Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp4332417pxb;
        Tue, 10 Nov 2020 13:48:30 -0800 (PST)
X-Google-Smtp-Source: ABdhPJxq3Qd3hSs+Rj+r851jTWFbC2pXzcGYa/MKjwOX8f9C7d72U8ZZQ5GiX0wBAkYsJtBdVb01
X-Received: by 2002:aa7:d8c4:: with SMTP id k4mr1550836eds.248.1605044909945;
        Tue, 10 Nov 2020 13:48:29 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1605044909; cv=none;
        d=google.com; s=arc-20160816;
        b=bCLgu+IKtLSCnoK2WoyDa4LHl4I2wtZE7nMfqzqNmJHlntspQrJRRboXM0SpY/MvST
         bDGEIFOP/GHWiLW3Bwap7wwFfDCyiQ5mQe1Gh4+zeCcXJKsZJGLOzY19PbV5opFHWUHF
         9o72H/U2RiE5hd1bjXshZNPdQHtGY4c45RZiJZPQeWkTX59DYGNlhVjWqLTp1Awdk6Uo
         +CaCrWNr6yhQZ8ypakhSX8CLZbAfWto3/a1m+uzxCOd4xXbEBXjbirmBVcvl12DDJCBV
         9Zv8pzy9yl5qKfWpjCxIrkLXpTvlFYtMFJsZOxzpjCqxA0wsge5um/VgY4tlpI5pzrkZ
         C+Lg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to
         :references:mime-version:dkim-signature;
        bh=IHCV8KrbowV8XHJLO8sg6KWH9hSIqCe/E8byHI+/mhY=;
        b=RiYk2sxtR/3DPs2Dk3EFWJ0n6gtuPvLG4yoabhdlCP3H+0H3KfNwJjMEtjoR7i0djH
         JtzBqlYvr7d9vy2eDggVXlO9RHN1vGWBnAx3/Bylyb21Y+6TMYubOQEg4Fo8VH+46+Sx
         iquHlNJIB30WNd/AFcENU1LKqb970ZBGlWwaGcd7Anxz6TFHMNVO0RNDuCy1/7qAzVSP
         WtHC3T17nWTR/TyqYJbQn8SG/cmty8VVeXeAbbHHx9O/ERrR7/bhaK3H/VhR1pplTJkh
         QuDeAX/nvpsigxdh62nr5X0oiPTUb+Pxos/utbTNi4LhjClHJ3uO7S5W1Jn6sU4+IVpR
         StDg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=YJoaJTVB;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id ec12si9962015ejb.727.2020.11.10.13.48.06;
        Tue, 10 Nov 2020 13:48:29 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=YJoaJTVB;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1730894AbgKJVo3 (ORCPT <rfc822;chenhe.dev@gmail.com>
        + 99 others); Tue, 10 Nov 2020 16:44:29 -0500
Received: from mail.kernel.org ([198.145.29.99]:42318 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1730254AbgKJVoE (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 10 Nov 2020 16:44:04 -0500
Received: from mail-ot1-f41.google.com (mail-ot1-f41.google.com [209.85.210.41])
        (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id 2179B20731;
        Tue, 10 Nov 2020 21:44:03 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=default; t=1605044643;
        bh=46dE3uxlicE3osaLmLW8QlqUGPvGAKXg+kLAh3iwlLI=;
        h=References:In-Reply-To:From:Date:Subject:To:Cc:From;
        b=YJoaJTVB+FKeY6LZTu3f/y88KKbLsb1w6WL/39zyi8SSy/3Rup5L/jbMWz2lnGdW8
         03LAV1WCPbHSJ0YVsXkiH/uDWuFbgxrZEwO8ckY22f0r2UONdHa67gBR7/Pj48WIH0
         Gt73rUkX7uaGdstBrmh0QEvoRLjTmDhUb1nARh9o=
Received: by mail-ot1-f41.google.com with SMTP id a15so183170otf.5;
        Tue, 10 Nov 2020 13:44:03 -0800 (PST)
X-Gm-Message-State: AOAM532MO+EK2LKef054NpwEB/gUSlsEcevbGn8g3JGm5uoQVqXEonX4
        gA+j7dSOIrbOCFVVrWE716pbTAQGgtbeNXIWN34=
X-Received: by 2002:a05:6830:214c:: with SMTP id r12mr6107152otd.90.1605044642464;
