From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Will Deacon <will@kernel.org>,
Catalin Marinas <catalin.marinas@arm.com>,
Mark Rutland <mark.rutland@arm.com>,
Vincenzo Frascino <vincenzo.frascino@arm.com>
Subject: [PATCH 5.10 13/57] arm64: Fix kernel address detection of __is_lm_address()
Date: Fri, 5 Feb 2021 15:06:39 +0100 [thread overview]
Message-ID: <20210205140656.544438617@linuxfoundation.org> (raw)
In-Reply-To: <20210205140655.982616732@linuxfoundation.org>
From: Vincenzo Frascino <vincenzo.frascino@arm.com>
commit 519ea6f1c82fcdc9842908155ae379de47818778 upstream.
Currently, the __is_lm_address() check just masks out the top 12 bits
of the address, but if they are 0, it still yields a true result.
This has as a side effect that virt_addr_valid() returns true even for
invalid virtual addresses (e.g. 0x0).
Fix the detection checking that it's actually a kernel address starting
at PAGE_OFFSET.
Fixes: 68dd8ef32162 ("arm64: memory: Fix virt_addr_valid() using __is_lm_address()")
Cc: <stable@vger.kernel.org> # 5.4.x
Cc: Will Deacon <will@kernel.org>
Suggested-by: Catalin Marinas <catalin.marinas@arm.com>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Acked-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Vincenzo Frascino <vincenzo.frascino@arm.com>
Link: https://lore.kernel.org/r/20210126134056.45747-1-vincenzo.frascino@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
arch/arm64/include/asm/memory.h | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
--- a/arch/arm64/include/asm/memory.h
+++ b/arch/arm64/include/asm/memory.h
@@ -238,11 +238,11 @@ static inline const void *__tag_set(cons
/*
- * The linear kernel range starts at the bottom of the virtual address
- * space. Testing the top bit for the start of the region is a
- * sufficient check and avoids having to worry about the tag.
+ * Check whether an arbitrary address is within the linear map, which
+ * lives in the [PAGE_OFFSET, PAGE_END) interval at the bottom of the
+ * kernel's TTBR1 address range.
*/
-#define __is_lm_address(addr) (!(((u64)addr) & BIT(vabits_actual - 1)))
+#define __is_lm_address(addr) (((u64)(addr) ^ PAGE_OFFSET) < (PAGE_END - PAGE_OFFSET))
#define __lm_to_phys(addr) (((addr) & ~PAGE_OFFSET) + PHYS_OFFSET)
#define __kimg_to_phys(addr) ((addr) - kimage_voffset)
next prev parent reply other threads:[~2021-02-05 21:25 UTC|newest]
Thread overview: 71+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-05 14:06 [PATCH 5.10 00/57] 5.10.14-rc1 review Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 01/57] net: dsa: microchip: Adjust reset release timing to match reference reset circuit Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 02/57] net: stmmac: dwmac-intel-plat: remove config data on error Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 03/57] net: fec: put child node on error path Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 04/57] net: octeontx2: Make sure the buffer is 128 byte aligned Greg Kroah-Hartman
2021-02-07 9:20 ` Pavel Machek
2021-02-07 10:39 ` Kevin Hao
2021-02-05 14:06 ` [PATCH 5.10 05/57] stmmac: intel: Configure EHL PSE0 GbE and PSE1 GbE to 32 bits DMA addressing Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 06/57] mlxsw: spectrum_span: Do not overwrite policer configuration Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 07/57] net: dsa: bcm_sf2: put device node before return Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 08/57] net: switchdev: dont set port_obj_info->handled true when -EOPNOTSUPP Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 09/57] ibmvnic: Ensure that CRQ entry read are correctly ordered Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 10/57] iommu/io-pgtable-arm: Support coherency for Mali LPAE Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 11/57] drm/panfrost: Support cache-coherent integrations Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 12/57] arm64: dts: meson: Describe G12b GPU as coherent Greg Kroah-Hartman
2021-02-05 14:06 ` Greg Kroah-Hartman [this message]
2021-02-05 14:06 ` [PATCH 5.10 14/57] arm64: Do not pass tagged addresses to __is_lm_address() Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 15/57] Revert "x86/setup: dont remove E820_TYPE_RAM for pfn 0" Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 16/57] ARM: 9025/1: Kconfig: CPU_BIG_ENDIAN depends on !LD_IS_LLD Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 17/57] iommu/vt-d: Do not use flush-queue when caching-mode is on Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 18/57] phy: cpcap-usb: Fix warning for missing regulator_disable Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 19/57] tools/power/x86/intel-speed-select: Set scaling_max_freq to base_frequency Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 20/57] tools/power/x86/intel-speed-select: Set higher of cpuinfo_max_freq or base_frequency Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 21/57] platform/x86: touchscreen_dmi: Add swap-x-y quirk for Goodix touchscreen on Estar