[3.12,44/82] x86, smap: smap_violation() is bogus if CONFIG_X86_SMAP is off
diff mbox series

Message ID 20140220235020.791681232@linuxfoundation.org
State New, archived
Headers show
  • 3.12.13-stable review
Related show

Commit Message

Greg Kroah-Hartman Feb. 20, 2014, 11:52 p.m. UTC
3.12-stable review patch.  If anyone has any objections, please let me know.


From: "H. Peter Anvin" <hpa@linux.intel.com>

commit 4640c7ee9b8953237d05a61ea3ea93981d1bc961 upstream.

If CONFIG_X86_SMAP is disabled, smap_violation() tests for conditions
which are incorrect (as the AC flag doesn't matter), causing spurious

The dynamic disabling of SMAP (nosmap on the command line) is fine
because it disables X86_FEATURE_SMAP, therefore causing the
static_cpu_has() to return false.

Found by Fengguang Wu's test system.

[ v3: move all predicates into smap_violation() ]
[ v2: use IS_ENABLED() instead of #ifdef ]

Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Link: http://lkml.kernel.org/r/20140213124550.GA30497@localhost
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

 arch/x86/mm/fault.c |   14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

diff mbox series

--- a/arch/x86/mm/fault.c
+++ b/arch/x86/mm/fault.c
@@ -980,6 +980,12 @@  static int fault_in_kernel_space(unsigne
 static inline bool smap_violation(int error_code, struct pt_regs *regs)
+		return false;
+	if (!static_cpu_has(X86_FEATURE_SMAP))
+		return false;
 	if (error_code & PF_USER)
 		return false;
@@ -1081,11 +1087,9 @@  __do_page_fault(struct pt_regs *regs, un
 	if (unlikely(error_code & PF_RSVD))
 		pgtable_bad(regs, error_code, address);
-	if (static_cpu_has(X86_FEATURE_SMAP)) {
-		if (unlikely(smap_violation(error_code, regs))) {
-			bad_area_nosemaphore(regs, error_code, address);
-			return;
-		}
+	if (unlikely(smap_violation(error_code, regs))) {
+		bad_area_nosemaphore(regs, error_code, address);
+		return;
 	perf_sw_event(PERF_COUNT_SW_PAGE_FAULTS, 1, regs, address);