From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=VXyD=6W=lists.01.org=linux-nvdimm-bounces@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.5 required=3.0 tests=DKIM_INVALID,DKIM_SIGNED,
	HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,LOTS_OF_MONEY,MAILING_LIST_MULTI,
	SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=ham
	autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id C318AC54E7E
	for <linux-nvdimm@archiver.kernel.org>; Fri,  8 May 2020 08:42:40 +0000 (UTC)
Received: from ml01.01.org (ml01.01.org [198.145.21.10])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 9B06E208CA
	for <linux-nvdimm@archiver.kernel.org>; Fri,  8 May 2020 08:42:40 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=fail reason="signature verification failed" (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="KgELIlqo"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 9B06E208CA
Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=redhat.com
Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-nvdimm-bounces@lists.01.org
Received: from ml01.vlan13.01.org (localhost [IPv6:::1])
	by ml01.01.org (Postfix) with ESMTP id 9A37311842511;
	Fri,  8 May 2020 01:40:37 -0700 (PDT)
Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=207.211.31.120; helo=us-smtp-1.mimecast.com; envelope-from=david@redhat.com; receiver=<UNKNOWN> 
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
	(No client certificate requested)
	by ml01.01.org (Postfix) with ESMTPS id 096D71108EF37
	for <linux-nvdimm@lists.01.org>; Fri,  8 May 2020 01:40:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1588927356;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=HDqdz7vUW07g8cOkfmGPIO8ov0KvSWCkjJFS1FzKfW0=;
	b=KgELIlqoT/Gzay5TM23oNfJiFXsV2VnmItnz92sU7H84Ih2kF35E25ynK+GPOAMtl/yHqI
	+d6DD5nflh7JjjzrsT7iGzI7HRDPYElzhTusKOP7E4tWXMAra6qe0VL9c4VkSFDwWF2I87
	H/m9/jOCpBcfgI3ufnvnEwAlGwjiIKU=
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-427-tly-VFRPOxOjTHrhhsV3FQ-1; Fri, 08 May 2020 04:42:32 -0400
X-MC-Unique: tly-VFRPOxOjTHrhhsV3FQ-1
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 41EEE8018AB;
	Fri,  8 May 2020 08:42:31 +0000 (UTC)
Received: from t480s.redhat.com (ovpn-113-181.ams2.redhat.com [10.36.113.181])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 0F93E5C1B0;
	Fri,  8 May 2020 08:42:28 +0000 (UTC)
From: David Hildenbrand <david@redhat.com>
To: linux-kernel@vger.kernel.org
Subject: [PATCH v4 1/4] device-dax: Don't leak kernel memory to user space after unloading kmem
Date: Fri,  8 May 2020 10:42:14 +0200
Message-Id: <20200508084217.9160-2-david@redhat.com>
In-Reply-To: <20200508084217.9160-1-david@redhat.com>
References: <20200508084217.9160-1-david@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
Message-ID-Hash: 2EP3FDTS5J6IMZAZYUFRU5UMWXDRJDXA
X-Message-ID-Hash: 2EP3FDTS5J6IMZAZYUFRU5UMWXDRJDXA
X-MailFrom: david@redhat.com
X-Mailman-Rule-Hits: nonmember-moderation
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation
CC: linux-mm@kvack.org, linux-nvdimm@lists.01.org, kexec@lists.infradead.org, Pavel Tatashin <pasha.tatashin@soleen.com>, David Hildenbrand <david@redhat.com>, stable@vger.kernel.org, Andrew Morton <akpm@linux-foundation.org>
X-Mailman-Version: 3.1.1
Precedence: list
List-Id: "Linux-nvdimm developer list." <linux-nvdimm.lists.01.org>
Archived-At: <https://lists.01.org/hyperkitty/list/linux-nvdimm@lists.01.org/message/2EP3FDTS5J6IMZAZYUFRU5UMWXDRJDXA/>
List-Archive: <https://lists.01.org/hyperkitty/list/linux-nvdimm@lists.01.org/>
List-Help: <mailto:linux-nvdimm-request@lists.01.org?subject=help>
List-Post: <mailto:linux-nvdimm@lists.01.org>
List-Subscribe: <mailto:linux-nvdimm-join@lists.01.org>
List-Unsubscribe: <mailto:linux-nvdimm-leave@lists.01.org>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64

