Received: by 10.192.165.156 with SMTP id m28csp775971imm; Mon, 16 Apr 2018 08:32:16 -0700 (PDT) X-Google-Smtp-Source: AIpwx4+iKus4x64u/OLJLwGG64UDv0nNnZvkrmB1Bo4+1EtZsT8UgQwKCNNclGESeeMp1Ig7eoYp X-Received: by 10.101.70.203 with SMTP id n11mr13423384pgr.166.1523892736246; Mon, 16 Apr 2018 08:32:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1523892736; cv=none; d=google.com; s=arc-20160816; b=NLK4UsZLrSfGg+covP0CoIFJRKpeHP1/zKlp6dIq0nsMmD71OInd5iy6ZDW8n3Y3yO udBLeCskfBnKPuPaxZEq40sK5sSLtpmz8NuPH/ZRe7Zn4UUThiukpDaq6GEEuNTDTzlC cZ7hdgbSUwRt3VjxHNd59rkJzLm4W0lksuMCdOGztcZxlAnVxigE1xUkpGj3U5sgPguo TVaKp8Cuw1DkVPxt0CbzoCj/yZsNW70c3Art53BMKGbK9mjOzu94LPXrs74q9KOMZNhC vQoh/hc73tOUxG0EAP0h+3oPQYBGNbl9+3AVw+7U2BNKkh5I2Z7duS9L3HPq8TnACMh7 HiFg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature:arc-authentication-results; bh=02ZYST3vL3TajOm1Vb8AN5LojMZtoSkZRi5vbIS2byQ=; b=0Q2TV19xLaHCAYKsaJ2HaOHyfvNh1vXcTjj76+mhb64khB8GAqS5mNuuM49l7vhOsR 7UWmQ5l1PRT1EEwxUuOgSkDSViVGPFE5ujeyjnisi9zIXWQjBgBpbAO4F1sDDSYUw6U2 2qxgIRCd5p/Qlxj+QZpeY3U3BCXZVrpN2m05ZL7OQpuytKtljaqxkr4Xc87esZkNNfp3 W48aAEIYbGSrpLLb7zzPyZr8aYOT44vzVoDcwkYVM8Ctqneu4vS/2JlcTaiW08/FFPiN Yh2Vl+hWc0i4JolUay8zZlhW+RuFG3HI2Sc9cQXO7cjt53Wtlg4u0L8zJZzidocqLw1/ DaTQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail (test mode) header.i=@8bytes.org header.s=mail-1 header.b=kL+pVzQM; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=8bytes.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t5si9516576pgo.96.2018.04.16.08.32.02; Mon, 16 Apr 2018 08:32:16 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail (test mode) header.i=@8bytes.org header.s=mail-1 header.b=kL+pVzQM; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=8bytes.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753168AbeDPP3Q (ORCPT + 99 others); Mon, 16 Apr 2018 11:29:16 -0400 Received: from 8bytes.org ([81.169.241.247]:36190 "EHLO theia.8bytes.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752938AbeDPPZu (ORCPT ); Mon, 16 Apr 2018 11:25:50 -0400 Received: by theia.8bytes.org (Postfix, from userid 1000) id 0F18CABB; Mon, 16 Apr 2018 17:25:40 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=8bytes.org; s=mail-1; t=1523892341; bh=xn5pNPiTRCyYPTTAMp1aA8vj8W7yd3mAgFqUBkGzR9c=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=kL+pVzQMAGdBu/TrYvHE3H2n7MBUaBbydBEsQs68yP8UiKUkgxELwPf0erf5hlLPC Xa/B9dwhHwwp0Ym8AiaAc9kRSpOp4yC18gQRMT5bd9+3ejKHkkfsW+yziCJWYvO7Tg alc3y1u7qOgaEeFvz9KShuHCpgcEhgcmQzN2XH2DAIKEQJ6NyGw24/a/SICnD5Y57j oaSAxB7Ujpq8KFsiebvpNkbD9RWVDZiYC8NvYVsY2/ovWcFzNyzGw+SDGR3K/pM3ak qmIGG4hNC39bfrYTU6Rkimeuu+6N3ujaob3Y4Mn8nJdL50qr5QLBZClyoHKVL72jsJ +gAujQyZfgEDA== From: Joerg Roedel To: Thomas Gleixner , Ingo Molnar , "H . Peter Anvin" Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, Linus Torvalds , Andy Lutomirski , Dave Hansen , Josh Poimboeuf , Juergen Gross , Peter Zijlstra , Borislav Petkov , Jiri Kosina , Boris Ostrovsky , Brian Gerst , David Laight , Denys Vlasenko , Eduardo Valentin , Greg KH , Will Deacon , aliguori@amazon.com, daniel.gruss@iaik.tugraz.at, hughd@google.com, keescook@google.com, Andrea Arcangeli , Waiman Long , Pavel Machek , "David H . Gutteridge" , jroedel@suse.de, joro@8bytes.org Subject: [PATCH 24/35] x86/mm/pti: Add an overflow check to pti_clone_pmds() Date: Mon, 16 Apr 2018 17:25:12 +0200 Message-Id: <1523892323-14741-25-git-send-email-joro@8bytes.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1523892323-14741-1-git-send-email-joro@8bytes.org> References: <1523892323-14741-1-git-send-email-joro@8bytes.org> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Joerg Roedel The addr counter will overflow if we clone the last PMD of the address space, resulting in an endless loop. Check for that and bail out of the loop when it happens. Signed-off-by: Joerg Roedel --- arch/x86/mm/pti.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/x86/mm/pti.c b/arch/x86/mm/pti.c index 9bea9c3..f967b51 100644 --- a/arch/x86/mm/pti.c +++ b/arch/x86/mm/pti.c @@ -297,6 +297,10 @@ pti_clone_pmds(unsigned long start, unsigned long end, pmdval_t clear) p4d_t *p4d; pud_t *pud; + /* Overflow check */ + if (addr < start) + break; + pgd = pgd_offset_k(addr); if (WARN_ON(pgd_none(*pgd))) return; -- 2.7.4