Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp321350imm; Wed, 18 Jul 2018 02:45:25 -0700 (PDT) X-Google-Smtp-Source: AAOMgpeoDqDVnGrmR4NnnsMvZLavjAlQGLPxR79ZuSmUam1mJ+rZgIYasE0bJLukbwRRDdRmUL8U X-Received: by 2002:a65:5004:: with SMTP id f4-v6mr5150968pgo.54.1531907125474; Wed, 18 Jul 2018 02:45:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1531907125; cv=none; d=google.com; s=arc-20160816; b=livLoERYddsxWq9cE7iZyWSewdVTKKf3sgOBG1kuFW4g21D2hLOAtB80Zk+Vi+SapV FppkXeavOdDj0iLkWq2FOVm9WnvaFJqAQ69p0m20+RxVR6d+2kirqMaRcNV1j79wSGi4 LYorluawAkfjRjU2dXB4IszEF/ZKhqQgsKaNLw/c2OhtP+hn33kxQ3A1CQy49GUPK5cW 8zKj9Ku1ABGogVoGRd8ZLV59fIWpIIN4pQExmbwTNWT3Od0+VihG1P9llhCm579w6VKG VKvTkzR/yiGJgrWOlbg9rAZLjUusNBTHqAbRKrq30BJAfnfL8NbIJiyohaiq1YmA0Hq5 lDfg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature:arc-authentication-results; bh=KIBsnwEP+43vhTh1Iluta+0HkmzOIXd2V1RUuYnU6lM=; b=QZhqEoqoO6Qv9umck8KqL9qiYvfO9pwqirB+FUnQP28bfRP76D1qV1f85AwctNBpBF bYjejPNooir2LNNlrKa/sRv4WyYFc9PUtOBuQdmfDgeyyG4qTyMKnRYOXIA8IHnO99cx Ah+u7qUnIjTlY/qzEL92Jw4krLj6Rj2tV9ADYuo/gi1xbOFiz/L7fQMt2RVvE0LcXJhB tPnHrir9tZ69t5mXGuQWBaErD80ZHISQykh23M0vy+5IsnIEt8DHhNC5gduNQ/FDBYwO UX+MdWHI7uf/YJnj5c+65DC+QU4TYQAaEk/TqLu7sscRGxB9BIBUK3KvGYtk8k2WK726 3Cuw== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail (test mode) header.i=@8bytes.org header.s=mail-1 header.b=MztOw9im; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=8bytes.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a9-v6si2897224pgf.380.2018.07.18.02.45.10; Wed, 18 Jul 2018 02:45:25 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail (test mode) header.i=@8bytes.org header.s=mail-1 header.b=MztOw9im; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=8bytes.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731853AbeGRKU2 (ORCPT + 99 others); Wed, 18 Jul 2018 06:20:28 -0400 Received: from 8bytes.org ([81.169.241.247]:54514 "EHLO theia.8bytes.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731635AbeGRKSh (ORCPT ); Wed, 18 Jul 2018 06:18:37 -0400 Received: by theia.8bytes.org (Postfix, from userid 1000) id 163B9A60; Wed, 18 Jul 2018 11:41:22 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=8bytes.org; s=mail-1; t=1531906883; bh=ZUviePOIgsE5gr4utevp7AAlceBk2UMlvJXiUAzZDAo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=MztOw9imKgaTENbiS0VRAacS+lh/yq9ctFrTNRKkoKbhI/RTF3fjPAj5jI8/f0amm naDq2xLzEeiX03dp9OnX3l8Sq1E5gSJ2sdpo+5nHDmBe3R0BFSvC0h9ilG7A0Oo9Gt 4Dj+7ILabM6Q0Wm9nahIAI8OsLFCGAYdAOPaw0Qzy6c+t1bIaQqM2V+WFwMN3Vmgkv v6sEo+/sxjUnZAyavj+ckTgyXVEf4An0q5hfw++4V/HCo+zSz3O3Z2O0wChVEjhd45 OVzc8zMFDx8fZ2SE9zyg8ZshPSIVr3NHNZ04En3woOQJb5V/V1NtrsWlRfiWL7F2UY VNAXsPce646+g== From: Joerg Roedel To: Thomas Gleixner , Ingo Molnar , "H . Peter Anvin" Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, Linus Torvalds , Andy Lutomirski , Dave Hansen , Josh Poimboeuf , Juergen Gross , Peter Zijlstra , Borislav Petkov , Jiri Kosina , Boris Ostrovsky , Brian Gerst , David Laight , Denys Vlasenko , Eduardo Valentin , Greg KH , Will Deacon , aliguori@amazon.com, daniel.gruss@iaik.tugraz.at, hughd@google.com, keescook@google.com, Andrea Arcangeli , Waiman Long , Pavel Machek , "David H . Gutteridge" , jroedel@suse.de, joro@8bytes.org Subject: [PATCH 24/39] x86/mm/pti: Add an overflow check to pti_clone_pmds() Date: Wed, 18 Jul 2018 11:41:01 +0200 Message-Id: <1531906876-13451-25-git-send-email-joro@8bytes.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1531906876-13451-1-git-send-email-joro@8bytes.org> References: <1531906876-13451-1-git-send-email-joro@8bytes.org> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Joerg Roedel The addr counter will overflow if we clone the last PMD of the address space, resulting in an endless loop. Check for that and bail out of the loop when it happens. Signed-off-by: Joerg Roedel --- arch/x86/mm/pti.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/x86/mm/pti.c b/arch/x86/mm/pti.c index f512222..dc02fd4 100644 --- a/arch/x86/mm/pti.c +++ b/arch/x86/mm/pti.c @@ -297,6 +297,10 @@ pti_clone_pmds(unsigned long start, unsigned long end, pmdval_t clear) p4d_t *p4d; pud_t *pud; + /* Overflow check */ + if (addr < start) + break; + pgd = pgd_offset_k(addr); if (WARN_ON(pgd_none(*pgd))) return; -- 2.7.4