[to-be-updated] vmap-dont-allow-invalid-pages.patch removed from -mm tree

[to-be-updated] vmap-dont-allow-invalid-pages.patch removed from -mm tree

[Andrew Morton]

The patch titled
     Subject: mm/vmalloc.c: vmap(): don't allow invalid pages
has been removed from the -mm tree.  Its filename was
     vmap-dont-allow-invalid-pages.patch

This patch was dropped because an updated version will be merged

------------------------------------------------------
From: Yury Norov <yury.norov@gmail.com>
Subject: mm/vmalloc.c: vmap(): don't allow invalid pages

vmap() takes struct page *pages as one of arguments, and user may provide
an invalid pointer which would lead to data abort at address translation
later.

Currently, kernel checks the pages against NULL.  In my case, however, the
address was not NULL, and was big enough so that the hardware generated
Address Size Abort on arm64.

Interestingly, this abort happens even if copy_from_kernel_nofault() is
used, which is quite inconvenient for debugging purposes.

This patch adds a pfn_valid() check into vmap() path, so that invalid
mapping will not be created.

Link: https://lkml.kernel.org/r/20220119012109.551931-1-yury.norov@gmail.com
Signed-off-by: Yury Norov <yury.norov@gmail.com>
Suggested-by: Matthew Wilcox (Oracle) <willy@infradead.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Will Deacon <will@kernel.org>
Cc: Nicholas Piggin <npiggin@gmail.com>
Cc: Ding Tianhong <dingtianhong@huawei.com>
Cc: Anshuman Khandual <anshuman.khandual@arm.com>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: Alexey Klimov <aklimov@redhat.com>
Cc: Uladzislau Rezki <urezki@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---

 mm/vmalloc.c |    2 ++
 1 file changed, 2 insertions(+)

--- a/mm/vmalloc.c~vmap-dont-allow-invalid-pages
+++ a/mm/vmalloc.c
@@ -478,6 +478,8 @@ static int vmap_pages_pte_range(pmd_t *p
 			return -EBUSY;
 		if (WARN_ON(!page))
 			return -ENOMEM;
+		if (WARN_ON(!pfn_valid(page_to_pfn(page))))
+			return -EINVAL;
 		set_pte_at(&init_mm, addr, pte, mk_pte(page, prot));
 		(*nr)++;
 	} while (pte++, addr += PAGE_SIZE, addr != end);
_

Patches currently in -mm which might be from yury.norov@gmail.com are

Re: [to-be-updated] vmap-dont-allow-invalid-pages.patch removed from -mm tree

[Yury Norov]

On Mon, Mar 21, 2022 at 02:16:11PM -0700, Andrew Morton wrote:
> 
> The patch titled
>      Subject: mm/vmalloc.c: vmap(): don't allow invalid pages
> has been removed from the -mm tree.  Its filename was
>      vmap-dont-allow-invalid-pages.patch
> 
> This patch was dropped because an updated version will be merged

Hi Andrew,

Can you please clarify what updated version did you mean? Are you
waiting for a v3 from me with extended patch comment, or something
else?

Thanks,
Yury
 
> ------------------------------------------------------
> From: Yury Norov <yury.norov@gmail.com>
> Subject: mm/vmalloc.c: vmap(): don't allow invalid pages
> 
> vmap() takes struct page *pages as one of arguments, and user may provide
> an invalid pointer which would lead to data abort at address translation
> later.
> 
> Currently, kernel checks the pages against NULL.  In my case, however, the
> address was not NULL, and was big enough so that the hardware generated
> Address Size Abort on arm64.
> 
> Interestingly, this abort happens even if copy_from_kernel_nofault() is
> used, which is quite inconvenient for debugging purposes.
> 
> This patch adds a pfn_valid() check into vmap() path, so that invalid
> mapping will not be created.
> 
> Link: https://lkml.kernel.org/r/20220119012109.551931-1-yury.norov@gmail.com
> Signed-off-by: Yury Norov <yury.norov@gmail.com>
> Suggested-by: Matthew Wilcox (Oracle) <willy@infradead.org>
> Cc: Catalin Marinas <catalin.marinas@arm.com>
> Cc: Will Deacon <will@kernel.org>
> Cc: Nicholas Piggin <npiggin@gmail.com>
> Cc: Ding Tianhong <dingtianhong@huawei.com>
> Cc: Anshuman Khandual <anshuman.khandual@arm.com>
> Cc: Matthew Wilcox <willy@infradead.org>
> Cc: Alexey Klimov <aklimov@redhat.com>
> Cc: Uladzislau Rezki <urezki@gmail.com>
> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
> ---
> 
>  mm/vmalloc.c |    2 ++
>  1 file changed, 2 insertions(+)
> 
> --- a/mm/vmalloc.c~vmap-dont-allow-invalid-pages
> +++ a/mm/vmalloc.c
> @@ -478,6 +478,8 @@ static int vmap_pages_pte_range(pmd_t *p
>  			return -EBUSY;
>  		if (WARN_ON(!page))
>  			return -ENOMEM;
> +		if (WARN_ON(!pfn_valid(page_to_pfn(page))))
> +			return -EINVAL;
>  		set_pte_at(&init_mm, addr, pte, mk_pte(page, prot));
>  		(*nr)++;
>  	} while (pte++, addr += PAGE_SIZE, addr != end);
> _
> 
> Patches currently in -mm which might be from yury.norov@gmail.com are
> 

Re: [to-be-updated] vmap-dont-allow-invalid-pages.patch removed from -mm tree

[Andrew Morton]

On Sun, 10 Apr 2022 09:39:16 -0700 Yury Norov <yury.norov@gmail.com> wrote:

> On Mon, Mar 21, 2022 at 02:16:11PM -0700, Andrew Morton wrote:
> > 
> > The patch titled
> >      Subject: mm/vmalloc.c: vmap(): don't allow invalid pages
> > has been removed from the -mm tree.  Its filename was
> >      vmap-dont-allow-invalid-pages.patch
> > 
> > This patch was dropped because an updated version will be merged
> 
> Hi Andrew,
> 
> Can you please clarify what updated version did you mean? Are you
> waiting for a v3 from me with extended patch comment, or something
> else?

yup.

https://lkml.kernel.org/r/CAAH8bW9s9ENa7QOExV3rOqn-LAEu1RrQd+ijor9o=jhGxm=6ew@mail.gmail.com

"I'll send v3 soon with more details in the patch description."