From: ebiederm@xmission.com (Eric W. Biederman)
To: Jiri Slaby <jirislaby@gmail.com>
Cc: mingo@redhat.com, tglx@linutronix.de, hpa@zytor.com,
x86@kernel.org, linux-kernel@vger.kernel.org,
Vivek Goyal <vgoyal@redhat.com>,
Simon Horman <horms@verge.net.au>,
Paul Mundt <lethal@linux-sh.org>, Ingo Molnar <mingo@elte.hu>
Subject: Re: [PATCH v2 1/1] crash_dump: fix non-pae kdump kernel memory accesses
Date: Mon, 26 Oct 2009 13:40:53 -0700 [thread overview]
Message-ID: <m1fx95lwh6.fsf@fess.ebiederm.org> (raw)
In-Reply-To: <1256551903-30567-1-git-send-email-jirislaby@gmail.com> (Jiri Slaby's message of "Mon\, 26 Oct 2009 11\:11\:43 +0100")
Jiri Slaby <jirislaby@gmail.com> writes:
> Non-PAE 32-bit dump kernels may wrap an address around 4G and
> poke unwanted space. ptes there are 32-bit long, and since
> pfn << PAGE_SIZE may exceed this limit, high pfn bits are cropped
> and wrong address mapped by kmap_atomic_pfn in copy_oldmem_page.
>
> Don't allow this behavior in non-PAE kdump kernels by checking
> pfns passed into copy_oldmem_page. In the case of failure,
> userspace process gets EFAULT.
Acked-by: "Eric W. Biederman" <ebiederm@xmission.com>
Looks good to me.
> [v2]
> - fix comments
> - move ifdefs inside the function
>
> Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
> Cc: Vivek Goyal <vgoyal@redhat.com>
> Cc: "Eric W. Biederman" <ebiederm@xmission.com>
> Cc: Simon Horman <horms@verge.net.au>
> Cc: Paul Mundt <lethal@linux-sh.org>
> Cc: Ingo Molnar <mingo@elte.hu>
> ---
> arch/x86/kernel/crash_dump_32.c | 19 +++++++++++++++++++
> 1 files changed, 19 insertions(+), 0 deletions(-)
>
> diff --git a/arch/x86/kernel/crash_dump_32.c b/arch/x86/kernel/crash_dump_32.c
> index f7cdb3b..cd97ce1 100644
> --- a/arch/x86/kernel/crash_dump_32.c
> +++ b/arch/x86/kernel/crash_dump_32.c
> @@ -16,6 +16,22 @@ static void *kdump_buf_page;
> /* Stores the physical address of elf header of crash image. */
> unsigned long long elfcorehdr_addr = ELFCORE_ADDR_MAX;
>
> +static inline bool is_crashed_pfn_valid(unsigned long pfn)
> +{
> +#ifndef CONFIG_X86_PAE
> + /*
> + * non-PAE kdump kernel executed from a PAE one will crop high pte
> + * bits and poke unwanted space counting again from address 0, we
> + * don't want that. pte must fit into unsigned long. In fact the
> + * test checks high 12 bits for being zero (pfn will be shifted left
> + * by PAGE_SHIFT).
> + */
> + return pte_pfn(pfn_pte(pfn, __pgprot(0))) == pfn;
> +#else
> + return true;
> +#endif
> +}
> +
> /**
> * copy_oldmem_page - copy one page from "oldmem"
> * @pfn: page frame number to be copied
> @@ -41,6 +57,9 @@ ssize_t copy_oldmem_page(unsigned long pfn, char *buf,
> if (!csize)
> return 0;
>
> + if (!is_crashed_pfn_valid(pfn))
> + return -EFAULT;
> +
> vaddr = kmap_atomic_pfn(pfn, KM_PTE0);
>
> if (!userbuf) {
> --
> 1.6.4.2
next prev parent reply other threads:[~2009-10-26 20:41 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-10-23 15:45 [PATCH 1/1] crash_dump: fix non-pae kdump kernel memory accesses Jiri Slaby
2009-10-25 16:20 ` Ingo Molnar
2009-10-26 10:11 ` [PATCH v2 " Jiri Slaby
2009-10-26 15:24 ` [tip:x86/urgent] x86: crash_dump: Fix " tip-bot for Jiri Slaby
2009-10-26 20:40 ` Eric W. Biederman [this message]
2009-10-27 13:17 ` [PATCH v2 1/1] crash_dump: fix " Vivek Goyal
2009-10-26 10:12 ` [PATCH " Jiri Slaby
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m1fx95lwh6.fsf@fess.ebiederm.org \
--to=ebiederm@xmission.com \
--cc=horms@verge.net.au \
--cc=hpa@zytor.com \
--cc=jirislaby@gmail.com \
--cc=lethal@linux-sh.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=mingo@redhat.com \
--cc=tglx@linutronix.de \
--cc=vgoyal@redhat.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.