From: Adrian Hunter <adrian.hunter@intel.com>
To: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
Borislav Petkov <bp@alien8.de>,
Andrew Morton <akpm@linux-foundation.org>
Cc: Dave Hansen <dave.hansen@intel.com>,
Vlastimil Babka <vbabka@suse.cz>,
Mike Rapoport <rppt@linux.ibm.com>,
Lorenzo Stoakes <lstoakes@gmail.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
Baoquan He <bhe@redhat.com>, Vivek Goyal <vgoyal@redhat.com>,
Dave Young <dyoung@redhat.com>,
linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
linux-mm@kvack.org, linux-coco@lists.linux.dev,
linux-efi@vger.kernel.org, kexec@lists.infradead.org
Subject: [PATCH 3/3] /dev/mem: Do not map unaccepted memory
Date: Wed, 6 Sep 2023 10:39:02 +0300 [thread overview]
Message-ID: <20230906073902.4229-4-adrian.hunter@intel.com> (raw)
In-Reply-To: <20230906073902.4229-1-adrian.hunter@intel.com>
Support for unaccepted memory was added recently, refer commit
dcdfdd40fa82 ("mm: Add support for unaccepted memory"), whereby
a virtual machine may need to accept memory before it can be used.
Do not map unaccepted memory because it can cause the guest to fail.
For /dev/mem, this means a read of unaccepted memory will return zeros,
a write to unaccepted memory will be ignored, but an mmap of unaccepted
memory will return an error.
Fixes: dcdfdd40fa82 ("mm: Add support for unaccepted memory")
Signed-off-by: Adrian Hunter <adrian.hunter@intel.com>
---
drivers/char/mem.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/drivers/char/mem.c b/drivers/char/mem.c
index 1052b0f2d4cf..1a7c5728783c 100644
--- a/drivers/char/mem.c
+++ b/drivers/char/mem.c
@@ -147,7 +147,8 @@ static ssize_t read_mem(struct file *file, char __user *buf,
goto failed;
err = -EFAULT;
- if (allowed == 2) {
+ if (allowed == 2 ||
+ range_contains_unaccepted_memory(p, p + sz)) {
/* Show zeros for restricted memory. */
remaining = clear_user(buf, sz);
} else {
@@ -226,7 +227,8 @@ static ssize_t write_mem(struct file *file, const char __user *buf,
return -EPERM;
/* Skip actual writing when a page is marked as restricted. */
- if (allowed == 1) {
+ if (allowed == 1 &&
+ !range_contains_unaccepted_memory(p, p + sz)) {
/*
* On ia64 if a page has been mapped somewhere as
* uncached, then it must also be accessed uncached
@@ -378,6 +380,9 @@ static int mmap_mem(struct file *file, struct vm_area_struct *vma)
&vma->vm_page_prot))
return -EINVAL;
+ if (range_contains_unaccepted_memory(offset, offset + size))
+ return -EINVAL;
+
vma->vm_page_prot = phys_mem_access_prot(file, vma->vm_pgoff,
size,
vma->vm_page_prot);
--
2.34.1
WARNING: multiple messages have this Message-ID (diff)
From: Adrian Hunter <adrian.hunter@intel.com>
To: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
Borislav Petkov <bp@alien8.de>,
Andrew Morton <akpm@linux-foundation.org>
Cc: Dave Hansen <dave.hansen@intel.com>,
Vlastimil Babka <vbabka@suse.cz>,
Mike Rapoport <rppt@linux.ibm.com>,
Lorenzo Stoakes <lstoakes@gmail.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
Baoquan He <bhe@redhat.com>, Vivek Goyal <vgoyal@redhat.com>,
Dave Young <dyoung@redhat.com>,
linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
linux-mm@kvack.org, linux-coco@lists.linux.dev,
linux-efi@vger.kernel.org, kexec@lists.infradead.org
Subject: [PATCH 3/3] /dev/mem: Do not map unaccepted memory
Date: Wed, 6 Sep 2023 10:39:02 +0300 [thread overview]
Message-ID: <20230906073902.4229-4-adrian.hunter@intel.com> (raw)
In-Reply-To: <20230906073902.4229-1-adrian.hunter@intel.com>
Support for unaccepted memory was added recently, refer commit
dcdfdd40fa82 ("mm: Add support for unaccepted memory"), whereby
a virtual machine may need to accept memory before it can be used.
Do not map unaccepted memory because it can cause the guest to fail.
For /dev/mem, this means a read of unaccepted memory will return zeros,
a write to unaccepted memory will be ignored, but an mmap of unaccepted
memory will return an error.
