Received: by 2002:a05:6602:18e:0:0:0:0 with SMTP id m14csp1070853ioo; Fri, 27 May 2022 00:18:30 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx92Yv9sSlvUHUVUNF4QJ2VgOW2NiA4kTKJj0p5yoUZz/e9XvPFKmVr+qjj8XDcHlzCLzjy X-Received: by 2002:a17:90a:b001:b0:1dd:30b9:1a45 with SMTP id x1-20020a17090ab00100b001dd30b91a45mr6919163pjq.132.1653635910390; Fri, 27 May 2022 00:18:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1653635910; cv=none; d=google.com; s=arc-20160816; b=xF2OuTRe/hEpJqgNhCTt7YAvuN4c8dEbinew5mR85r5mpPwbqrhYyJee9g7wXcooif lVJHl7zQryxyIXeJroFhR0wtCUlc1mr7BlCCTwpsJXUCL7vNEWJVFUsrAC2+f8GQM+Oy XdzXFiASqufChqO3j+ZdtvbN/FOJdFh7KIRgcErnWgXsZfOmBs4Nzs0wANHiE4L4QbrJ l1wPw5Srx9TSiwnBUNa5IP4w6yXTjCMdGs2rHiNNO0hsNNuedRcjsomS5d1vSG2lTJmM PIRvxe5VZxHvMjfjkAWjTUSVjMEmvQWWM+ggSfEz4mwLjacLr/uE9RZ475hhuvfrX/1Q 0YPQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=3oY4uGpgK8RSYK5D7pLJPYeV3XUIdZxB+SrCWml+/oc=; b=h9pnm1J7VBsoFpNsNgqPvkWkYNUVEStNl7lQHHCq04CXYrUlo55S4GGTTaKZlFgGfA LSA+eFGj3DIKgibCGg5erUo6A93AokV8x788wgGp+GCanSUsLziq7jXJs0fmM4kWi6Sd JEBWgqx47nR5wRq26Oj3TLH7GnpyJKv+b5eAOxMze0i4aj2YOiGHuHHcKlXHXMFJguRs YsBQu+147zuZeDZypSl9wy8gN9TKWVASUVtiPm1JYplfMv0Q2WDAmhhrGTSqmK27bJNd 7/9OVQsCqEvmeNcgNnuD9RJ7JQd/Mml9JLLGeMI1c6s9M1guk864WDs5t6CJQjhxHsLL wZLw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id b20-20020aa78714000000b0050d7ec4043dsi4432712pfo.233.2022.05.27.00.18.18; Fri, 27 May 2022 00:18:30 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1347150AbiEZLdq (ORCPT + 99 others); Thu, 26 May 2022 07:33:46 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51210 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236143AbiEZLdo (ORCPT ); Thu, 26 May 2022 07:33:44 -0400 Received: from szxga01-in.huawei.com (szxga01-in.huawei.com [45.249.212.187]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 903FD6D4C2 for ; Thu, 26 May 2022 04:33:43 -0700 (PDT) Received: from canpemm500002.china.huawei.com (unknown [172.30.72.57]) by szxga01-in.huawei.com (SkyGuard) with ESMTP id 4L85Qd30kxzjWvn; Thu, 26 May 2022 19:32:57 +0800 (CST) Received: from huawei.com (10.175.124.27) by canpemm500002.china.huawei.com (7.192.104.244) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Thu, 26 May 2022 19:33:41 +0800 From: Miaohe Lin To: , CC: , , , Subject: [PATCH] mm/page_table_check: fix accessing unmapped ptep Date: Thu, 26 May 2022 19:33:50 +0800 Message-ID: <20220526113350.30806-1-linmiaohe@huawei.com> X-Mailer: git-send-email 2.23.0 MIME-Version: 1.0 Content-Transfer-Encoding: 7BIT Content-Type: text/plain; charset=US-ASCII X-Originating-IP: [10.175.124.27] X-ClientProxiedBy: dggems701-chm.china.huawei.com (10.3.19.178) To canpemm500002.china.huawei.com (7.192.104.244) X-CFilter-Loop: Reflected X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org ptep is unmapped too early, so ptep will be accessed while it's unmapped. Fix it by deferring pte_unmap() until page table checking is done. Fixes: 80110bbfbba6 ("mm/page_table_check: check entries at pmd levels") Signed-off-by: Miaohe Lin --- mm/page_table_check.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mm/page_table_check.c b/mm/page_table_check.c index 3692bea2ea2c..971c3129b0e3 100644 --- a/mm/page_table_check.c +++ b/mm/page_table_check.c @@ -234,11 +234,11 @@ void __page_table_check_pte_clear_range(struct mm_struct *mm, pte_t *ptep = pte_offset_map(&pmd, addr); unsigned long i; - pte_unmap(ptep); for (i = 0; i < PTRS_PER_PTE; i++) { __page_table_check_pte_clear(mm, addr, *ptep); addr += PAGE_SIZE; ptep++; } + pte_unmap(ptep); } } -- 2.23.0