From: Will Deacon <will@kernel.org>
To: Liam Howlett <liam.howlett@oracle.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>,
Julien Grall <julien.grall@arm.com>,
Alexei Starovoitov <ast@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
Andrii Nakryiko <andrii@kernel.org>,
"linux-arm-kernel@lists.infradead.org"
<linux-arm-kernel@lists.infradead.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"netdev@vger.kernel.org" <netdev@vger.kernel.org>,
"bpf@vger.kernel.org" <bpf@vger.kernel.org>
Subject: Re: [PATCH 3/3] arch/arm64/kernel/traps: Use find_vma_intersection() in traps for setting si_code
Date: Thu, 22 Apr 2021 13:53:34 +0100 [thread overview]
Message-ID: <20210422125334.GB1521@willie-the-truck> (raw)
In-Reply-To: <20210420165001.3790670-3-Liam.Howlett@Oracle.com>
On Tue, Apr 20, 2021 at 04:50:13PM +0000, Liam Howlett wrote:
> find_vma() will continue to search upwards until the end of the virtual
> memory space. This means the si_code would almost never be set to
> SEGV_MAPERR even when the address falls outside of any VMA. The result
> is that the si_code is not reliable as it may or may not be set to the
> correct result, depending on where the address falls in the address
> space.
>
> Using find_vma_intersection() allows for what is intended by only
> returning a VMA if it falls within the range provided, in this case a
> window of 1.
>
> Fixes: bd35a4adc413 (arm64: Port SWP/SWPB emulation support from arm)
> Signed-off-by: Liam R. Howlett <Liam.Howlett@Oracle.com>
> ---
> arch/arm64/kernel/traps.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/arch/arm64/kernel/traps.c b/arch/arm64/kernel/traps.c
> index a05d34f0e82a..a44007904a64 100644
> --- a/arch/arm64/kernel/traps.c
> +++ b/arch/arm64/kernel/traps.c
> @@ -383,9 +383,10 @@ void force_signal_inject(int signal, int code, unsigned long address, unsigned i
> void arm64_notify_segfault(unsigned long addr)
> {
> int code;
> + unsigned long ut_addr = untagged_addr(addr);
>
> mmap_read_lock(current->mm);
> - if (find_vma(current->mm, untagged_addr(addr)) == NULL)
> + if (find_vma_intersection(current->mm, ut_addr, ut_addr + 1) == NULL)
> code = SEGV_MAPERR;
> else
> code = SEGV_ACCERR;
I'm not seeing how this addresses VM_GROWSDOWN as Catalin mentioned before.
Will
WARNING: multiple messages have this Message-ID (diff)
From: Will Deacon <will@kernel.org>
To: Liam Howlett <liam.howlett@oracle.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>,
Julien Grall <julien.grall@arm.com>,
Alexei Starovoitov <ast@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
Andrii Nakryiko <andrii@kernel.org>,
"linux-arm-kernel@lists.infradead.org"
<linux-arm-kernel@lists.infradead.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"netdev@vger.kernel.org" <netdev@vger.kernel.org>,
"bpf@vger.kernel.org" <bpf@vger.kernel.org>
Subject: Re: [PATCH 3/3] arch/arm64/kernel/traps: Use find_vma_intersection() in traps for setting si_code
Date: Thu, 22 Apr 2021 13:53:34 +0100 [thread overview]
Message-ID: <20210422125334.GB1521@willie-the-truck> (raw)
In-Reply-To: <20210420165001.3790670-3-Liam.Howlett@Oracle.com>
On Tue, Apr 20, 2021 at 04:50:13PM +0000, Liam Howlett wrote:
> find_vma() will continue to search upwards until the end of the virtual
> memory space. This means the si_code would almost never be set to
> SEGV_MAPERR even when the address falls outside of any VMA. The result
> is that the si_code is not reliable as it may or may not be set to the
> correct result, depending on where the address falls in the address
> space.
