Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-27 22:51:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
140e40e39a
linux/arch/arm64/mm
History
Mike Rapoport 260364d112 arm[64]/memremap: don't abuse pfn_valid() to ensure presence of linear map 
The semantics of pfn_valid() is to check presence of the memory map for a
PFN and not whether a PFN is covered by the linear map.  The memory map
may be present for NOMAP memory regions, but they won't be mapped in the
linear mapping.  Accessing such regions via __va() when they are
memremap()'ed will cause a crash.

On v5.4.y the crash happens on qemu-arm with UEFI [1]:

<1>[    0.084476] 8<--- cut here ---
<1>[    0.084595] Unable to handle kernel paging request at virtual address dfb76000
<1>[    0.084938] pgd = (ptrval)
<1>[    0.085038] [dfb76000] *pgd=5f7fe801, *pte=00000000, *ppte=00000000

...

<4>[    0.093923] [<c0ed6ce8>] (memcpy) from [<c16a06f8>] (dmi_setup+0x60/0x418)
<4>[    0.094204] [<c16a06f8>] (dmi_setup) from [<c16a38d4>] (arm_dmi_init+0x8/0x10)
<4>[    0.094408] [<c16a38d4>] (arm_dmi_init) from [<c0302e9c>] (do_one_initcall+0x50/0x228)
<4>[    0.094619] [<c0302e9c>] (do_one_initcall) from [<c16011e4>] (kernel_init_freeable+0x15c/0x1f8)
<4>[    0.094841] [<c16011e4>] (kernel_init_freeable) from [<c0f028cc>] (kernel_init+0x8/0x10c)
<4>[    0.095057] [<c0f028cc>] (kernel_init) from [<c03010e8>] (ret_from_fork+0x14/0x2c)

On kernels v5.10.y and newer the same crash won't reproduce on ARM because
commit b10d6bca87 ("arch, drivers: replace for_each_membock() with
for_each_mem_range()") changed the way memory regions are registered in
the resource tree, but that merely covers up the problem.

On ARM64 memory resources registered in yet another way and there the
issue of wrong usage of pfn_valid() to ensure availability of the linear
map is also covered.

Implement arch_memremap_can_ram_remap() on ARM and ARM64 to prevent access
to NOMAP regions via the linear mapping in memremap().

Link: https://lore.kernel.org/all/Yl65zxGgFzF1Okac@sirena.org.uk
Link: https://lkml.kernel.org/r/20220426060107.7618-1-rppt@kernel.org
Signed-off-by: Mike Rapoport <rppt@linux.ibm.com>
Reported-by: "kernelci.org bot" <bot@kernelci.org>
Tested-by: Mark Brown <broonie@kernel.org>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Mark Brown <broonie@kernel.org>
Cc: Mark-PK Tsai <mark-pk.tsai@mediatek.com>
Cc: Russell King <linux@armlinux.org.uk>
Cc: Tony Lindgren <tony@atomide.com>
Cc: Will Deacon <will@kernel.org>
Cc: <stable@vger.kernel.org>	[5.4+]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
2022-05-09 17:34:28 -07:00
..
cache.S arm64: clean up symbol aliasing 2022-02-22 16:21:34 +00:00
context.c arm64: mm: Use asid feature macro for cheanup 2021-12-10 18:24:20 +00:00
copypage.c arm64: mte: reset the page tag in page->flags 2020-12-22 12:55:07 -08:00
dma-mapping.c iommu/dma: Pass address limit rather than size to iommu_setup_dma_ops() 2021-06-25 15:02:43 +02:00
extable.c arm64: extable: fix load_unaligned_zeropad() reg indices 2022-01-26 18:58:12 +00:00
fault.c Merge branch 'signal-for-v5.17' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2022-01-17 05:49:30 +02:00
flush.c arm64: avoid flushing icache multiple times on contiguous HugeTLB 2022-03-07 21:42:34 +00:00
hugetlbpage.c Merge branch 'akpm' (patches from Andrew) 2022-03-22 16:11:53 -07:00
init.c arm64: fix typos in comments 2022-04-04 10:32:50 +01:00
ioremap.c arm[64]/memremap: don't abuse pfn_valid() to ensure presence of linear map 2022-05-09 17:34:28 -07:00
kasan_init.c kasan: add kasan mode messages when kasan init 2021-11-11 09:34:35 -08:00
Makefile arm64: trans_pgd: hibernate: Add trans_pgd_copy_el2_vectors 2021-10-01 13:30:59 +01:00
mmap.c arm64: Ensure execute-only permissions are not allowed without EPAN 2022-03-08 10:03:51 +00:00
mmu.c Folio changes for 5.18 2022-03-22 17:03:12 -07:00
mteswap.c arm64: mte: Define the number of bytes for storing the tags in a page 2022-02-15 22:53:29 +00:00
pageattr.c kasan, arm64: don't tag executable vmalloc allocations 2022-03-24 19:06:48 -07:00
pgd.c mm: consolidate pgtable_cache_init() and pgd_cache_init() 2019-09-24 15:54:09 -07:00
physaddr.c arm64: Do not pass tagged addresses to __is_lm_address() 2021-02-02 17:44:47 +00:00
proc.S arm64/mm: Consolidate TCR_EL1 fields 2022-02-15 15:34:22 +00:00
ptdump_debugfs.c arm64: Add __init section marker to some functions 2021-04-08 17:45:10 +01:00
ptdump.c arm64/bpf: Remove 128MB limit for BPF JIT programs 2021-11-08 22:16:26 +01:00
trans_pgd-asm.S arm64: kexec: configure EL2 vectors for kexec 2021-10-01 13:31:00 +01:00
trans_pgd.c arm64: trans_pgd: remove trans_pgd_map_page() 2021-10-01 13:31:01 +01:00