From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Will Deacon <will@kernel.org>,
Catalin Marinas <catalin.marinas@arm.com>,
Mark Rutland <mark.rutland@arm.com>,
Vincenzo Frascino <vincenzo.frascino@arm.com>
Subject: [PATCH 5.4 06/32] arm64: Fix kernel address detection of __is_lm_address()
Date: Fri, 5 Feb 2021 15:07:21 +0100 [thread overview]
Message-ID: <20210205140652.618550818@linuxfoundation.org> (raw)
In-Reply-To: <20210205140652.348864025@linuxfoundation.org>
From: Vincenzo Frascino <vincenzo.frascino@arm.com>
commit 519ea6f1c82fcdc9842908155ae379de47818778 upstream.
Currently, the __is_lm_address() check just masks out the top 12 bits
of the address, but if they are 0, it still yields a true result.
This has as a side effect that virt_addr_valid() returns true even for
invalid virtual addresses (e.g. 0x0).
Fix the detection checking that it's actually a kernel address starting
at PAGE_OFFSET.
Fixes: 68dd8ef32162 ("arm64: memory: Fix virt_addr_valid() using __is_lm_address()")
Cc: <stable@vger.kernel.org> # 5.4.x
Cc: Will Deacon <will@kernel.org>
Suggested-by: Catalin Marinas <catalin.marinas@arm.com>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Acked-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Vincenzo Frascino <vincenzo.frascino@arm.com>
Link: https://lore.kernel.org/r/20210126134056.45747-1-vincenzo.frascino@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
arch/arm64/include/asm/memory.h | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
--- a/arch/arm64/include/asm/memory.h
+++ b/arch/arm64/include/asm/memory.h
@@ -247,11 +247,11 @@ static inline const void *__tag_set(cons
/*
- * The linear kernel range starts at the bottom of the virtual address
- * space. Testing the top bit for the start of the region is a
- * sufficient check and avoids having to worry about the tag.
+ * Check whether an arbitrary address is within the linear map, which
+ * lives in the [PAGE_OFFSET, PAGE_END) interval at the bottom of the
+ * kernel's TTBR1 address range.
*/
-#define __is_lm_address(addr) (!(((u64)addr) & BIT(vabits_actual - 1)))
+#define __is_lm_address(addr) (((u64)(addr) ^ PAGE_OFFSET) < (PAGE_END - PAGE_OFFSET))
#define __lm_to_phys(addr) (((addr) & ~PAGE_OFFSET) + PHYS_OFFSET)
#define __kimg_to_phys(addr) ((addr) - kimage_voffset)
next prev parent reply other threads:[~2021-02-05 22:31 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-05 14:07 [PATCH 5.4 00/32] 5.4.96-rc1 review Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 01/32] net: dsa: bcm_sf2: put device node before return Greg Kroah-Hartman
2021-02-07 9:25 ` Pavel Machek
2021-02-05 14:07 ` [PATCH 5.4 02/32] net: switchdev: dont set port_obj_info->handled true when -EOPNOTSUPP Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 03/32] ibmvnic: Ensure that CRQ entry read are correctly ordered Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 04/32] Revert "Revert "block: end bio with BLK_STS_AGAIN in case of non-mq devs and REQ_NOWAIT"" Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 05/32] ACPI: thermal: Do not call acpi_thermal_check() directly Greg Kroah-Hartman
2021-02-05 14:07 ` Greg Kroah-Hartman [this message]
2021-02-05 14:07 ` [PATCH 5.4 07/32] arm64: Do not pass tagged addresses to __is_lm_address() Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 08/32] tcp: make TCP_USER_TIMEOUT accurate for zero window probes Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 09/32] btrfs: backref, only collect file extent items matching backref offset Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 10/32] btrfs: backref, dont add refs from shared block when resolving normal backref Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 11/32] btrfs: backref, only search backref entries from leaves of the same root Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 12/32] btrfs: backref, use correct count to resolve normal data refs Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 13/32] net_sched: gen_estimator: support large ewma log Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 14/32] phy: cpcap-usb: Fix warning for missing regulator_disable Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 15/32] platform/x86: touchscreen_dmi: Add swap-x-y quirk for Goodix touchscreen on Estar Beauty HD tablet Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 16/32] platform/x86: intel-vbtn: Support for tablet mode on Dell Inspiron 7352 Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 17/32] x86: __always_inline __{rd,wr}msr() Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 18/32] scsi: scsi_transport_srp: Dont block target in failfast state Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 19/32] scsi: libfc: Avoid invoking response handler twice if ep is already completed Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 20/32] scsi: fnic: Fix memleak in vnic_dev_init_devcmd2 Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 21/32] ASoC: SOF: Intel: hda: Resume codec to do jack detection Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 22/32] mac80211: fix fast-rx encryption check Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 23/32] scsi: ibmvfc: Set default timeout to avoid crash during migration Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 24/32] ALSA: hda: Add Cometlake-R PCI ID Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 25/32] udf: fix the problem that the disc content is not displayed Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 26/32] nvme: check the PRINFO bit before deciding the host buffer length Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 27/32] selftests/powerpc: Only test lwm/stmw on big endian Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 28/32] drm/amd/display: Update dram_clock_change_latency for DCN2.1 Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 29/32] drm/amd/display: Change function decide_dp_link_settings to avoid infinite looping Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 30/32] objtool: Dont fail on missing symbol table Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 31/32] kthread: Extract KTHREAD_IS_PER_CPU Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.4 32/32] workqueue: Restrict affinity change to rescuer Greg Kroah-Hartman
2021-02-05 20:58 ` [PATCH 5.4 00/32] 5.4.96-rc1 review Igor
2021-02-05 21:16 ` Florian Fainelli
2021-02-07 14:36 ` Greg Kroah-Hartman
2021-02-06 14:27 ` Naresh Kamboju
2021-02-06 16:02 ` Guenter Roeck
2021-02-07 15:34 ` Jon Hunter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210205140652.618550818@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=catalin.marinas@arm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=stable@vger.kernel.org \
--cc=vincenzo.frascino@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.