>
> Using find_vma_intersection() allows for what is intended by only
> returning a VMA if it falls within the range provided, in this case a
> window of 1.
>
> Fixes: bd35a4adc413 (arm64: Port SWP/SWPB emulation support from arm)
> Signed-off-by: Liam R. Howlett <Liam.Howlett@Oracle.com>
> ---
> arch/arm64/kernel/traps.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/arch/arm64/kernel/traps.c b/arch/arm64/kernel/traps.c
> index a05d34f0e82a..a44007904a64 100644
> --- a/arch/arm64/kernel/traps.c
> +++ b/arch/arm64/kernel/traps.c
> @@ -383,9 +383,10 @@ void force_signal_inject(int signal, int code, unsigned long address, unsigned i
> void arm64_notify_segfault(unsigned long addr)
> {
> int code;
> + unsigned long ut_addr = untagged_addr(addr);
>
> mmap_read_lock(current->mm);
> - if (find_vma(current->mm, untagged_addr(addr)) == NULL)
> + if (find_vma_intersection(current->mm, ut_addr, ut_addr + 1) == NULL)
> code = SEGV_MAPERR;
> else
> code = SEGV_ACCERR;
I'm not seeing how this addresses VM_GROWSDOWN as Catalin mentioned before.
Will
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2021-04-22 12:53 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-20 16:50 [PATCH 1/3] arm64: armv8_deprecated: Fix swp_handler() signal generation Liam Howlett
2021-04-20 16:50 ` Liam Howlett
2021-04-20 16:50 ` [PATCH 2/3] arm64: signal: sigreturn() and rt_sigreturn() sometime returns the wrong signals Liam Howlett
2021-04-20 16:50 ` Liam Howlett
2021-04-22 12:48 ` Will Deacon
2021-04-22 12:48 ` Will Deacon
2021-04-22 18:22 ` Eric W. Biederman
2021-04-22 18:22 ` Eric W. Biederman
2021-04-22 19:24 ` Liam Howlett
2021-04-22 19:24 ` Liam Howlett
2021-04-23 18:17 ` Eric W. Biederman
2021-04-23 18:17 ` Eric W. Biederman
2021-04-23 20:03 ` Liam Howlett
2021-04-23 20:03 ` Liam Howlett
2021-04-29 17:52 ` Eric W. Biederman
2021-04-29 17:52 ` Eric W. Biederman
2021-04-30 18:48 ` Liam Howlett
2021-04-30 18:48 ` Liam Howlett
2021-04-30 19:57 ` Eric W. Biederman
2021-04-30 19:57 ` Eric W. Biederman
2021-04-30 20:31 ` Liam Howlett
2021-04-30 20:31 ` Liam Howlett
2021-04-20 16:50 ` [PATCH 3/3] arch/arm64/kernel/traps: Use find_vma_intersection() in traps for setting si_code Liam Howlett
2021-04-20 16:50 ` Liam Howlett
2021-04-22 12:53 ` Will Deacon [this message]
2021-04-22 12:53 ` Will Deacon
2021-04-22 18:56 ` Liam Howlett
2021-04-22 18:56 ` Liam Howlett
2021-04-20 21:22 ` [PATCH 1/3] arm64: armv8_deprecated: Fix swp_handler() signal generation kernel test robot
2021-04-20 21:22 ` kernel test robot
2021-04-21 15:47 ` Liam Howlett
2021-04-21 15:47 ` Liam Howlett
2021-04-21 15:47 ` Liam Howlett
2021-04-22 12:59 ` Will Deacon
2021-04-22 12:59 ` Will Deacon
2021-04-23 1:00 ` Liam Howlett
2021-04-23 1:00 ` Liam Howlett
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210422125334.GB1521@willie-the-truck \
--to=will@kernel.org \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=catalin.marinas@arm.com \
--cc=daniel@iogearbox.net \
--cc=julien.grall@arm.com \
--cc=liam.howlett@oracle.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.