QXNzdW1lIHdlIGhhdmUga21lbSBjb25maWd1cmVkIGFuZCBsb2FkZWQ6DQogIFtyb290QGxvY2Fs
aG9zdCB+XSMgY2F0IC9wcm9jL2lvbWVtDQogIC4uLg0KICAxNDAwMDAwMDAtMzNmZmZmZmZmIDog
UGVyc2lzdGVudCBNZW1vcnkkDQogICAgMTQwMDAwMDAwLTE0ODFmZmZmZiA6IG5hbWVzcGFjZTAu
MA0KICAgIDE1MDAwMDAwMC0zM2ZmZmZmZmYgOiBkYXgwLjANCiAgICAgIDE1MDAwMDAwMC0zM2Zm
ZmZmZmYgOiBTeXN0ZW0gUkFNDQoNCkFzc3VtZSB3ZSB0cnkgdG8gdW5sb2FkIGttZW0uIFRoaXMg
Zm9yY2UtdW5sb2FkaW5nIHdpbGwgd29yaywgZXZlbiBpZg0KbWVtb3J5IGNhbm5vdCBnZXQgcmVt
b3ZlZCBmcm9tIHRoZSBzeXN0ZW0uDQogIFtyb290QGxvY2FsaG9zdCB+XSMgcm1tb2Qga21lbQ0K
ICBbICAgODYuMzgwMjI4XSByZW1vdmluZyBtZW1vcnkgZmFpbHMsIGJlY2F1c2UgbWVtb3J5IFsw
eDAwMDAwMDAxNTAwMDAwMDAtMHgwMDAwMDAwMTU3ZmZmZmZmXSBpcyBvbmxpbmVkDQogIC4uLg0K
ICBbICAgODYuNDMxMjI1XSBrbWVtIGRheDAuMDogREFYIHJlZ2lvbiBbbWVtIDB4MTUwMDAwMDAw
LTB4MzNmZmZmZmZmXSBjYW5ub3QgYmUgaG90cmVtb3ZlZCB1bnRpbCB0aGUgbmV4dCByZWJvb3QN
Cg0KTm93LCB3ZSBjYW4gcmVjb25maWd1cmUgdGhlIG5hbWVzcGFjZToNCiAgW3Jvb3RAbG9jYWxo
b3N0IH5dIyBuZGN0bCBjcmVhdGUtbmFtZXNwYWNlIC0tZm9yY2UgLS1yZWNvbmZpZz1uYW1lc3Bh
Y2UwLjAgLS1tb2RlPWRldmRheA0KICBbICAxMzEuNDA5MzUxXSBuZF9wbWVtIG5hbWVzcGFjZTAu
MDogY291bGQgbm90IHJlc2VydmUgcmVnaW9uIFttZW0gMHgxNDAwMDAwMDAtMHgzM2ZmZmZmZmZd
ZGF4DQogIFsgIDEzMS40MTAxNDddIG5kX3BtZW06IHByb2JlIG9mIG5hbWVzcGFjZTAuMCBmYWls
ZWQgd2l0aCBlcnJvciAtMTZuYW1lc3BhY2UwLjAgLS1tb2RlPWRldmRheA0KICAuLi4NCg0KVGhp
cyBmYWlscyBhcyBleHBlY3RlZCBkdWUgdG8gdGhlIGJ1c3kgbWVtb3J5IHJlc291cmNlLCBhbmQg
dGhlIG1lbW9yeQ0KY2Fubm90IGJlIHVzZWQuIEhvd2V2ZXIsIHRoZSBkYXgwLjAgZGV2aWNlIGlz
IHJlbW92ZWQsIGFuZCBhbG9uZyBpdHMgbmFtZS4NCg0KVGhlIG5hbWUgb2YgdGhlIG1lbW9yeSBy
ZXNvdXJjZSBub3cgcG9pbnRzIGF0IGZyZWVkIG1lbW9yeSAobmFtZSBvZiB0aGUNCmRldmljZSku
DQogIFtyb290QGxvY2FsaG9zdCB+XSMgY2F0IC9wcm9jL2lvbWVtDQogIC4uLg0KICAxNDAwMDAw
MDAtMzNmZmZmZmZmIDogUGVyc2lzdGVudCBNZW1vcnkNCiAgICAxNDAwMDAwMDAtMTQ4MWZmZmZm
IDogbmFtZXNwYWNlMC4wDQogICAgMTUwMDAwMDAwLTMzZmZmZmZmZiA6IO+/vV/vv71eN1/vv73v
v70vX++/ve+/vXdS77+977+9V1Hvv73vv73vv71e77+977+977+9IC4uLg0KICAgIDE1MDAwMDAw
MC0zM2ZmZmZmZmYgOiBTeXN0ZW0gUkFNDQoNCldlIGhhdmUgdG8gbWFrZSBzdXJlIHRvIGR1cGxp
Y2F0ZSB0aGUgc3RyaW5nLiBXaGlsZSBhdCBpdCwgcmVtb3ZlIHRoZQ0Kc3VwZXJmbHVvdXMgc2V0
dGluZyBvZiB0aGUgbmFtZSBhbmQgZml4dXAgYSBzdGFsZSBjb21tZW50Lg0KDQpGaXhlczogOWY5
NjBkYTcyYjI1ICgiZGV2aWNlLWRheDogIkhvdHJlbW92ZSIgcGVyc2lzdGVudCBtZW1vcnkgdGhh
dCBpcyB1c2VkIGxpa2Ugbm9ybWFsIFJBTSIpDQpDYzogc3RhYmxlQHZnZXIua2VybmVsLm9yZyAj
IHY1LjMNCkNjOiBEYW4gV2lsbGlhbXMgPGRhbi5qLndpbGxpYW1zQGludGVsLmNvbT4NCkNjOiBW
aXNoYWwgVmVybWEgPHZpc2hhbC5sLnZlcm1hQGludGVsLmNvbT4NCkNjOiBEYXZlIEppYW5nIDxk
YXZlLmppYW5nQGludGVsLmNvbT4NCkNjOiBQYXZlbCBUYXRhc2hpbiA8cGFzaGEudGF0YXNoaW5A
c29sZWVuLmNvbT4NCkNjOiBBbmRyZXcgTW9ydG9uIDxha3BtQGxpbnV4LWZvdW5kYXRpb24ub3Jn
Pg0KU2lnbmVkLW9mZi1ieTogRGF2aWQgSGlsZGVuYnJhbmQgPGRhdmlkQHJlZGhhdC5jb20+DQot
LS0NCiBkcml2ZXJzL2RheC9rbWVtLmMgfCAxNCArKysrKysrKysrKy0tLQ0KIDEgZmlsZSBjaGFu
Z2VkLCAxMSBpbnNlcnRpb25zKCspLCAzIGRlbGV0aW9ucygtKQ0KDQpkaWZmIC0tZ2l0IGEvZHJp
