From: "tip-bot2 for Andrew Cooper" <tip-bot2@linutronix.de>
To: linux-tip-commits@vger.kernel.org
Cc: Andrew Cooper <andrew.cooper3@citrix.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
stable@vger.kernel.org, x86@kernel.org,
linux-kernel@vger.kernel.org
Subject: [tip: x86/urgent] x86/pkey: Fix undefined behaviour with PKRU_WD_BIT
Date: Sun, 19 Dec 2021 13:14:53 -0000 [thread overview]
Message-ID: <163991969397.23020.2147480727226316518.tip-bot2@tip-bot2> (raw)
In-Reply-To: <20211216000856.4480-1-andrew.cooper3@citrix.com>
The following commit has been merged into the x86/urgent branch of tip:
Commit-ID: aa1701e20a847dba6c406545dcba6a8755fa6406
Gitweb: https://git.kernel.org/tip/aa1701e20a847dba6c406545dcba6a8755fa6406
Author: Andrew Cooper <andrew.cooper3@citrix.com>
AuthorDate: Thu, 16 Dec 2021 00:08:56
Committer: Borislav Petkov <bp@suse.de>
CommitterDate: Sun, 19 Dec 2021 14:09:41 +01:00
x86/pkey: Fix undefined behaviour with PKRU_WD_BIT
Both __pkru_allows_write() and arch_set_user_pkey_access() shift
PKRU_WD_BIT (a signed constant) by up to 30 bits, hitting the
sign bit.
Use unsigned constants instead.
Clearly pkey 15 has not been used in combination with UBSAN yet.
Noticed by code inspection only. I can't actually provoke the
compiler into generating incorrect logic as far as this shift is
concerned.
[
dhansen: add stable@ tag, plus minor changelog massaging,
For anyone doing backports, these #defines were in
arch/x86/include/asm/pgtable.h before 784a46618f6.
]
Fixes: 33a709b25a76 ("mm/gup, x86/mm/pkeys: Check VMAs and PTEs for protection keys")
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Cc: stable@vger.kernel.org
Link: https://lkml.kernel.org/r/20211216000856.4480-1-andrew.cooper3@citrix.com
---
arch/x86/include/asm/pkru.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/x86/include/asm/pkru.h b/arch/x86/include/asm/pkru.h
index 4cd49af..74f0a2d 100644
--- a/arch/x86/include/asm/pkru.h
+++ b/arch/x86/include/asm/pkru.h
@@ -4,8 +4,8 @@
#include <asm/cpufeature.h>
-#define PKRU_AD_BIT 0x1
-#define PKRU_WD_BIT 0x2
+#define PKRU_AD_BIT 0x1u
+#define PKRU_WD_BIT 0x2u
#define PKRU_BITS_PER_PKEY 2
#ifdef CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS
next prev parent reply other threads:[~2021-12-19 13:15 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20211216000856.4480-1-andrew.cooper3@citrix.com>
2021-12-16 17:44 ` [tip: x86/urgent] x86/pkey: Fix undefined behaviour with PKRU_WD_BIT tip-bot2 for Andrew Cooper
2021-12-16 20:11 ` tip-bot2 for Andrew Cooper
2021-12-19 13:14 ` tip-bot2 for Andrew Cooper [this message]
2021-12-19 21:51 ` tip-bot2 for Andrew Cooper
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=163991969397.23020.2147480727226316518.tip-bot2@tip-bot2 \
--to=tip-bot2@linutronix.de \
--cc=andrew.cooper3@citrix.com \
--cc=dave.hansen@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-tip-commits@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).