Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp3518204pxf;
        Mon, 15 Mar 2021 11:19:29 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJxhGsQwFLyXheMMsvLP3YbYR4CVKcdoZC4SudZ18CYXRbjTwl+pUm7D6p3DiyZFEVf933Fu
X-Received: by 2002:aa7:ca02:: with SMTP id y2mr32455740eds.53.1615832369623;
        Mon, 15 Mar 2021 11:19:29 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1615832369; cv=none;
        d=google.com; s=arc-20160816;
        b=ePRXZB273DTA1P7Fmfcave8CgGJ4CQl/FQggKTs9T+7ABLQJrSpHhOlru0T9hlLVCV
         LzkPggEiS2C7dmCNNSiuzj6LQ1X7lQMGIpatK0chbrJrlrVz+J/nQl5WXmmE4BdjpNVt
         8P5UUNpeA8U09qK7lIYqS4B6UGAtq9EJ+IikvEWM+v9DnCDnSnZLtNyDv9ja3paSRthA
         LduLehA3I7W2KafPsiLfcqt0jQ1/nI1+NAHoU5PQleiizQDSkLYIwwAYXMSPhuxut6R7
         2iVVK4StOeWvsaJaCTuDXI926l/49+ly/o+C70aYx9YQzs3QCHLq9O8kPdMifB0sXVa9
         pN8A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=VM5q56xpXH+YpTKkvGzwar14x7s0nODpD5FMF+1Chno=;
        b=FsZrvbUr+S4tfJ7VBOWwCViW/CJAyOtfO1L3D9V5BdLV/iNBn35b5foNjgIkLGhVWo
         leGVL8bWofF2AQZvAsapWLExwVDDEvog6Yq2l9O3P+7KyHwIrtkTZz1w7Sey+1gkZFlz
         9unzD1EQ/UvR/4yG+ChrxnMR5DHhaNdoXGg0hw6pgw7SoVgeISCLPxx5zEc/IT6Sun7h
         iq0gIEioEc86JpJ7bK8lxeMC56aQbfy8jgfYAI/BY8cw+bWjJTEafjArFHxciNBFhD6e
         ZXGFOrJyEg23LVvBN806HIcg2X2m3zKp6Na0K9hN0mJvR4SOuAeBKYfLZCDsm3WgGgzM
         NBWA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b="bG/JT3TG";
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id g3si11509769edp.527.2021.03.15.11.19.07;
        Mon, 15 Mar 2021 11:19:29 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b="bG/JT3TG";
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S237478AbhCOOR4 (ORCPT <rfc822;manabu.ori@gmail.com> + 99 others);
        Mon, 15 Mar 2021 10:17:56 -0400
Received: from mail.kernel.org ([198.145.29.99]:37670 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S229862AbhCON7h (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 15 Mar 2021 09:59:37 -0400
Received: by mail.kernel.org (Postfix) with ESMTPSA id ACCDD64FA5;
        Mon, 15 Mar 2021 13:59:18 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org;
        s=korg; t=1615816760;
        bh=kqGk0XuYjjRsOWNK4lG836j9SdgxgTuwrNWE5f5K6Ik=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=bG/JT3TG3BNLKgPQlB/q7ghTt0ZCqSgjgC4AgtTFwefZxSzeoHUMiQ6bP6PSN9oBh
         Bab2ufUSDY9MV0ji28YUAcQGi/ZujdKDw9eEaFGp73rudNP51SFuKbmSJdOeg4cLeu
         epHwB7chrOYR1dl9bBYtErpfIrXXTG4yEUhCm0xk=
From:   gregkh@linuxfoundation.org
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org, Jann Horn <jannh@google.com>,
        Christoph Hellwig <hch@infradead.org>,
        Catalin Marinas <catalin.marinas@arm.com>,
        Khalid Aziz <khalid.aziz@oracle.com>,
        "David S. Miller" <davem@davemloft.net>,
        Sasha Levin <sashal@kernel.org>
Subject: [PATCH 4.19 050/120] sparc64: Use arch_validate_flags() to validate ADI flag
Date:   Mon, 15 Mar 2021 14:56:41 +0100
Message-Id: <20210315135721.627067532@linuxfoundation.org>
X-Mailer: git-send-email 2.30.2
In-Reply-To: <20210315135720.002213995@linuxfoundation.org>
References: <20210315135720.002213995@linuxfoundation.org>
User-Agent: quilt/0.66
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