 Tue, 10 Nov 2020 13:44:02 -0800 (PST)
MIME-Version: 1.0
References: <20201110163919.1134431-1-nivedita@alum.mit.edu>
In-Reply-To: <20201110163919.1134431-1-nivedita@alum.mit.edu>
From:   Ard Biesheuvel <ardb@kernel.org>
Date:   Tue, 10 Nov 2020 22:43:59 +0100
X-Gmail-Original-Message-ID: <CAMj1kXEZAOh6A1xcURNN48=f-LL6tFv4FEaTLyMLBTLwgTt4wA@mail.gmail.com>
Message-ID: <CAMj1kXEZAOh6A1xcURNN48=f-LL6tFv4FEaTLyMLBTLwgTt4wA@mail.gmail.com>
Subject: Re: [PATCH] efi/x86: Free efi_pgd with free_pages()
To:     Arvind Sankar <nivedita@alum.mit.edu>
Cc:     linux-efi <linux-efi@vger.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, 10 Nov 2020 at 17:39, Arvind Sankar <nivedita@alum.mit.edu> wrote:
>
> Commit
>   d9e9a6418065 ("x86/mm/pti: Allocate a separate user PGD")
> changed the PGD allocation to allocate PGD_ALLOCATION_ORDER pages, so in
> the error path it should be freed using free_pages() rather than
> free_page().
>
> Commit
>   06ace26f4e6f ("x86/efi: Free efi_pgd with free_pages()")
> fixed one instance of this, but missed another.
>
> Move the freeing out-of-line to avoid code duplication and fix this bug.
>
> Signed-off-by: Arvind Sankar <nivedita@alum.mit.edu>
> Fixes: d9e9a6418065 ("x86/mm/pti: Allocate a separate user PGD")

Thanks Arvind. I'll queue this as a fix.

> ---
>  arch/x86/platform/efi/efi_64.c | 24 +++++++++++++-----------
>  1 file changed, 13 insertions(+), 11 deletions(-)
>
> diff --git a/arch/x86/platform/efi/efi_64.c b/arch/x86/platform/efi/efi_64.c
> index 8f5759df7776..e1e8d4e3a213 100644
> --- a/arch/x86/platform/efi/efi_64.c
> +++ b/arch/x86/platform/efi/efi_64.c
> @@ -78,28 +78,30 @@ int __init efi_alloc_page_tables(void)
>         gfp_mask = GFP_KERNEL | __GFP_ZERO;
>         efi_pgd = (pgd_t *)__get_free_pages(gfp_mask, PGD_ALLOCATION_ORDER);
>         if (!efi_pgd)
> -               return -ENOMEM;
> +               goto fail;
>
>         pgd = efi_pgd + pgd_index(EFI_VA_END);
>         p4d = p4d_alloc(&init_mm, pgd, EFI_VA_END);
> -       if (!p4d) {
> -               free_page((unsigned long)efi_pgd);
> -               return -ENOMEM;
> -       }
> +       if (!p4d)
> +               goto free_pgd;
>
>         pud = pud_alloc(&init_mm, p4d, EFI_VA_END);
> -       if (!pud) {
> -               if (pgtable_l5_enabled())
> -                       free_page((unsigned long) pgd_page_vaddr(*pgd));
> -               free_pages((unsigned long)efi_pgd, PGD_ALLOCATION_ORDER);
> -               return -ENOMEM;
> -       }
> +       if (!pud)
> +               goto free_p4d;
>
>         efi_mm.pgd = efi_pgd;
>         mm_init_cpumask(&efi_mm);
>         init_new_context(NULL, &efi_mm);
>
>         return 0;
> +
> +free_p4d:
> +       if (pgtable_l5_enabled())
> +               free_page((unsigned long)pgd_page_vaddr(*pgd));
> +free_pgd:
> +       free_pages((unsigned long)efi_pgd, PGD_ALLOCATION_ORDER);
> +fail:
> +       return -ENOMEM;
>  }
>
>  /*
> --
> 2.26.2
>