dmVycy9kYXgva21lbS5jIGIvZHJpdmVycy9kYXgva21lbS5jDQppbmRleCAzZDBhN2U3MDJjOTQu
LjFlNjc4YmRmNWFlZCAxMDA2NDQNCi0tLSBhL2RyaXZlcnMvZGF4L2ttZW0uYw0KKysrIGIvZHJp
dmVycy9kYXgva21lbS5jDQpAQCAtMjIsNiArMjIsNyBAQCBpbnQgZGV2X2RheF9rbWVtX3Byb2Jl
KHN0cnVjdCBkZXZpY2UgKmRldikNCiAJcmVzb3VyY2Vfc2l6ZV90IGttZW1fc2l6ZTsNCiAJcmVz
b3VyY2Vfc2l6ZV90IGttZW1fZW5kOw0KIAlzdHJ1Y3QgcmVzb3VyY2UgKm5ld19yZXM7DQorCWNv
bnN0IGNoYXIgKm5ld19yZXNfbmFtZTsNCiAJaW50IG51bWFfbm9kZTsNCiAJaW50IHJjOw0KIA0K
QEAgLTQ4LDExICs0OSwxNiBAQCBpbnQgZGV2X2RheF9rbWVtX3Byb2JlKHN0cnVjdCBkZXZpY2Ug
KmRldikNCiAJa21lbV9zaXplICY9IH4obWVtb3J5X2Jsb2NrX3NpemVfYnl0ZXMoKSAtIDEpOw0K
IAlrbWVtX2VuZCA9IGttZW1fc3RhcnQgKyBrbWVtX3NpemU7DQogDQotCS8qIFJlZ2lvbiBpcyBw
ZXJtYW5lbnRseSByZXNlcnZlZC4gIEhvdC1yZW1vdmUgbm90IHlldCBpbXBsZW1lbnRlZC4gKi8N
Ci0JbmV3X3JlcyA9IHJlcXVlc3RfbWVtX3JlZ2lvbihrbWVtX3N0YXJ0LCBrbWVtX3NpemUsIGRl
dl9uYW1lKGRldikpOw0KKwluZXdfcmVzX25hbWUgPSBrc3RyZHVwKGRldl9uYW1lKGRldiksIEdG
UF9LRVJORUwpOw0KKwlpZiAoIW5ld19yZXNfbmFtZSkNCisJCXJldHVybiAtRU5PTUVNOw0KKw0K
KwkvKiBSZWdpb24gaXMgcGVybWFuZW50bHkgcmVzZXJ2ZWQgaWYgaG90cmVtb3ZlIGZhaWxzLiAq
Lw0KKwluZXdfcmVzID0gcmVxdWVzdF9tZW1fcmVnaW9uKGttZW1fc3RhcnQsIGttZW1fc2l6ZSwg
bmV3X3Jlc19uYW1lKTsNCiAJaWYgKCFuZXdfcmVzKSB7DQogCQlkZXZfd2FybihkZXYsICJjb3Vs
ZCBub3QgcmVzZXJ2ZSByZWdpb24gWyVwYS0lcGFdXG4iLA0KIAkJCSAma21lbV9zdGFydCwgJmtt
ZW1fZW5kKTsNCisJCWtmcmVlKG5ld19yZXNfbmFtZSk7DQogCQlyZXR1cm4gLUVCVVNZOw0KIAl9
DQogDQpAQCAtNjMsMTIgKzY5LDEyIEBAIGludCBkZXZfZGF4X2ttZW1fcHJvYmUoc3RydWN0IGRl
dmljZSAqZGV2KQ0KIAkgKiB1bmtub3duIHRvIHVzIHRoYXQgd2lsbCBicmVhayBhZGRfbWVtb3J5
KCkgYmVsb3cuDQogCSAqLw0KIAluZXdfcmVzLT5mbGFncyA9IElPUkVTT1VSQ0VfU1lTVEVNX1JB
TTsNCi0JbmV3X3Jlcy0+bmFtZSA9IGRldl9uYW1lKGRldik7DQogDQogCXJjID0gYWRkX21lbW9y
eShudW1hX25vZGUsIG5ld19yZXMtPnN0YXJ0LCByZXNvdXJjZV9zaXplKG5ld19yZXMpKTsNCiAJ
aWYgKHJjKSB7DQogCQlyZWxlYXNlX3Jlc291cmNlKG5ld19yZXMpOw0KIAkJa2ZyZWUobmV3X3Jl
cyk7DQorCQlrZnJlZShuZXdfcmVzX25hbWUpOw0KIAkJcmV0dXJuIHJjOw0KIAl9DQogCWRldl9k
YXgtPmRheF9rbWVtX3JlcyA9IG5ld19yZXM7DQpAQCAtODMsNiArODksNyBAQCBzdGF0aWMgaW50
IGRldl9kYXhfa21lbV9yZW1vdmUoc3RydWN0IGRldmljZSAqZGV2KQ0KIAlzdHJ1Y3QgcmVzb3Vy
Y2UgKnJlcyA9IGRldl9kYXgtPmRheF9rbWVtX3JlczsNCiAJcmVzb3VyY2Vfc2l6ZV90IGttZW1f
c3RhcnQgPSByZXMtPnN0YXJ0Ow0KIAlyZXNvdXJjZV9zaXplX3Qga21lbV9zaXplID0gcmVzb3Vy
Y2Vfc2l6ZShyZXMpOw0KKwljb25zdCBjaGFyICpyZXNfbmFtZSA9IHJlcy0+bmFtZTsNCiAJaW50
IHJjOw0KIA0KIAkvKg0KQEAgLTEwMiw2ICsxMDksNyBAQCBzdGF0aWMgaW50IGRldl9kYXhfa21l
bV9yZW1vdmUoc3RydWN0IGRldmljZSAqZGV2KQ0KIAkvKiBSZWxlYXNlIGFuZCBmcmVlIGRheCBy
ZXNvdXJjZXMgKi8NCiAJcmVsZWFzZV9yZXNvdXJjZShyZXMpOw0KIAlrZnJlZShyZXMpOw0KKwlr
ZnJlZShyZXNfbmFtZSk7DQogCWRldl9kYXgtPmRheF9rbWVtX3JlcyA9IE5VTEw7DQogDQogCXJl
dHVybiAwOw0KLS0gDQoyLjI1LjQNCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f
X19fX19fX19fX19fCkxpbnV4LW52ZGltbSBtYWlsaW5nIGxpc3QgLS0gbGludXgtbnZkaW1tQGxp
c3RzLjAxLm9yZwpUbyB1bnN1YnNjcmliZSBzZW5kIGFuIGVtYWlsIHRvIGxpbnV4LW52ZGltbS1s
ZWF2ZUBsaXN0cy4wMS5vcmcK

