* [PATCH] x86/pkey: Fix undefined behaviour with PKRU_WD_BIT
@ 2021-12-16 0:08 Andrew Cooper
2021-12-16 17:44 ` [tip: x86/urgent] " tip-bot2 for Andrew Cooper
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: Andrew Cooper @ 2021-12-16 0:08 UTC (permalink / raw)
To: LKML
Cc: amc96, Andrew Cooper, Thomas Gleixner, Ingo Molnar,
Borislav Petkov, Dave Hansen, x86, H. Peter Anvin
Both __pkru_allows_write() and arch_set_user_pkey_access() shift
PKRU_WD_BIT (a signed constant) by up to 30 bits, hitting the sign bit.
Use unsigned constants instead.
Clearly pkey 15 has not been used in combination with UBSAN yet.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
---
CC: Thomas Gleixner <tglx@linutronix.de>
CC: Ingo Molnar <mingo@redhat.com>
CC: Borislav Petkov <bp@alien8.de>
CC: Dave Hansen <dave.hansen@linux.intel.com>
CC: x86@kernel.org
CC: "H. Peter Anvin" <hpa@zytor.com>
Noticed by code inspection only. I can't actually provoke the compiler into
generating incorrect logic as far as this shift is concerned, so haven't
included a fixes tag.
If wanted, it is:
Fixes: 33a709b25a76 ("mm/gup, x86/mm/pkeys: Check VMAs and PTEs for protection keys")
except it will collide with the very recent code movement in 784a46618f634.
---
arch/x86/include/asm/pkru.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/x86/include/asm/pkru.h b/arch/x86/include/asm/pkru.h
index 4cd49afa0ca4..74f0a2d34ffd 100644
--- a/arch/x86/include/asm/pkru.h
+++ b/arch/x86/include/asm/pkru.h
@@ -4,8 +4,8 @@
#include <asm/cpufeature.h>
-#define PKRU_AD_BIT 0x1
-#define PKRU_WD_BIT 0x2
+#define PKRU_AD_BIT 0x1u
+#define PKRU_WD_BIT 0x2u
#define PKRU_BITS_PER_PKEY 2
#ifdef CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS
--
2.11.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [tip: x86/urgent] x86/pkey: Fix undefined behaviour with PKRU_WD_BIT
2021-12-16 0:08 [PATCH] x86/pkey: Fix undefined behaviour with PKRU_WD_BIT Andrew Cooper
@ 2021-12-16 17:44 ` tip-bot2 for Andrew Cooper
2021-12-16 20:11 ` tip-bot2 for Andrew Cooper
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: tip-bot2 for Andrew Cooper @ 2021-12-16 17:44 UTC (permalink / raw)
To: linux-tip-commits; +Cc: Andrew Cooper, Dave Hansen, stable, x86, linux-kernel
The following commit has been merged into the x86/urgent branch of tip:
Commit-ID: 7aa3e3011ef3e0a9c36417eafca7894a028e5df6
Gitweb: https://git.kernel.org/tip/7aa3e3011ef3e0a9c36417eafca7894a028e5df6
Author: Andrew Cooper <andrew.cooper3@citrix.com>
AuthorDate: Thu, 16 Dec 2021 00:08:56
Committer: Dave Hansen <dave.hansen@linux.intel.com>
CommitterDate: Thu, 16 Dec 2021 09:39:40 -08:00
x86/pkey: Fix undefined behaviour with PKRU_WD_BIT
Both __pkru_allows_write() and arch_set_user_pkey_access() shift
PKRU_WD_BIT (a signed constant) by up to 30 bits, hitting the
sign bit.
Use unsigned constants instead.
Clearly pkey 15 has not been used in combination with UBSAN yet.
Noticed by code inspection only. I can't actually provoke the
compiler into generating incorrect logic as far as this shift is
concerned, so haven't included a fixes tag.
[
dhansen: add stable@ tag, plus minor changelog massaging,
For anyone doing backports, these #defines were in
arch/x86/include/asm/pgtable.h before 784a46618f6.
