Received: by 2002:ac0:a594:0:0:0:0:0 with SMTP id m20-v6csp4496678imm; Fri, 18 May 2018 06:09:48 -0700 (PDT) X-Google-Smtp-Source: AB8JxZqEEtbBmVx4aSPQV7qutF/VCO9qC16G5riICvpHM88hhfhNNg8KIVhQNIsiMmbuvJA6UwXG X-Received: by 2002:a65:4282:: with SMTP id j2-v6mr1113653pgp.189.1526648988079; Fri, 18 May 2018 06:09:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1526648988; cv=none; d=google.com; s=arc-20160816; b=K2L2XKP8dUEDfiNoxjzQbaWsxtI/gZ3b/yqrSABdJsq9ervtmofrWw74WmOohLsG3g No+Z1A36oduWX/dMfqziJDM9SpB9PW7boJWu3KcUVW4IrQfyXht2vbPXPPo4jkhFJ5cm AahKZRKMp1d9gN4MzPUq3m19Tt8qDf8ao3Hp5yVulrr26DDPjVl39OMGASc0QGETSiw5 307e65aCvI+BFaksiBT37TlZzAyRFmar/0ZCU51dVXMVKspiJc/gol2PfCv+H0keFl/F Cxp50Bexn21jXbRqyOzifld1Nuz24wSfOMRsNnD/PzZ03G+K+2+qTX2gKcp0nouUXkKA /5oA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:in-reply-to :mime-version:user-agent:date:message-id:from:references:cc:to :subject:dkim-signature:arc-authentication-results; bh=GOWFlMVNPEqAXN8IJDDSS1Lhebv2/hjPnXCz9ZIZUZc=; b=TXaMzmUIPyLBWNbM1t3dw29SC+6hrfh7K4XKx3SpxNdqQvbI3xFbKDbcAR7KMeHWMA /AeotsjPpgrdBW/n3u+pDRpIQjpAQl9O6V5rTV3WCKYQl4z1EVgKj/nww+3B9ebiJLWO NdLqoOdCk2PLaKxOQ1wRB/f+IhT979sgiR5a6hmUNb38hCGb/4+neYszctWjtnOhQ99e A7+PQGE0WE3UwrJpVvOF0pdyiTfHha1ysQu+4VNuknuVgJKhIu8iVY+4a5mNpd2O/7BC ZNF/AWUahK8A+9zNAKhJMX7616HPFH92Ak32KYU7K/S+IuaecwlTCzD7v7xsyIWBEQ3c hvvw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=HGwFMY3M; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f5-v6si4011256pgn.453.2018.05.18.06.09.10; Fri, 18 May 2018 06:09:48 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=HGwFMY3M; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752103AbeERNFY (ORCPT + 99 others); Fri, 18 May 2018 09:05:24 -0400 Received: from mail-pl0-f66.google.com ([209.85.160.66]:33462 "EHLO mail-pl0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752265AbeERNFR (ORCPT ); Fri, 18 May 2018 09:05:17 -0400 Received: by mail-pl0-f66.google.com with SMTP id n10-v6so4571092plp.0 for ; Fri, 18 May 2018 06:05:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding; bh=GOWFlMVNPEqAXN8IJDDSS1Lhebv2/hjPnXCz9ZIZUZc=; b=HGwFMY3Mpo2D2epyt3Bg9LIILc8DKhTQnUD/5aOUFOQQKZDb343Z5cbFXtrkqMqGGj ew5cUOlKBNcRiX6JJn/ht2Uaso5a8Ie1P1jBNv6W76PuJt46x+O/1XqeEuYlRTVQGeMK 6utYe+LByfYA2/9GEo3GbSBZaOkFWJrWYfk42tP5Jlz/KIpMTSwqnJN+A1W4C059HOCN +Y4hJyhpKzMVNakDDrmDxyQPH2bZtGksZUDrI7RTASUfmtcA/SGAKjLBohfcJbfD/TiT nc2eOoY35K/6lHiwnTF/6O0FpndHIULrPyzjUvmoEXPYsitjgw4MBbrJYwC0jQCr72a9 XGew== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=GOWFlMVNPEqAXN8IJDDSS1Lhebv2/hjPnXCz9ZIZUZc=; b=hdM9oAHHvIkLW2DtUNFCuFfTUTuWjLGw1hDkz/zHNK0bH9ie+nn4To5NSUvpRtWjUj LRqiJaqnn3c9OqnWPjulqUoOK9cpH/CmIlLj6bzC0B3L5mWi1vX878n5WeY2SV3mYu6X jUmQecoxeTRVL1oRm8GX7+uBw7HW6K1HTIJTRr2TCFyCibRpwe670DyOiCdlA9thwfr0 W4/Qys48on1lzxfQRBpvQO5yWAvo6/hhotp5abdAIHFCpoNFfUG5Yj4owGyFWRmKCcsc ZDAReXbFVlcF9WlSu5EBHXOPzYPFABAVusj7wupQdMjlTEXRraynOJ4dByl4vICrxCAj