From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=wESH=6W=vger.kernel.org=linux-kernel-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.8 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,
	LOTS_OF_MONEY,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,
	URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 8218EC38A2A
	for <linux-kernel@archiver.kernel.org>; Fri,  8 May 2020 08:42:37 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by mail.kernel.org (Postfix) with ESMTP id 59B67208DB
	for <linux-kernel@archiver.kernel.org>; Fri,  8 May 2020 08:42:37 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="PKd8CfHj"
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727821AbgEHImh (ORCPT
        <rfc822;linux-kernel@archiver.kernel.org>);
        Fri, 8 May 2020 04:42:37 -0400
Received: from us-smtp-2.mimecast.com ([207.211.31.81]:43163 "EHLO
        us-smtp-delivery-1.mimecast.com" rhost-flags-OK-OK-OK-FAIL)
        by vger.kernel.org with ESMTP id S1726598AbgEHImg (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 8 May 2020 04:42:36 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
        s=mimecast20190719; t=1588927354;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=HDqdz7vUW07g8cOkfmGPIO8ov0KvSWCkjJFS1FzKfW0=;
        b=PKd8CfHjInkPQDlzTXLjoPHpLLRReMA407Bb7KAxFLKQbm7rB5oiHahykWYdbOxaHNrhW0
        1fP0jLAlk1+w0tPa2FcHCHYti4MpvBycR7ACx87bbRdThjpv/WkNpuCb0jllaRp8v0sJaU
        hzeJuR+4wUezllvIoUtt+fALWbssR6A=
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-427-tly-VFRPOxOjTHrhhsV3FQ-1; Fri, 08 May 2020 04:42:32 -0400
X-MC-Unique: tly-VFRPOxOjTHrhhsV3FQ-1
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 41EEE8018AB;
        Fri,  8 May 2020 08:42:31 +0000 (UTC)
Received: from t480s.redhat.com (ovpn-113-181.ams2.redhat.com [10.36.113.181])
        by smtp.corp.redhat.com (Postfix) with ESMTP id 0F93E5C1B0;
        Fri,  8 May 2020 08:42:28 +0000 (UTC)
From:   David Hildenbrand <david@redhat.com>
To:     linux-kernel@vger.kernel.org
Cc:     linux-mm@kvack.org, linux-nvdimm@lists.01.org,
        kexec@lists.infradead.org, Vishal Verma <vishal.l.verma@intel.com>,
        Dave Jiang <dave.jiang@intel.com>,
        Pavel Tatashin <pasha.tatashin@soleen.com>,
        David Hildenbrand <david@redhat.com>, stable@vger.kernel.org,
        Dan Williams <dan.j.williams@intel.com>,
        Andrew Morton <akpm@linux-foundation.org>
Subject: [PATCH v4 1/4] device-dax: Don't leak kernel memory to user space after unloading kmem
Date:   Fri,  8 May 2020 10:42:14 +0200
Message-Id: <20200508084217.9160-2-david@redhat.com>
In-Reply-To: <20200508084217.9160-1-david@redhat.com>
References: <20200508084217.9160-1-david@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Assume we have kmem configured and loaded:
  [root@localhost ~]# cat /proc/iomem
  ...
  140000000-33fffffff : Persistent Memory$
    140000000-1481fffff : namespace0.0
    150000000-33fffffff : dax0.0
      150000000-33fffffff : System RAM

