linux/arch/x86
Joerg Roedel 4819e15f74 x86/mm/32: Bring back vmalloc faulting on x86_32
One can not simply remove vmalloc faulting on x86-32. Upstream

	commit: 7f0a002b5a ("x86/mm: remove vmalloc faulting")

removed it on x86 alltogether because previously the
arch_sync_kernel_mappings() interface was introduced. This interface
added synchronization of vmalloc/ioremap page-table updates to all
page-tables in the system at creation time and was thought to make
vmalloc faulting obsolete.

But that assumption was incredibly naive.

It turned out that there is a race window between the time the vmalloc
or ioremap code establishes a mapping and the time it synchronizes
this change to other page-tables in the system.

During this race window another CPU or thread can establish a vmalloc
mapping which uses the same intermediate page-table entries (e.g. PMD
or PUD) and does no synchronization in the end, because it found all
necessary mappings already present in the kernel reference page-table.

But when these intermediate page-table entries are not yet
synchronized, the other CPU or thread will continue with a vmalloc
address that is not yet mapped in the page-table it currently uses,
causing an unhandled page fault and oops like below:

	BUG: unable to handle page fault for address: fe80c000
	#PF: supervisor write access in kernel mode
	#PF: error_code(0x0002) - not-present page
	*pde = 33183067 *pte = a8648163
	Oops: 0002 [#1] SMP
	CPU: 1 PID: 13514 Comm: cve-2017-17053 Tainted: G
	...
	Call Trace:
	 ldt_dup_context+0x66/0x80
	 dup_mm+0x2b3/0x480
	 copy_process+0x133b/0x15c0
	 _do_fork+0x94/0x3e0
	 __ia32_sys_clone+0x67/0x80
	 __do_fast_syscall_32+0x3f/0x70
	 do_fast_syscall_32+0x29/0x60
	 do_SYSENTER_32+0x15/0x20
	 entry_SYSENTER_32+0x9f/0xf2
	EIP: 0xb7eef549

So the arch_sync_kernel_mappings() interface is racy, but removing it
would mean to re-introduce the vmalloc_sync_all() interface, which is
even more awful. Keep arch_sync_kernel_mappings() in place and catch
the race condition in the page-fault handler instead.

Do a partial revert of above commit to get vmalloc faulting on x86-32
back in place.

Fixes: 7f0a002b5a ("x86/mm: remove vmalloc faulting")
Reported-by: Naresh Kamboju <naresh.kamboju@linaro.org>
Signed-off-by: Joerg Roedel <jroedel@suse.de>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Link: https://lore.kernel.org/r/20200902155904.17544-1-joro@8bytes.org
2020-09-03 11:23:35 +02:00
..
boot treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
configs x86/defconfigs: Refresh defconfig files 2020-07-25 12:02:14 +02:00
crypto crypto: x86/curve25519 - Remove unused carry variables 2020-07-31 18:25:29 +10:00
entry x86/entry: Remove unused THUNKs 2020-08-26 12:41:54 +02:00
events treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
hyperv vmalloc: fix the owner argument for the new __vmalloc_node_range callers 2020-07-03 16:15:25 -07:00
ia32 mm: remove unneeded includes of <asm/pgalloc.h> 2020-08-07 11:33:26 -07:00
include cpuidle: Make CPUIDLE_FLAG_TLB_FLUSHED generic 2020-08-26 12:41:53 +02:00
kernel Three interrupt related fixes for X86: 2020-08-30 12:01:23 -07:00
kvm treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
lib x86/cmdline: Disable jump tables for cmdline.c 2020-09-03 10:59:16 +02:00
math-emu treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
mm x86/mm/32: Bring back vmalloc faulting on x86_32 2020-09-03 11:23:35 +02:00
net
oprofile
pci xen: branch for v5.9-rc2 2020-08-21 12:28:33 -07:00
platform efi/x86: Move 32-bit code into efi_32.c 2020-08-20 11:18:36 +02:00
power Kbuild updates for v5.9 2020-08-09 14:10:26 -07:00
purgatory Misc fixes and small updates all around the place: 2020-08-15 10:38:03 -07:00
ras treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
realmode Rebase locking/kcsan to locking/urgent 2020-06-11 20:02:46 +02:00
tools
um kbuild: remove cc-option test of -fno-stack-protector 2020-07-07 11:13:10 +09:00
video
xen xen: branch for v5.9-rc1b 2020-08-14 13:34:37 -07:00
.gitignore
Kbuild
Kconfig A set of posix CPU timer changes which allows to defer the heavy work of 2020-08-14 14:17:51 -07:00
Kconfig.assembler
Kconfig.cpu treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
Kconfig.debug locking/lockdep: Fix TRACE_IRQFLAGS vs. NMIs 2020-07-27 15:13:29 +02:00
Makefile Kbuild updates for v5.9 2020-08-09 14:10:26 -07:00
Makefile_32.cpu
Makefile.um