Fixes: dcdfdd40fa82 ("mm: Add support for unaccepted memory")
Signed-off-by: Adrian Hunter <adrian.hunter@intel.com>
---
drivers/char/mem.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/drivers/char/mem.c b/drivers/char/mem.c
index 1052b0f2d4cf..1a7c5728783c 100644
--- a/drivers/char/mem.c
+++ b/drivers/char/mem.c
@@ -147,7 +147,8 @@ static ssize_t read_mem(struct file *file, char __user *buf,
goto failed;
err = -EFAULT;
- if (allowed == 2) {
+ if (allowed == 2 ||
+ range_contains_unaccepted_memory(p, p + sz)) {
/* Show zeros for restricted memory. */
remaining = clear_user(buf, sz);
} else {
@@ -226,7 +227,8 @@ static ssize_t write_mem(struct file *file, const char __user *buf,
return -EPERM;
/* Skip actual writing when a page is marked as restricted. */
- if (allowed == 1) {
+ if (allowed == 1 &&
+ !range_contains_unaccepted_memory(p, p + sz)) {
/*
* On ia64 if a page has been mapped somewhere as
* uncached, then it must also be accessed uncached
@@ -378,6 +380,9 @@ static int mmap_mem(struct file *file, struct vm_area_struct *vma)
&vma->vm_page_prot))
return -EINVAL;
+ if (range_contains_unaccepted_memory(offset, offset + size))
+ return -EINVAL;
+
vma->vm_page_prot = phys_mem_access_prot(file, vma->vm_pgoff,
size,
vma->vm_page_prot);
--
2.34.1
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
next prev parent reply other threads:[~2023-09-06 7:39 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-06 7:38 [PATCH 0/3] Do not map unaccepted memory Adrian Hunter
2023-09-06 7:38 ` Adrian Hunter
2023-09-06 7:39 ` [PATCH 1/3] proc/vmcore: " Adrian Hunter
2023-09-06 7:39 ` Adrian Hunter
2023-09-07 15:39 ` Dave Hansen
2023-09-07 15:39 ` Dave Hansen
2023-09-07 15:44 ` Adrian Hunter
2023-09-07 15:44 ` Adrian Hunter
2023-09-07 15:51 ` Dave Hansen
2023-09-07 15:51 ` Dave Hansen
2023-09-11 8:03 ` David Hildenbrand
2023-09-11 8:03 ` David Hildenbrand
2023-09-11 8:41 ` Kirill A. Shutemov
2023-09-11 8:41 ` Kirill A. Shutemov
2023-09-11 8:42 ` David Hildenbrand
2023-09-11 8:42 ` David Hildenbrand
2023-09-11 9:27 ` Kirill A. Shutemov
2023-09-11 9:27 ` Kirill A. Shutemov
2023-09-11 9:50 ` David Hildenbrand
2023-09-11 9:50 ` David Hildenbrand
2023-09-11 10:05 ` Kirill A. Shutemov
2023-09-11 10:05 ` Kirill A. Shutemov
2023-09-11 14:33 ` David Hildenbrand
2023-09-11 14:33 ` David Hildenbrand
2023-09-06 7:39 ` [PATCH 2/3] proc/kcore: " Adrian Hunter
2023-09-06 7:39 ` Adrian Hunter
2023-09-07 15:36 ` Dave Hansen
2023-09-07 15:36 ` Dave Hansen
2023-09-07 15:43 ` Dave Hansen
2023-09-07 15:43 ` Dave Hansen
2023-09-06 7:39 ` Adrian Hunter [this message]
2023-09-06 7:39 ` [PATCH 3/3] /dev/mem: " Adrian Hunter
2023-09-07 10:06 ` Kirill A. Shutemov
2023-09-07 10:06 ` Kirill A. Shutemov
2023-09-07 14:15 ` Dave Hansen
2023-09-07 14:15 ` Dave Hansen
2023-09-07 14:25 ` Kirill A. Shutemov
2023-09-07 14:25 ` Kirill A. Shutemov
2023-09-07 14:46 ` Dave Hansen
2023-09-07 14:46 ` Dave Hansen
2023-09-07 15:04 ` Dave Hansen
2023-09-07 15:04 ` Dave Hansen
2023-09-11 8:09 ` David Hildenbrand
2023-09-11 8:09 ` David Hildenbrand
2023-09-11 14:32 ` Dave Hansen
2023-09-11 14:32 ` Dave Hansen
2023-09-07 10:07 ` [PATCH 0/3] " Kirill A. Shutemov
2023-09-07 10:07 ` Kirill A. Shutemov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230906073902.4229-4-adrian.hunter@intel.com \
--to=adrian.hunter@intel.com \
--cc=akpm@linux-foundation.org \
--cc=bhe@redhat.com \
--cc=bp@alien8.de \
--cc=dave.hansen@intel.com \
--cc=dyoung@redhat.com \
--cc=kexec@lists.infradead.org \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-coco@lists.linux.dev \
--cc=linux-efi@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=lstoakes@gmail.com \
--cc=rppt@linux.ibm.com \
--cc=thomas.lendacky@amd.com \
--cc=vbabka@suse.cz \
--cc=vgoyal@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.