761-1-pasha.tatashin@oracle.com> References: <20180306002538.1761-1-pasha.tatashin@oracle.com> X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8823 signatures=668683 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1803060003 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Hugh Dickins When removing the bogus comment from kaiser_remove_mapping(), I really ought to have checked the extent of its bogosity: as Neel points out, there is nothing to stop unmap_pud_range_nofree() from continuing beyond the end of a pud (and starting in the wrong position on the next). Fix kaiser_remove_mapping() to constrain the extent and advance pgd pointer correctly: use pgd_addr_end() macro as used throughout base mm (but don't assume page-rounded start and size in this case). But this bug was very unlikely to trigger in this backport: since any buddy allocation is contained within a single pud extent, and we are not using vmapped stacks (and are only mapping one page of stack anyway): the only way to hit this bug here would be when freeing a large modified ldt. Signed-off-by: Hugh Dickins Acked-by: Jiri Kosina Signed-off-by: Greg Kroah-Hartman (cherry picked from commit f127705d26b34c053e59b47aef84b3ea564dd743) Signed-off-by: Pavel Tatashin --- arch/x86/mm/kaiser.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/arch/x86/mm/kaiser.c b/arch/x86/mm/kaiser.c index 190371071a02..8996f3292596 100644 --- a/arch/x86/mm/kaiser.c +++ b/arch/x86/mm/kaiser.c @@ -297,11 +297,13 @@ void kaiser_remove_mapping(unsigned long start, unsigned long size) extern void unmap_pud_range_nofree(pgd_t *pgd, unsigned long start, unsigned long end); unsigned long end = start + size; - unsigned long addr; + unsigned long addr, next; + pgd_t *pgd; - for (addr = start; addr < end; addr += PGDIR_SIZE) { - pgd_t *pgd = native_get_shadow_pgd(pgd_offset_k(addr)); - unmap_pud_range_nofree(pgd, addr, end); + pgd = native_get_shadow_pgd(pgd_offset_k(start)); + for (addr = start; addr < end; pgd++, addr = next) { + next = pgd_addr_end(addr, end); + unmap_pud_range_nofree(pgd, addr, next); } } -- 2.16.2