Assume we try to unload kmem. This force-unloading will work, even if
memory cannot get removed from the system.
  [root@localhost ~]# rmmod kmem
  [   86.380228] removing memory fails, because memory [0x0000000150000000-0x0000000157ffffff] is onlined
  ...
  [   86.431225] kmem dax0.0: DAX region [mem 0x150000000-0x33fffffff] cannot be hotremoved until the next reboot

Now, we can reconfigure the namespace:
  [root@localhost ~]# ndctl create-namespace --force --reconfig=namespace0.0 --mode=devdax
  [  131.409351] nd_pmem namespace0.0: could not reserve region [mem 0x140000000-0x33fffffff]dax
  [  131.410147] nd_pmem: probe of namespace0.0 failed with error -16namespace0.0 --mode=devdax
  ...

This fails as expected due to the busy memory resource, and the memory
cannot be used. However, the dax0.0 device is removed, and along its name.

The name of the memory resource now points at freed memory (name of the
device).
  [root@localhost ~]# cat /proc/iomem
  ...
  140000000-33fffffff : Persistent Memory
    140000000-1481fffff : namespace0.0
    150000000-33fffffff : �_�^7_��/_��wR��WQ���^��� ...
    150000000-33fffffff : System RAM

We have to make sure to duplicate the string. While at it, remove the
superfluous setting of the name and fixup a stale comment.

Fixes: 9f960da72b25 ("device-dax: "Hotremove" persistent memory that is used like normal RAM")
Cc: stable@vger.kernel.org # v5.3
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Vishal Verma <vishal.l.verma@intel.com>
Cc: Dave Jiang <dave.jiang@intel.com>
Cc: Pavel Tatashin <pasha.tatashin@soleen.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
---
 drivers/dax/kmem.c | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/drivers/dax/kmem.c b/drivers/dax/kmem.c
index 3d0a7e702c94..1e678bdf5aed 100644
--- a/drivers/dax/kmem.c
+++ b/drivers/dax/kmem.c
@@ -22,6 +22,7 @@ int dev_dax_kmem_probe(struct device *dev)
 	resource_size_t kmem_size;
 	resource_size_t kmem_end;
 	struct resource *new_res;
+	const char *new_res_name;
 	int numa_node;
 	int rc;
 
@@ -48,11 +49,16 @@ int dev_dax_kmem_probe(struct device *dev)
 	kmem_size &= ~(memory_block_size_bytes() - 1);
 	kmem_end = kmem_start + kmem_size;
 
-	/* Region is permanently reserved.  Hot-remove not yet implemented. */
-	new_res = request_mem_region(kmem_start, kmem_size, dev_name(dev));
+	new_res_name = kstrdup(dev_name(dev), GFP_KERNEL);
+	if (!new_res_name)
+		return -ENOMEM;
+
+	/* Region is permanently reserved if hotremove fails. */
+	new_res = request_mem_region(kmem_start, kmem_size, new_res_name);
 	if (!new_res) {
 		dev_warn(dev, "could not reserve region [%pa-%pa]\n",
 			 &kmem_start, &kmem_end);
+		kfree(new_res_name);
 		return -EBUSY;
 	}
 
@@ -63,12 +69,12 @@ int dev_dax_kmem_probe(struct device *dev)
 	 * unknown to us that will break add_memory() below.
 	 */
 	new_res->flags = IORESOURCE_SYSTEM_RAM;
-	new_res->name = dev_name(dev);
 
 	rc = add_memory(numa_node, new_res->start, resource_size(new_res));
 	if (rc) {
 		release_resource(new_res);
 		kfree(new_res);
+		kfree(new_res_name);
 		return rc;
 	}
 	dev_dax->dax_kmem_res = new_res;
@@ -83,6 +89,7 @@ static int dev_dax_kmem_remove(struct device *dev)
 	struct resource *res = dev_dax->dax_kmem_res;
 	resource_size_t kmem_start = res->start;
 	resource_size_t kmem_size = resource_size(res);
+	const char *res_name = res->name;
 	int rc;
 