iD0w== X-Gm-Message-State: ALKqPwcX/BKoi+jcNjOXI61fD74RwMaFW0WO1TxI+zeE1fjY35SCM14Z YdE69RLnhS1v6SVCAkE6/Is= X-Received: by 2002:a17:902:2d24:: with SMTP id o33-v6mr9534273plb.14.1526648717252; Fri, 18 May 2018 06:05:17 -0700 (PDT) Received: from [0.0.0.0] (67.216.217.169.16clouds.com. [67.216.217.169]) by smtp.gmail.com with ESMTPSA id e126-v6sm13333009pfh.5.2018.05.18.06.05.08 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 18 May 2018 06:05:16 -0700 (PDT) Subject: Re: [PATCH v2 2/2] KVM: arm/arm64: harden unmap_stage2_ptes in case end is not PAGE_SIZE aligned To: Marc Zyngier , Christoffer Dall , linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu Cc: Suzuki.Poulose@arm.com, linux-kernel@vger.kernel.org, jia.he@hxt-semitech.com References: <1526635630-18917-1-git-send-email-hejianet@gmail.com> <1526635630-18917-2-git-send-email-hejianet@gmail.com> <2185a61e-c157-e177-9bad-83b6f27fd784@arm.com> From: Jia He Message-ID: <50c98169-1606-48bf-0489-124adefd2a54@gmail.com> Date: Fri, 18 May 2018 21:04:40 +0800 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0 MIME-Version: 1.0 In-Reply-To: <2185a61e-c157-e177-9bad-83b6f27fd784@arm.com> Content-Type: text/plain; charset=gbk Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 5/18/2018 5:48 PM, Marc Zyngier Wrote: > On 18/05/18 10:27, Jia He wrote: >> If it passes addr=0x202920000,size=0xfe00 to unmap_stage2_range-> >> ...->unmap_stage2_ptes, unmap_stage2_ptes will get addr=0x202920000, >> end=0x20292fe00. After first while loop addr=0x202930000, end=0x20292fe00, >> then addr!=end. Thus it will touch another pages by put_pages() in the >> 2nd loop. >> >> This patch fixes it by hardening the break condition of while loop. >> >> Signed-off-by: jia.he@hxt-semitech.com >> --- >> v2: newly added >> >> virt/kvm/arm/mmu.c | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/virt/kvm/arm/mmu.c b/virt/kvm/arm/mmu.c >> index 8dac311..45cd040 100644 >> --- a/virt/kvm/arm/mmu.c >> +++ b/virt/kvm/arm/mmu.c >> @@ -217,7 +217,7 @@ static void unmap_stage2_ptes(struct kvm *kvm, pmd_t *pmd, >> >> put_page(virt_to_page(pte)); >> } >> - } while (pte++, addr += PAGE_SIZE, addr != end); >> + } while (pte++, addr += PAGE_SIZE, addr < end); >> >> if (stage2_pte_table_empty(start_pte)) >> clear_stage2_pmd_entry(kvm, pmd, start_addr); >> > > I don't think this change is the right thing to do. You get that failure > because you're being passed a size that is not a multiple of PAGE_SIZE. > That's the mistake. > > You should ensure that this never happens, rather than changing the page > table walkers (which are consistent with the way this kind of code is > written in other places of the kernel). As you mentioned in your first > patch, the real issue is that KSM is broken, and this is what should be > fixed. > Got it, thanks Should I resend the patch 1/2 without any changes after droping patch 2/2? -- Cheers, Jia