x86: check PMD in spurious_fault handler
Impact: fix to prevent hard lockup on bad PMD permissions If the PMD does not have the correct permissions for a page access, but the PTE does, the spurious fault handler will mistake the fault as a lazy TLB transaction. This will result in an infinite loop of: fault -> spurious_fault check (pass) -> return to code -> fault This patch adds a check and a warn on if the PTE passes the permissions but the PMD does not. [ Updated: Ingo Molnar suggested using WARN_ONCE with some text ] Signed-off-by: Steven Rostedt <srostedt@redhat.com>
This commit is contained in:
Steven Rostedt
parent
07a66d7c53
commit
3c3e5694ad
@ -455,6 +455,7 @@ static int spurious_fault(unsigned long address,
|
||||
pud_t *pud;
|
||||
pmd_t *pmd;
|
||||
pte_t *pte;
|
||||
int ret;
|
||||
|
||||
/* Reserved-bit violation or user access to kernel space? */
|
||||
if (error_code & (PF_USER | PF_RSVD))
|
||||
@ -482,7 +483,17 @@ static int spurious_fault(unsigned long address,
|
||||
if (!pte_present(*pte))
|
||||
return 0;
|
||||
|
||||
return spurious_fault_check(error_code, pte);
|
||||
ret = spurious_fault_check(error_code, pte);
|
||||
if (!ret)
|
||||
return 0;
|
||||
|
||||
/*
|
||||
* Make sure we have permissions in PMD
|
||||
* If not, then there's a bug in the page tables.
|
||||
*/
|
||||
ret = spurious_fault_check(error_code, (pte_t *) pmd);
|
||||
WARN_ONCE(!ret, "PMD has incorrect permission bits\n");
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*
|
||||
|
||||
Loading…
Reference in New Issue
Block a user