 	/*
@@ -102,6 +109,7 @@ static int dev_dax_kmem_remove(struct device *dev)
 	/* Release and free dax resources */
 	release_resource(res);
 	kfree(res);
+	kfree(res_name);
 	dev_dax->dax_kmem_res = NULL;
 
 	return 0;
-- 
2.25.4


From mboxrd@z Thu Jan  1 00:00:00 1970
Return-path: <kexec-bounces+dwmw2=infradead.org@lists.infradead.org>
Received: from us-smtp-2.mimecast.com ([207.211.31.81]
 helo=us-smtp-delivery-1.mimecast.com)
 by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux))
 id 1jWyac-0004Jc-QA
 for kexec@lists.infradead.org; Fri, 08 May 2020 08:42:39 +0000
From: David Hildenbrand <david@redhat.com>
Subject: [PATCH v4 1/4] device-dax: Don't leak kernel memory to user space
 after unloading kmem
Date: Fri,  8 May 2020 10:42:14 +0200
Message-Id: <20200508084217.9160-2-david@redhat.com>
In-Reply-To: <20200508084217.9160-1-david@redhat.com>
References: <20200508084217.9160-1-david@redhat.com>
MIME-Version: 1.0
List-Id: <kexec.lists.infradead.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/kexec>,
 <mailto:kexec-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/kexec/>
List-Post: <mailto:kexec@lists.infradead.org>
List-Help: <mailto:kexec-request@lists.infradead.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/kexec>,
 <mailto:kexec-request@lists.infradead.org?subject=subscribe>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Sender: "kexec" <kexec-bounces@lists.infradead.org>
Errors-To: kexec-bounces+dwmw2=infradead.org@lists.infradead.org
To: linux-kernel@vger.kernel.org
Cc: Dave Jiang <dave.jiang@intel.com>, Pavel Tatashin <pasha.tatashin@soleen.com>, linux-nvdimm@lists.01.org, Vishal Verma <vishal.l.verma@intel.com>, David Hildenbrand <david@redhat.com>, kexec@lists.infradead.org, stable@vger.kernel.org, linux-mm@kvack.org, Dan Williams <dan.j.williams@intel.com>, Andrew Morton <akpm@linux-foundation.org>

