From: mark.rutland@arm.com (Mark Rutland)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH v5] mm: huge-vmap: fail gracefully on unexpected huge vmap mappings
Date: Fri, 9 Jun 2017 10:22:10 +0100 [thread overview]
Message-ID: <20170609092209.GA10665@leverpostej> (raw)
In-Reply-To: <20170609082226.26152-1-ard.biesheuvel@linaro.org>
On Fri, Jun 09, 2017 at 08:22:26AM +0000, Ard Biesheuvel wrote:
> Existing code that uses vmalloc_to_page() may assume that any
> address for which is_vmalloc_addr() returns true may be passed
> into vmalloc_to_page() to retrieve the associated struct page.
>
> This is not un unreasonable assumption to make, but on architectures
> that have CONFIG_HAVE_ARCH_HUGE_VMAP=y, it no longer holds, and we
> need to ensure that vmalloc_to_page() does not go off into the weeds
> trying to dereference huge PUDs or PMDs as table entries.
>
> Given that vmalloc() and vmap() themselves never create huge
> mappings or deal with compound pages at all, there is no correct
> answer in this case, so return NULL instead, and issue a warning.
>
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
> v5: - fix typo
>
> v4: - use pud_bad/pmd_bad instead of pud_huge/pmd_huge, which don't require
> changes to hugetlb.h, and give us what we need on all architectures
> - move WARN_ON_ONCE() calls out of conditionals
> - add explanatory comment
>
> mm/vmalloc.c | 15 +++++++++++++--
> 1 file changed, 13 insertions(+), 2 deletions(-)
>
> diff --git a/mm/vmalloc.c b/mm/vmalloc.c
> index 34a1c3e46ed7..0fcd371266a4 100644
> --- a/mm/vmalloc.c
> +++ b/mm/vmalloc.c
> @@ -287,10 +287,21 @@ struct page *vmalloc_to_page(const void *vmalloc_addr)
> if (p4d_none(*p4d))
> return NULL;
> pud = pud_offset(p4d, addr);
> - if (pud_none(*pud))
> +
> + /*
> + * Don't dereference bad PUD or PMD (below) entries. This will also
> + * identify huge mappings, which we may encounter on architectures
> + * that define CONFIG_HAVE_ARCH_HUGE_VMAP=y. Such regions will be
> + * identified as vmalloc addresses by is_vmalloc_addr(), but are
> + * not [unambiguously] associated with a struct page, so there is
> + * no correct value to return for them.
> + */
> + WARN_ON_ONCE(pud_bad(*pud));
> + if (pud_none(*pud) || pud_bad(*pud))
> return NULL;
Nit: the WARN_ON_ONCE() can be folded into the conditional:
if (pud_none(*pud) || WARN_ON_ONCE(pud_bad(*pud)))
reutrn NULL;
> pmd = pmd_offset(pud, addr);
> - if (pmd_none(*pmd))
> + WARN_ON_ONCE(pmd_bad(*pmd));
> + if (pmd_none(*pmd) || pmd_bad(*pmd))
> return NULL;
Likewise here.
Otherwise, looks good to me. FWIW:
Acked-by: Mark Rutland <mark.rutland@arm.com>
Thanks,
Mark.
>
> ptep = pte_offset_map(pmd, addr);
> --
> 2.9.3
>
next prev parent reply other threads:[~2017-06-09 9:22 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-09 8:22 [PATCH v5] mm: huge-vmap: fail gracefully on unexpected huge vmap mappings Ard Biesheuvel
2017-06-09 9:22 ` Mark Rutland [this message]
2017-06-09 9:27 ` Ard Biesheuvel
2017-06-09 9:29 ` Mark Rutland
2017-06-09 18:13 ` Laura Abbott
2017-06-15 21:24 ` Andrew Morton
2017-06-15 22:11 ` Ard Biesheuvel
2017-06-15 22:16 ` Andrew Morton
2017-06-15 22:29 ` Ard Biesheuvel
2017-06-16 8:38 ` Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170609092209.GA10665@leverpostej \
--to=mark.rutland@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).