]
Fixes: 33a709b25a76 ("mm/gup, x86/mm/pkeys: Check VMAs and PTEs for protection keys")
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Cc: stable@vger.kernel.org
Link: https://lkml.kernel.org/r/20211216000856.4480-1-andrew.cooper3@citrix.com
---
arch/x86/include/asm/pkru.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/x86/include/asm/pkru.h b/arch/x86/include/asm/pkru.h
index 4cd49af..74f0a2d 100644
--- a/arch/x86/include/asm/pkru.h
+++ b/arch/x86/include/asm/pkru.h
@@ -4,8 +4,8 @@
#include <asm/cpufeature.h>
-#define PKRU_AD_BIT 0x1
-#define PKRU_WD_BIT 0x2
+#define PKRU_AD_BIT 0x1u
+#define PKRU_WD_BIT 0x2u
#define PKRU_BITS_PER_PKEY 2
#ifdef CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [tip: x86/urgent] x86/pkey: Fix undefined behaviour with PKRU_WD_BIT
2021-12-16 0:08 [PATCH] x86/pkey: Fix undefined behaviour with PKRU_WD_BIT Andrew Cooper
2021-12-16 17:44 ` [tip: x86/urgent] " tip-bot2 for Andrew Cooper
@ 2021-12-16 20:11 ` tip-bot2 for Andrew Cooper
2021-12-19 13:14 ` tip-bot2 for Andrew Cooper
2021-12-19 21:51 ` tip-bot2 for Andrew Cooper
3 siblings, 0 replies; 5+ messages in thread
From: tip-bot2 for Andrew Cooper @ 2021-12-16 20:11 UTC (permalink / raw)
To: linux-tip-commits; +Cc: Andrew Cooper, Dave Hansen, stable, x86, linux-kernel
The following commit has been merged into the x86/urgent branch of tip:
Commit-ID: e9836ee0043ebd02ba1d049cf8b9e6daa30ad2cd
Gitweb: https://git.kernel.org/tip/e9836ee0043ebd02ba1d049cf8b9e6daa30ad2cd
Author: Andrew Cooper <andrew.cooper3@citrix.com>
AuthorDate: Thu, 16 Dec 2021 00:08:56
Committer: Dave Hansen <dave.hansen@linux.intel.com>
CommitterDate: Thu, 16 Dec 2021 11:55:51 -08:00
x86/pkey: Fix undefined behaviour with PKRU_WD_BIT
Both __pkru_allows_write() and arch_set_user_pkey_access() shift
PKRU_WD_BIT (a signed constant) by up to 30 bits, hitting the
sign bit.
Use unsigned constants instead.
Clearly pkey 15 has not been used in combination with UBSAN yet.
Noticed by code inspection only. I can't actually provoke the
compiler into generating incorrect logic as far as this shift is
concerned.
[
dhansen: add stable@ tag, plus minor changelog massaging,
For anyone doing backports, these #defines were in
arch/x86/include/asm/pgtable.h before 784a46618f6.
]
Fixes: 33a709b25a76 ("mm/gup, x86/mm/pkeys: Check VMAs and PTEs for protection keys")
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Cc: stable@vger.kernel.org
Link: https://lkml.kernel.org/r/20211216000856.4480-1-andrew.cooper3@citrix.com
---
arch/x86/include/asm/pkru.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/x86/include/asm/pkru.h b/arch/x86/include/asm/pkru.h
index 4cd49af..74f0a2d 100644
--- a/arch/x86/include/asm/pkru.h
+++ b/arch/x86/include/asm/pkru.h
@@ -4,8 +4,8 @@
#include <asm/cpufeature.h>
-#define PKRU_AD_BIT 0x1
-#define PKRU_WD_BIT 0x2
+#define PKRU_AD_BIT 0x1u
+#define PKRU_WD_BIT 0x2u
#define PKRU_BITS_PER_PKEY 2
#ifdef CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [tip: x86/urgent] x86/pkey: Fix undefined behaviour with PKRU_WD_BIT
2021-12-16 0:08 [PATCH] x86/pkey: Fix undefined behaviour with PKRU_WD_BIT Andrew Cooper
2021-12-16 17:44 ` [tip: x86/urgent] " tip-bot2 for Andrew Cooper
2021-12-16 20:11 ` tip-bot2 for Andrew Cooper
@ 2021-12-19 13:14 ` tip-bot2 for Andrew Cooper
2021-12-19 21:51 ` tip-bot2 for Andrew Cooper
3 siblings, 0 replies; 5+ messages in thread
From: tip-bot2 for Andrew Cooper @ 2021-12-19 13:14 UTC (permalink / raw)
To: linux-tip-commits; +Cc: Andrew Cooper, Dave Hansen, stable, x86, linux-kernel
The following commit has been merged into the x86/urgent branch of tip:
Commit-ID: aa1701e20a847dba6c406545dcba6a8755fa6406
Gitweb: https://git.kernel.org/tip/aa1701e20a847dba6c406545dcba6a8755fa6406
Author: Andrew Cooper <andrew.cooper3@citrix.com>
AuthorDate: Thu, 16 Dec 2021 00:08:56
Committer: Borislav Petkov <bp@suse.de>
CommitterDate: Sun, 19 Dec 2021 14:09:41 +01:00
x86/pkey: Fix undefined behaviour with PKRU_WD_BIT
Both __pkru_allows_write() and arch_set_user_pkey_access() shift
PKRU_WD_BIT (a signed constant) by up to 30 bits, hitting the
sign bit.