QXNzdW1lIHdlIGhhdmUga21lbSBjb25maWd1cmVkIGFuZCBsb2FkZWQ6CiAgW3Jvb3RAbG9jYWxo
b3N0IH5dIyBjYXQgL3Byb2MvaW9tZW0KICAuLi4KICAxNDAwMDAwMDAtMzNmZmZmZmZmIDogUGVy
c2lzdGVudCBNZW1vcnkkCiAgICAxNDAwMDAwMDAtMTQ4MWZmZmZmIDogbmFtZXNwYWNlMC4wCiAg
ICAxNTAwMDAwMDAtMzNmZmZmZmZmIDogZGF4MC4wCiAgICAgIDE1MDAwMDAwMC0zM2ZmZmZmZmYg
OiBTeXN0ZW0gUkFNCgpBc3N1bWUgd2UgdHJ5IHRvIHVubG9hZCBrbWVtLiBUaGlzIGZvcmNlLXVu
bG9hZGluZyB3aWxsIHdvcmssIGV2ZW4gaWYKbWVtb3J5IGNhbm5vdCBnZXQgcmVtb3ZlZCBmcm9t
IHRoZSBzeXN0ZW0uCiAgW3Jvb3RAbG9jYWxob3N0IH5dIyBybW1vZCBrbWVtCiAgWyAgIDg2LjM4
MDIyOF0gcmVtb3ZpbmcgbWVtb3J5IGZhaWxzLCBiZWNhdXNlIG1lbW9yeSBbMHgwMDAwMDAwMTUw
MDAwMDAwLTB4MDAwMDAwMDE1N2ZmZmZmZl0gaXMgb25saW5lZAogIC4uLgogIFsgICA4Ni40MzEy
MjVdIGttZW0gZGF4MC4wOiBEQVggcmVnaW9uIFttZW0gMHgxNTAwMDAwMDAtMHgzM2ZmZmZmZmZd
IGNhbm5vdCBiZSBob3RyZW1vdmVkIHVudGlsIHRoZSBuZXh0IHJlYm9vdAoKTm93LCB3ZSBjYW4g
cmVjb25maWd1cmUgdGhlIG5hbWVzcGFjZToKICBbcm9vdEBsb2NhbGhvc3Qgfl0jIG5kY3RsIGNy
ZWF0ZS1uYW1lc3BhY2UgLS1mb3JjZSAtLXJlY29uZmlnPW5hbWVzcGFjZTAuMCAtLW1vZGU9ZGV2
ZGF4CiAgWyAgMTMxLjQwOTM1MV0gbmRfcG1lbSBuYW1lc3BhY2UwLjA6IGNvdWxkIG5vdCByZXNl
cnZlIHJlZ2lvbiBbbWVtIDB4MTQwMDAwMDAwLTB4MzNmZmZmZmZmXWRheAogIFsgIDEzMS40MTAx
NDddIG5kX3BtZW06IHByb2JlIG9mIG5hbWVzcGFjZTAuMCBmYWlsZWQgd2l0aCBlcnJvciAtMTZu
YW1lc3BhY2UwLjAgLS1tb2RlPWRldmRheAogIC4uLgoKVGhpcyBmYWlscyBhcyBleHBlY3RlZCBk
dWUgdG8gdGhlIGJ1c3kgbWVtb3J5IHJlc291cmNlLCBhbmQgdGhlIG1lbW9yeQpjYW5ub3QgYmUg
dXNlZC4gSG93ZXZlciwgdGhlIGRheDAuMCBkZXZpY2UgaXMgcmVtb3ZlZCwgYW5kIGFsb25nIGl0
cyBuYW1lLgoKVGhlIG5hbWUgb2YgdGhlIG1lbW9yeSByZXNvdXJjZSBub3cgcG9pbnRzIGF0IGZy
ZWVkIG1lbW9yeSAobmFtZSBvZiB0aGUKZGV2aWNlKS4KICBbcm9vdEBsb2NhbGhvc3Qgfl0jIGNh
dCAvcHJvYy9pb21lbQogIC4uLgogIDE0MDAwMDAwMC0zM2ZmZmZmZmYgOiBQZXJzaXN0ZW50IE1l
bW9yeQogICAgMTQwMDAwMDAwLTE0ODFmZmZmZiA6IG5hbWVzcGFjZTAuMAogICAgMTUwMDAwMDAw
LTMzZmZmZmZmZiA6IO+/vV/vv71eN1/vv73vv70vX++/ve+/vXdS77+977+9V1Hvv73vv73vv71e
77+977+977+9IC4uLgogICAgMTUwMDAwMDAwLTMzZmZmZmZmZiA6IFN5c3RlbSBSQU0KCldlIGhh
dmUgdG8gbWFrZSBzdXJlIHRvIGR1cGxpY2F0ZSB0aGUgc3RyaW5nLiBXaGlsZSBhdCBpdCwgcmVt
b3ZlIHRoZQpzdXBlcmZsdW91cyBzZXR0aW5nIG9mIHRoZSBuYW1lIGFuZCBmaXh1cCBhIHN0YWxl
IGNvbW1lbnQuCgpGaXhlczogOWY5NjBkYTcyYjI1ICgiZGV2aWNlLWRheDogIkhvdHJlbW92ZSIg
cGVyc2lzdGVudCBtZW1vcnkgdGhhdCBpcyB1c2VkIGxpa2Ugbm9ybWFsIFJBTSIpCkNjOiBzdGFi
bGVAdmdlci5rZXJuZWwub3JnICMgdjUuMwpDYzogRGFuIFdpbGxpYW1zIDxkYW4uai53aWxsaWFt
c0BpbnRlbC5jb20+CkNjOiBWaXNoYWwgVmVybWEgPHZpc2hhbC5sLnZlcm1hQGludGVsLmNvbT4K
Q2M6IERhdmUgSmlhbmcgPGRhdmUuamlhbmdAaW50ZWwuY29tPgpDYzogUGF2ZWwgVGF0YXNoaW4g
PHBhc2hhLnRhdGFzaGluQHNvbGVlbi5jb20+CkNjOiBBbmRyZXcgTW9ydG9uIDxha3BtQGxpbnV4
LWZvdW5kYXRpb24ub3JnPgpTaWduZWQtb2ZmLWJ5OiBEYXZpZCBIaWxkZW5icmFuZCA8ZGF2aWRA
cmVkaGF0LmNvbT4KLS0tCiBkcml2ZXJzL2RheC9rbWVtLmMgfCAxNCArKysrKysrKysrKy0tLQog
MSBmaWxlIGNoYW5nZWQsIDExIGluc2VydGlvbnMoKyksIDMgZGVsZXRpb25zKC0pCgpkaWZmIC0t