From: Khalid Aziz <khalid.aziz@oracle.com>

[ Upstream commit 147d8622f2a26ef34beacc60e1ed8b66c2fa457f ]

When userspace calls mprotect() to enable ADI on an address range,
do_mprotect_pkey() calls arch_validate_prot() to validate new
protection flags. arch_validate_prot() for sparc looks at the first
VMA associated with address range to verify if ADI can indeed be
enabled on this address range. This has two issues - (1) Address
range might cover multiple VMAs while arch_validate_prot() looks at
only the first VMA, (2) arch_validate_prot() peeks at VMA without
holding mmap lock which can result in race condition.

arch_validate_flags() from commit c462ac288f2c ("mm: Introduce
arch_validate_flags()") allows for VMA flags to be validated for all
VMAs that cover the address range given by user while holding mmap
lock. This patch updates sparc code to move the VMA check from
arch_validate_prot() to arch_validate_flags() to fix above two
issues.

Suggested-by: Jann Horn <jannh@google.com>
Suggested-by: Christoph Hellwig <hch@infradead.org>
Suggested-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Khalid Aziz <khalid.aziz@oracle.com>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 arch/sparc/include/asm/mman.h | 54 +++++++++++++++++++----------------
 1 file changed, 29 insertions(+), 25 deletions(-)

diff --git a/arch/sparc/include/asm/mman.h b/arch/sparc/include/asm/mman.h
index f94532f25db1..274217e7ed70 100644
--- a/arch/sparc/include/asm/mman.h
+++ b/arch/sparc/include/asm/mman.h
@@ -57,35 +57,39 @@ static inline int sparc_validate_prot(unsigned long prot, unsigned long addr)
 {
 	if (prot & ~(PROT_READ | PROT_WRITE | PROT_EXEC | PROT_SEM | PROT_ADI))
 		return 0;
-	if (prot & PROT_ADI) {
-		if (!adi_capable())
-			return 0;
+	return 1;
+}
 
-		if (addr) {
-			struct vm_area_struct *vma;
+#define arch_validate_flags(vm_flags) arch_validate_flags(vm_flags)
+/* arch_validate_flags() - Ensure combination of flags is valid for a
+ *	VMA.
+ */
+static inline bool arch_validate_flags(unsigned long vm_flags)
+{
+	/* If ADI is being enabled on this VMA, check for ADI
+	 * capability on the platform and ensure VMA is suitable
+	 * for ADI
+	 */
+	if (vm_flags & VM_SPARC_ADI) {
+		if (!adi_capable())
+			return false;
 
-			vma = find_vma(current->mm, addr);
-			if (vma) {
-				/* ADI can not be enabled on PFN
-				 * mapped pages
-				 */
-				if (vma->vm_flags & (VM_PFNMAP | VM_MIXEDMAP))
-					return 0;
+		/* ADI can not be enabled on PFN mapped pages */
+		if (vm_flags & (VM_PFNMAP | VM_MIXEDMAP))
+			return false;
 
-				/* Mergeable pages can become unmergeable
-				 * if ADI is enabled on them even if they
-				 * have identical data on them. This can be
-				 * because ADI enabled pages with identical
-				 * data may still not have identical ADI
-				 * tags on them. Disallow ADI on mergeable
-				 * pages.
-				 */
-				if (vma->vm_flags & VM_MERGEABLE)
-					return 0;
-			}
-		}
+		/* Mergeable pages can become unmergeable
+		 * if ADI is enabled on them even if they
+		 * have identical data on them. This can be
+		 * because ADI enabled pages with identical
+		 * data may still not have identical ADI
+		 * tags on them. Disallow ADI on mergeable
+		 * pages.
+		 */
+		if (vm_flags & VM_MERGEABLE)
+			return false;
 	}
-	return 1;
+	return true;
 }
 #endif /* CONFIG_SPARC64 */
 
-- 
2.30.1