Use unsigned constants instead.
Clearly pkey 15 has not been used in combination with UBSAN yet.
Noticed by code inspection only. I can't actually provoke the
compiler into generating incorrect logic as far as this shift is
concerned.
[
dhansen: add stable@ tag, plus minor changelog massaging,
For anyone doing backports, these #defines were in
arch/x86/include/asm/pgtable.h before 784a46618f6.
]
Fixes: 33a709b25a76 ("mm/gup, x86/mm/pkeys: Check VMAs and PTEs for protection keys")
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Cc: stable@vger.kernel.org
Link: https://lkml.kernel.org/r/20211216000856.4480-1-andrew.cooper3@citrix.com
---
arch/x86/include/asm/pkru.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/x86/include/asm/pkru.h b/arch/x86/include/asm/pkru.h
index 4cd49af..74f0a2d 100644
--- a/arch/x86/include/asm/pkru.h
+++ b/arch/x86/include/asm/pkru.h
@@ -4,8 +4,8 @@
#include <asm/cpufeature.h>
-#define PKRU_AD_BIT 0x1
-#define PKRU_WD_BIT 0x2
+#define PKRU_AD_BIT 0x1u
+#define PKRU_WD_BIT 0x2u
#define PKRU_BITS_PER_PKEY 2
#ifdef CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [tip: x86/urgent] x86/pkey: Fix undefined behaviour with PKRU_WD_BIT
2021-12-16 0:08 [PATCH] x86/pkey: Fix undefined behaviour with PKRU_WD_BIT Andrew Cooper
` (2 preceding siblings ...)
2021-12-19 13:14 ` tip-bot2 for Andrew Cooper
@ 2021-12-19 21:51 ` tip-bot2 for Andrew Cooper
3 siblings, 0 replies; 5+ messages in thread
From: tip-bot2 for Andrew Cooper @ 2021-12-19 21:51 UTC (permalink / raw)
To: linux-tip-commits
Cc: Andrew Cooper, Dave Hansen, Borislav Petkov, stable, x86, linux-kernel
The following commit has been merged into the x86/urgent branch of tip:
Commit-ID: 57690554abe135fee81d6ac33cc94d75a7e224bb
Gitweb: https://git.kernel.org/tip/57690554abe135fee81d6ac33cc94d75a7e224bb
Author: Andrew Cooper <andrew.cooper3@citrix.com>
AuthorDate: Thu, 16 Dec 2021 00:08:56
Committer: Borislav Petkov <bp@suse.de>
CommitterDate: Sun, 19 Dec 2021 22:44:34 +01:00
x86/pkey: Fix undefined behaviour with PKRU_WD_BIT
Both __pkru_allows_write() and arch_set_user_pkey_access() shift
PKRU_WD_BIT (a signed constant) by up to 30 bits, hitting the
sign bit.
Use unsigned constants instead.
Clearly pkey 15 has not been used in combination with UBSAN yet.
Noticed by code inspection only. I can't actually provoke the
compiler into generating incorrect logic as far as this shift is
concerned.
[
dhansen: add stable@ tag, plus minor changelog massaging,
For anyone doing backports, these #defines were in
arch/x86/include/asm/pgtable.h before 784a46618f6.
]
Fixes: 33a709b25a76 ("mm/gup, x86/mm/pkeys: Check VMAs and PTEs for protection keys")
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: stable@vger.kernel.org
Link: https://lkml.kernel.org/r/20211216000856.4480-1-andrew.cooper3@citrix.com
---
arch/x86/include/asm/pkru.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/x86/include/asm/pkru.h b/arch/x86/include/asm/pkru.h
index 4cd49af..74f0a2d 100644
--- a/arch/x86/include/asm/pkru.h
+++ b/arch/x86/include/asm/pkru.h
@@ -4,8 +4,8 @@
#include <asm/cpufeature.h>
-#define PKRU_AD_BIT 0x1
-#define PKRU_WD_BIT 0x2
+#define PKRU_AD_BIT 0x1u
+#define PKRU_WD_BIT 0x2u
#define PKRU_BITS_PER_PKEY 2
#ifdef CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS
^ permalink raw reply related [flat|nested] 5+ messages in thread
end of thread, other threads:[~2021-12-19 21:52 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-12-16 0:08 [PATCH] x86/pkey: Fix undefined behaviour with PKRU_WD_BIT Andrew Cooper
2021-12-16 17:44 ` [tip: x86/urgent] " tip-bot2 for Andrew Cooper
2021-12-16 20:11 ` tip-bot2 for Andrew Cooper
2021-12-19 13:14 ` tip-bot2 for Andrew Cooper
2021-12-19 21:51 ` tip-bot2 for Andrew Cooper
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).