Z2l0IGEvZHJpdmVycy9kYXgva21lbS5jIGIvZHJpdmVycy9kYXgva21lbS5jCmluZGV4IDNkMGE3
ZTcwMmM5NC4uMWU2NzhiZGY1YWVkIDEwMDY0NAotLS0gYS9kcml2ZXJzL2RheC9rbWVtLmMKKysr
IGIvZHJpdmVycy9kYXgva21lbS5jCkBAIC0yMiw2ICsyMiw3IEBAIGludCBkZXZfZGF4X2ttZW1f
cHJvYmUoc3RydWN0IGRldmljZSAqZGV2KQogCXJlc291cmNlX3NpemVfdCBrbWVtX3NpemU7CiAJ
cmVzb3VyY2Vfc2l6ZV90IGttZW1fZW5kOwogCXN0cnVjdCByZXNvdXJjZSAqbmV3X3JlczsKKwlj
b25zdCBjaGFyICpuZXdfcmVzX25hbWU7CiAJaW50IG51bWFfbm9kZTsKIAlpbnQgcmM7CiAKQEAg
LTQ4LDExICs0OSwxNiBAQCBpbnQgZGV2X2RheF9rbWVtX3Byb2JlKHN0cnVjdCBkZXZpY2UgKmRl
dikKIAlrbWVtX3NpemUgJj0gfihtZW1vcnlfYmxvY2tfc2l6ZV9ieXRlcygpIC0gMSk7CiAJa21l
bV9lbmQgPSBrbWVtX3N0YXJ0ICsga21lbV9zaXplOwogCi0JLyogUmVnaW9uIGlzIHBlcm1hbmVu
dGx5IHJlc2VydmVkLiAgSG90LXJlbW92ZSBub3QgeWV0IGltcGxlbWVudGVkLiAqLwotCW5ld19y
ZXMgPSByZXF1ZXN0X21lbV9yZWdpb24oa21lbV9zdGFydCwga21lbV9zaXplLCBkZXZfbmFtZShk
ZXYpKTsKKwluZXdfcmVzX25hbWUgPSBrc3RyZHVwKGRldl9uYW1lKGRldiksIEdGUF9LRVJORUwp
OworCWlmICghbmV3X3Jlc19uYW1lKQorCQlyZXR1cm4gLUVOT01FTTsKKworCS8qIFJlZ2lvbiBp
cyBwZXJtYW5lbnRseSByZXNlcnZlZCBpZiBob3RyZW1vdmUgZmFpbHMuICovCisJbmV3X3JlcyA9
IHJlcXVlc3RfbWVtX3JlZ2lvbihrbWVtX3N0YXJ0LCBrbWVtX3NpemUsIG5ld19yZXNfbmFtZSk7
CiAJaWYgKCFuZXdfcmVzKSB7CiAJCWRldl93YXJuKGRldiwgImNvdWxkIG5vdCByZXNlcnZlIHJl
Z2lvbiBbJXBhLSVwYV1cbiIsCiAJCQkgJmttZW1fc3RhcnQsICZrbWVtX2VuZCk7CisJCWtmcmVl
KG5ld19yZXNfbmFtZSk7CiAJCXJldHVybiAtRUJVU1k7CiAJfQogCkBAIC02MywxMiArNjksMTIg
QEAgaW50IGRldl9kYXhfa21lbV9wcm9iZShzdHJ1Y3QgZGV2aWNlICpkZXYpCiAJICogdW5rbm93
biB0byB1cyB0aGF0IHdpbGwgYnJlYWsgYWRkX21lbW9yeSgpIGJlbG93LgogCSAqLwogCW5ld19y
ZXMtPmZsYWdzID0gSU9SRVNPVVJDRV9TWVNURU1fUkFNOwotCW5ld19yZXMtPm5hbWUgPSBkZXZf
bmFtZShkZXYpOwogCiAJcmMgPSBhZGRfbWVtb3J5KG51bWFfbm9kZSwgbmV3X3Jlcy0+c3RhcnQs
IHJlc291cmNlX3NpemUobmV3X3JlcykpOwogCWlmIChyYykgewogCQlyZWxlYXNlX3Jlc291cmNl
KG5ld19yZXMpOwogCQlrZnJlZShuZXdfcmVzKTsKKwkJa2ZyZWUobmV3X3Jlc19uYW1lKTsKIAkJ
cmV0dXJuIHJjOwogCX0KIAlkZXZfZGF4LT5kYXhfa21lbV9yZXMgPSBuZXdfcmVzOwpAQCAtODMs
NiArODksNyBAQCBzdGF0aWMgaW50IGRldl9kYXhfa21lbV9yZW1vdmUoc3RydWN0IGRldmljZSAq
ZGV2KQogCXN0cnVjdCByZXNvdXJjZSAqcmVzID0gZGV2X2RheC0+ZGF4X2ttZW1fcmVzOwogCXJl
c291cmNlX3NpemVfdCBrbWVtX3N0YXJ0ID0gcmVzLT5zdGFydDsKIAlyZXNvdXJjZV9zaXplX3Qg
a21lbV9zaXplID0gcmVzb3VyY2Vfc2l6ZShyZXMpOworCWNvbnN0IGNoYXIgKnJlc19uYW1lID0g
cmVzLT5uYW1lOwogCWludCByYzsKIAogCS8qCkBAIC0xMDIsNiArMTA5LDcgQEAgc3RhdGljIGlu
dCBkZXZfZGF4X2ttZW1fcmVtb3ZlKHN0cnVjdCBkZXZpY2UgKmRldikKIAkvKiBSZWxlYXNlIGFu
ZCBmcmVlIGRheCByZXNvdXJjZXMgKi8KIAlyZWxlYXNlX3Jlc291cmNlKHJlcyk7CiAJa2ZyZWUo
cmVzKTsKKwlrZnJlZShyZXNfbmFtZSk7CiAJZGV2X2RheC0+ZGF4X2ttZW1fcmVzID0gTlVMTDsK
IAogCXJldHVybiAwOwotLSAKMi4yNS40CgoKX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f
X19fX19fX19fX19fX19fX18Ka2V4ZWMgbWFpbGluZyBsaXN0CmtleGVjQGxpc3RzLmluZnJhZGVh
ZC5vcmcKaHR0cDovL2xpc3RzLmluZnJhZGVhZC5vcmcvbWFpbG1hbi9saXN0aW5mby9rZXhlYwo=