Beauty HD tablet Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 22/57] platform/x86: intel-vbtn: Support for tablet mode on Dell Inspiron 7352 Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 23/57] habanalabs: fix dma_addr passed to dma_mmap_coherent Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 24/57] locking/lockdep: Avoid noinstr warning for DEBUG_LOCKDEP Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 25/57] x86: __always_inline __{rd,wr}msr() Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 26/57] scsi: scsi_transport_srp: Dont block target in failfast state Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 27/57] scsi: libfc: Avoid invoking response handler twice if ep is already completed Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 28/57] scsi: fnic: Fix memleak in vnic_dev_init_devcmd2 Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 29/57] ASoC: SOF: Intel: hda: Resume codec to do jack detection Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 30/57] ALSA: hda: Add AlderLake-P PCI ID and HDMI codec vid Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 31/57] objtool: Dont add empty symbols to the rbtree Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 32/57] mac80211: fix incorrect strlen of .write in debugfs Greg Kroah-Hartman
2021-02-05 14:06 ` [PATCH 5.10 33/57] mac80211: fix fast-rx encryption check Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.10 34/57] mac80211: fix encryption key selection for 802.3 xmit Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.10 35/57] scsi: ibmvfc: Set default timeout to avoid crash during migration Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.10 36/57] ALSA: hda: Add Cometlake-R PCI ID Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.10 37/57] i2c: tegra: Create i2c_writesl_vi() to use with VI I2C for filling TX FIFO Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.10 38/57] udf: fix the problem that the disc content is not displayed Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.10 39/57] nvme: check the PRINFO bit before deciding the host buffer length Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.10 40/57] nvme-rdma: avoid request double completion for concurrent nvme_rdma_timeout Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.10 41/57] nvme-tcp: avoid request double completion for concurrent nvme_tcp_timeout Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.10 42/57] nvme-pci: allow use of cmb on v1.4 controllers Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.10 43/57] nvmet: set right status on error in id-ns handler Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.10 44/57] platform/x86: thinkpad_acpi: Add P53/73 firmware to fan_quirk_table for dual fan control Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.10 45/57] selftests/powerpc: Only test lwm/stmw on big endian Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.10 46/57] drm/amd/display: Update dram_clock_change_latency for DCN2.1 Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.10 47/57] drm/amd/display: Allow PSTATE chnage when no displays are enabled Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.10 48/57] drm/amd/display: Change function decide_dp_link_settings to avoid infinite looping Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.10 49/57] drm/amd/display: Use hardware sequencer functions for PG control Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.10 50/57] drm/amd/display: Fixed corruptions on HPDRX link loss restore Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.10 51/57] habanalabs: zero pci counters packet before submit to FW Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.10 52/57] habanalabs: fix backward compatibility of idle check Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.10 53/57] habanalabs: disable FW events on device removal Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.10 54/57] objtool: Dont fail the kernel build on fatal errors Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.10 55/57] x86/cpu: Add another Alder Lake CPU to the Intel family Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.10 56/57] kthread: Extract KTHREAD_IS_PER_CPU Greg Kroah-Hartman
2021-02-05 14:07 ` [PATCH 5.10 57/57] workqueue: Restrict affinity change to rescuer Greg Kroah-Hartman
2021-02-05 23:04 ` [PATCH 5.10 00/57] 5.10.14-rc1 review Igor
2021-02-05 23:11 ` Pavel Machek
2021-02-08 12:39 ` Greg Kroah-Hartman
2021-02-06 14:16 ` Naresh Kamboju
2021-02-06 16:02 ` Guenter Roeck
2021-02-08 12:39 ` Greg Kroah-Hartman
2021-02-06 18:22 ` Jean-Denis Girard
2021-02-06 18:22 ` Jean-Denis Girard
2021-02-06 18:22 ` Jean-Denis Girard
2021-02-07 13:26 ` Jon Hunter
2021-02-08 12:39 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210205140656.544438617@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=catalin.marinas@arm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=stable@vger.kernel.org \
--cc=vincenzo.frascino@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.