Received: by 2002:ac0:a594:0:0:0:0:0 with SMTP id m20-v6csp4284565imm; Fri, 18 May 2018 02:29:12 -0700 (PDT) X-Google-Smtp-Source: AB8JxZovuUSUO8ifxcXmuJ+vlxIVBb5xEMvrBUm8QU6DPVyuWB58oN9ImFb90m1uc4FxEEwQqo3e X-Received: by 2002:a17:902:7288:: with SMTP id d8-v6mr8724213pll.218.1526635752567; Fri, 18 May 2018 02:29:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1526635752; cv=none; d=google.com; s=arc-20160816; b=y80IrLGJHEuzha5cwv1nM3yzU57PJzWVbuBPTns7AI/ec9u44ZYDUJMUhHNKVUDvqY tCCVy1V6Yx+rOAfa+oiQ7TlvJOahXOD3qZ5o30z340Gx0KtuTSiz/9Qm+c4/0o4uIaD4 VeZPwIF3VExLOZ+3EU1Jcgk/GMAicZvrnZhEjFvPdL3wXL8gHzSxTpZWj0O7ZYXEtU0+ YYL3CYmtVQJXmEqhCNDnBqx33EGBrRMNEgYOnw8zxgkpHtRt8bl64qnJfyiPuo9s2yXM Gl31B2Xg8OCNOoPIAlUd5YR6Ooc+o0mX6JTjs9GQmvk7wyKUfdE3hQYgYyoOH8xAaf05 iOMw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature:arc-authentication-results; bh=0PtTQjEcu7ACoXBpujgsY2VcR05/eApz77R5SIX6bmI=; b=Yq7DTycwFlLa1QAZp6SySzwyToIa1xXyfkR7ZZ87OBB92TXEWY1gItlWSiX/7459nL Xm0DRepBRpVqY86okWK0S3ebORsQCHxTOcgKAUg7fDO68V7TdcTqhvnltqO4+pBiWu1z Jo16GORufLW0+27Hiwyp8iC7d3DCrpOctRnUSWvOSrYRNbiOvt6XIL2jM9ALXpdltEhz JR5ofPnV8u5ertvIcdZUeJg2TLWeqeT3J3lYTODoHyPKnzChllYzdu5i6VYBLkOzuBti Yy+4XEjuSyzFmWa65bifIlkT+fh+fpPDruAVj3Cgq9h0dnfyPfZnu6c8CGMWtcmJAtMF Cj/A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=c3v4nsns; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a7-v6si5750084pgd.338.2018.05.18.02.28.58; Fri, 18 May 2018 02:29:12 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=c3v4nsns; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753362AbeERJ2G (ORCPT + 99 others); Fri, 18 May 2018 05:28:06 -0400 Received: from mail-pl0-f68.google.com ([209.85.160.68]:33817 "EHLO mail-pl0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752583AbeERJ1v (ORCPT ); Fri, 18 May 2018 05:27:51 -0400 Received: by mail-pl0-f68.google.com with SMTP id ay10-v6so4267520plb.1 for ; Fri, 18 May 2018 02:27:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=0PtTQjEcu7ACoXBpujgsY2VcR05/eApz77R5SIX6bmI=; b=c3v4nsnspXp/PsoAhsKMtcs8ZzXgWPDRTGyRCnUfae4NyIkM+KCaIGdsWcB0/TwM0U +w02MUJyEyCpuPGOGVXCJW7XX67WJoIYnWvJIM+em5+gm+8rXIE0KZa41pTSeAl9+/Jf MqfxtCaA/6EGcJcaHDOitHv7yuHTYNF3qc/uJRxCC4Cwh2k53+0oTYRRokCUhIluEjn8 jdRWjfPThRj0qNLVab99HH+QWMOveqNl9JB6RS8YIvujQjXLyqTC8wd9/N2P+V01V4+g pQlCprObCDrBCqA7hs9iHsHs9yzHZbUXMPC451dXPQvvuxPXkMpwnQX16GHAkYqxy0Gh sEoA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=0PtTQjEcu7ACoXBpujgsY2VcR05/eApz77R5SIX6bmI=; b=ERCpPu7CABqEFERSa7OpMHHOclXCvgeztUoA+ocHLRfxOQSvUyFuL7m16jRhq0QcbH AP9UB1lQCez4QRD6Y8TtXFBw37ESvXHCE7HawN3Sto9YTDjHmFs0xVELMg5+b6jX+yU3 8L1fOLFVFnfejhSsPpUYb9k6NNQhDgFV9ivkOb0eAv+DGqUrOywL+i7AwORIVm5X0ecN sshNhPviCtHqp0j/Jf2zO8ZJtpHLOc9kwEpPOe13MowqriV0pEdjHRrPbFq6dvNxdSgk Je/9XGKLEz59umEUU8NAdP7Nmuy4oetIuZtcxTZl1Uvxqd/3qlKnLZi29Bo2mkGhFAXi pRoQ== X-Gm-Message-State: ALKqPwfc7r+naQ8g1Y/L7Mw+a0fz+M3MZnlRKcb4Fqj7jTuvYHyRqxx2 copDzvSUimH57GGBp+KNaGY= X-Received: by 2002:a17:902:a9c1:: with SMTP id b1-v6mr8920465plr.181.1526635671237; Fri, 18 May 2018 02:27:51 -0700 (PDT) Received: from ct7host.localdomain ([38.106.11.25]) by smtp.gmail.com with ESMTPSA id o10-v6sm9162338pgp.30.2018.05.18.02.27.47 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 18 May 2018 02:27:50 -0700 (PDT) From: Jia He To: Christoffer Dall , Marc Zyngier , linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu Cc: Suzuki.Poulose@arm.com, linux-kernel@vger.kernel.org, Jia He , jia.he@hxt-semitech.com Subject: [PATCH v2 2/2] KVM: arm/arm64: harden unmap_stage2_ptes in case end is not PAGE_SIZE aligned Date: Fri, 18 May 2018 17:27:10 +0800 Message-Id: <1526635630-18917-2-git-send-email-hejianet@gmail.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1526635630-18917-1-git-send-email-hejianet@gmail.com> References: <1526635630-18917-1-git-send-email-hejianet@gmail.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org If it passes addr=0x202920000,size=0xfe00 to unmap_stage2_range-> ...->unmap_stage2_ptes, unmap_stage2_ptes will get addr=0x202920000, end=0x20292fe00. After first while loop addr=0x202930000, end=0x20292fe00, then addr!=end. Thus it will touch another pages by put_pages() in the 2nd loop. This patch fixes it by hardening the break condition of while loop. Signed-off-by: jia.he@hxt-semitech.com --- v2: newly added virt/kvm/arm/mmu.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/virt/kvm/arm/mmu.c b/virt/kvm/arm/mmu.c index 8dac311..45cd040 100644 --- a/virt/kvm/arm/mmu.c +++ b/virt/kvm/arm/mmu.c @@ -217,7 +217,7 @@ static void unmap_stage2_ptes(struct kvm *kvm, pmd_t *pmd, put_page(virt_to_page(pte)); } - } while (pte++, addr += PAGE_SIZE, addr != end); + } while (pte++, addr += PAGE_SIZE, addr < end); if (stage2_pte_table_empty(start_pte)) clear_stage2_pmd_entry(kvm, pmd, start_addr); -- 1.8.3.1