Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp778643imm; Wed, 29 Aug 2018 11:58:17 -0700 (PDT) X-Google-Smtp-Source: ANB0VdZLjDeFjFIC/ZKZvLSN8/2PCMaPPo5MgzEeBsNfmp5PyKjQUQBVRls26gDxRupIWUw3CwRA X-Received: by 2002:a63:ff1f:: with SMTP id k31-v6mr6618032pgi.20.1535569097346; Wed, 29 Aug 2018 11:58:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1535569097; cv=none; d=google.com; s=arc-20160816; b=yuJKjRJXA5lMsovXOZW/JniEHhV+ADs8IYbTdssNj4FtusBjAXItVBSGTxwyeerzEM HDNhb6oaUVE1qrlmsAyu9/5il7AYUDCZrNViZXHFO7KB9/E1eowsiDpemjjVB7ujUkeW CvlJ5CcAUKwMYNxvUsKNNhdcsSGBDS05D3aQCfxP2rSXNOAKNIVuxdmYnGZFAQx+10eo Xa7KIZ++YJIu50glsFEhe4NCATXD/3VxD+DKcrlA/uErTUeZPhl+ml+7KFSVHGhSS6XA QdvaxefZKserqhJsPF/HHENaHYsuJJSxsM+3NmKgt92mqMX02ShJvMwPvPJE3d5lFnZT vbJQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:to:references:message-id :content-transfer-encoding:cc:date:in-reply-to:from:subject :mime-version:dkim-signature:arc-authentication-results; bh=NDrzUZm901/nMcWqi36Qs4oyeMMxHJABu56mgrU/GkE=; b=joB3WxTJ9KbMAyLyeWsF49FzumFL16ovY9EK8cY6tg9SwMIAQnYM8Q6jBaUeQsBbna bMfawQypN/ouEb8mLWe/Oh7W7ffCi0jL8vwL/TZzQkYCHK/xQZfd/shvfeUAuW9B4tkK HEOTWfYvnXMObl2t0pdgLvptURImZHu6C4LU6Rb4jDEwcJJO4ZQs8aDHydE1iVEm0+ze rO9pynWkLQiNnn/x2HB9VJua8sy0cTOmLl2kK/Es1NPpasHfmqCcJ7XsicMmm3/vbqYv Et0p/KFDlg7ZJmRg6+MfBUsXt84sZ1mc7DOmuWMC49ExvOPW7ZGpLNHho84fPbxqOigU pzJg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=OC7iT4DR; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p91-v6si4523003plb.51.2018.08.29.11.57.48; Wed, 29 Aug 2018 11:58:17 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=OC7iT4DR; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728173AbeH2WyY (ORCPT + 99 others); Wed, 29 Aug 2018 18:54:24 -0400 Received: from mail-pg1-f196.google.com ([209.85.215.196]:37710 "EHLO mail-pg1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727988AbeH2WyY (ORCPT ); Wed, 29 Aug 2018 18:54:24 -0400 Received: by mail-pg1-f196.google.com with SMTP id 2-v6so2198214pgo.4; Wed, 29 Aug 2018 11:56:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=NDrzUZm901/nMcWqi36Qs4oyeMMxHJABu56mgrU/GkE=; b=OC7iT4DRMK47M+AZyzGcibBIjHAmCWGCMVWXXlIpa8V2l39RPqc84HnIKvz91g7jRn 9BJZic949aAEWV0o+cm24iKkeftFnWJyw0fFi/r2LJ2tiKvhnORTm69cag2vZEjRi1zF F1UjPwfzvvQFJoBefIY2aRVO4PNVmkHA+UXTSobaT4kbcRf5czE8RWtZyQ4BGZj60IfO ZHfGeRe+NMHGOkYrsXglkw5tTN2xvch4zqGcL3s0FIOwRUe7kxk6hsaOTPUdkvFaM1yu AUfX9UjB8xu4/R78wKrjog3zAaMUORtXiKZn6228hOeZNPdvcllpVCRweJ91rIhegrmh V7BA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=NDrzUZm901/nMcWqi36Qs4oyeMMxHJABu56mgrU/GkE=; b=js9+SDNHQ3UkKzNWR7/pJjLpvJv7wezVI5m6Ekr1zPaBWkTptLzB7u4uqwLb3dZHx6 1sLpp2SILqgq1PUTEj4f+NFTv5o0GI7YdpwMx4DVz3/y8soVTOSLOtYsLPM4icqu/5RW FjWkSWuewL0TFQsTjvnabMUorZ5IVDGf5AonuYab11Wy2U3Js7xKQSRGsaJo4Gc/d0fZ rLeBmlGBFsDY1h+GD5mNUGmt+RKgdRIf13iG8J+gP+hPPUtCvwlGhTCvNNmfC8ICA90i ohguw+N+FgMDif4hldviiNuXmRnJ4C2tSQwmMJBjpszeSp4NZUeO0vDr26Ij90PvfVbR 7q+Q== X-Gm-Message-State: APzg51AhGqa/PXaigp4edKoVgE3RwOE1M4nNlKnPHXck4D6MBvndI4d/ ZvEALJyh3Ov2VcxDBkKKn3iYtav5 X-Received: by 2002:a62:990f:: with SMTP id d15-v6mr7185901pfe.162.1535568970956; Wed, 29 Aug 2018 11:56:10 -0700 (PDT) Received: from [10.33.114.204] ([66.170.99.1]) by smtp.gmail.com with ESMTPSA id z6-v6sm6546556pgr.41.2018.08.29.11.56.10 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 29 Aug 2018 11:56:10 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\)) Subject: Re: [PATCH v2] x86/nmi: Fix some races in NMI uaccess From: Nadav Amit In-Reply-To: Date: Wed, 29 Aug 2018 11:56:08 -0700 Cc: Borislav Petkov , Rik van Riel , Jann Horn , LKML , stable@vger.kernel.org, Peter Zijlstra Content-Transfer-Encoding: 7bit Message-Id: <7202F39D-B4C2-4FA0-868E-2D03BD313BD7@gmail.com> References: To: Andy Lutomirski , x86@kernel.org X-Mailer: Apple Mail (2.3445.9.1) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org at 8:47 AM, Andy Lutomirski wrote: > In NMI context, we might be in the middle of context switching or in > the middle of switch_mm_irqs_off(). In either case, CR3 might not > match current->mm, which could cause copy_from_user_nmi() and > friends to read the wrong memory. > > Fix it by adding a new nmi_uaccess_okay() helper and checking it in > copy_from_user_nmi() and in __copy_from_user_nmi()'s callers. > > Cc: stable@vger.kernel.org > Cc: Peter Zijlstra > Cc: Nadav Amit > Signed-off-by: Andy Lutomirski > --- > > Nadav, this is intended for your series. Want to add it right > before the use_temporary_mm() stuff? Sure. Thanks! I will apply the following small fix: > + > +#ifdef CONFIG_DEBUG_VM > + WARN_ON_ONCE(!loaded_mm); > +#endif Will be changed to VM_WARN_ON_ONCE() in the two instances. Regards, Nadav