* [PATCH 1/2] arm64: fixmap: make FIX_TEXT_POKE0 permanent
@ 2015-03-04 13:27 Mark Rutland
2015-03-04 13:27 ` [PATCH 2/2] arm64: fixmap: check idx is definitely valid Mark Rutland
` (2 more replies)
0 siblings, 3 replies; 6+ messages in thread
From: Mark Rutland @ 2015-03-04 13:27 UTC (permalink / raw)
To: linux-arm-kernel
The FIX_TEST_POKE0 is currently at the end of the temporary fixmap
slots, despite the fact that it can be used at any point during runtime
(e.g. for poking the text of loaded modules), and thus should be a
permanent fixmap slot (as is the case on arm and x86).
This patch moves FIX_TEXT_POKE0 into the set of permanent fixmap slots.
Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Laura Abbott <lauraa@codeaurora.org>
Cc: Will Deacon <will.deacon@arm.com>
---
arch/arm64/include/asm/fixmap.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/arm64/include/asm/fixmap.h b/arch/arm64/include/asm/fixmap.h
index defa0ff9..9264956 100644
--- a/arch/arm64/include/asm/fixmap.h
+++ b/arch/arm64/include/asm/fixmap.h
@@ -33,6 +33,7 @@
enum fixed_addresses {
FIX_HOLE,
FIX_EARLYCON_MEM_BASE,
+ FIX_TEXT_POKE0,
__end_of_permanent_fixed_addresses,
/*
@@ -49,7 +50,6 @@ enum fixed_addresses {
FIX_BTMAP_END = __end_of_permanent_fixed_addresses,
FIX_BTMAP_BEGIN = FIX_BTMAP_END + TOTAL_FIX_BTMAPS - 1,
- FIX_TEXT_POKE0,
__end_of_fixed_addresses
};
--
1.9.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH 2/2] arm64: fixmap: check idx is definitely valid
2015-03-04 13:27 [PATCH 1/2] arm64: fixmap: make FIX_TEXT_POKE0 permanent Mark Rutland
@ 2015-03-04 13:27 ` Mark Rutland
2015-03-04 13:33 ` Ard Biesheuvel
2015-03-05 18:48 ` Laura Abbott
2015-03-04 13:33 ` [PATCH 1/2] arm64: fixmap: make FIX_TEXT_POKE0 permanent Ard Biesheuvel
2015-03-05 18:48 ` Laura Abbott
2 siblings, 2 replies; 6+ messages in thread
From: Mark Rutland @ 2015-03-04 13:27 UTC (permalink / raw)
To: linux-arm-kernel
Fixmap indices are in the interval (FIX_HOLE, __end_of_fixed_addresses),
but in __set_fixmap we only check idx <= __end_of_fixed_addresses, and
therefore indices <= FIX_HOLE are erroneously accepted. If called with
such an idx, __set_fixmap may corrupt page tables outside of the fixmap
region.
This patch ensures that we validate the idx against both endpoints of
the interval.
Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Laura Abbott <lauraa@codeaurora.org>
Cc: Will Deacon <will.deacon@arm.com>
---
arch/arm64/mm/mmu.c | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c
index c6daaf6..c9267ac 100644
--- a/arch/arm64/mm/mmu.c
+++ b/arch/arm64/mm/mmu.c
@@ -627,10 +627,7 @@ void __set_fixmap(enum fixed_addresses idx,
unsigned long addr = __fix_to_virt(idx);
pte_t *pte;
- if (idx >= __end_of_fixed_addresses) {
- BUG();
- return;
- }
+ BUG_ON(idx <= FIX_HOLE || idx >= __end_of_fixed_addresses);
pte = fixmap_pte(addr);
--
1.9.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH 1/2] arm64: fixmap: make FIX_TEXT_POKE0 permanent
2015-03-04 13:27 [PATCH 1/2] arm64: fixmap: make FIX_TEXT_POKE0 permanent Mark Rutland
2015-03-04 13:27 ` [PATCH 2/2] arm64: fixmap: check idx is definitely valid Mark Rutland
@ 2015-03-04 13:33 ` Ard Biesheuvel
2015-03-05 18:48 ` Laura Abbott
2 siblings, 0 replies; 6+ messages in thread
From: Ard Biesheuvel @ 2015-03-04 13:33 UTC (permalink / raw)
To: linux-arm-kernel
On 4 March 2015 at 14:27, Mark Rutland <mark.rutland@arm.com> wrote:
> The FIX_TEST_POKE0 is currently at the end of the temporary fixmap
> slots, despite the fact that it can be used at any point during runtime
> (e.g. for poking the text of loaded modules), and thus should be a
> permanent fixmap slot (as is the case on arm and x86).
>
> This patch moves FIX_TEXT_POKE0 into the set of permanent fixmap slots.
>
> Signed-off-by: Mark Rutland <mark.rutland@arm.com>
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Cc: Catalin Marinas <catalin.marinas@arm.com>
> Cc: Kees Cook <keescook@chromium.org>
> Cc: Laura Abbott <lauraa@codeaurora.org>
> Cc: Will Deacon <will.deacon@arm.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
> arch/arm64/include/asm/fixmap.h | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/arch/arm64/include/asm/fixmap.h b/arch/arm64/include/asm/fixmap.h
> index defa0ff9..9264956 100644
> --- a/arch/arm64/include/asm/fixmap.h
> +++ b/arch/arm64/include/asm/fixmap.h
> @@ -33,6 +33,7 @@
> enum fixed_addresses {
> FIX_HOLE,
> FIX_EARLYCON_MEM_BASE,
> + FIX_TEXT_POKE0,
> __end_of_permanent_fixed_addresses,
>
> /*
> @@ -49,7 +50,6 @@ enum fixed_addresses {
>
> FIX_BTMAP_END = __end_of_permanent_fixed_addresses,
> FIX_BTMAP_BEGIN = FIX_BTMAP_END + TOTAL_FIX_BTMAPS - 1,
> - FIX_TEXT_POKE0,
> __end_of_fixed_addresses
> };
>
> --
> 1.9.1
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH 2/2] arm64: fixmap: check idx is definitely valid
2015-03-04 13:27 ` [PATCH 2/2] arm64: fixmap: check idx is definitely valid Mark Rutland
@ 2015-03-04 13:33 ` Ard Biesheuvel
2015-03-05 18:48 ` Laura Abbott
1 sibling, 0 replies; 6+ messages in thread
From: Ard Biesheuvel @ 2015-03-04 13:33 UTC (permalink / raw)
To: linux-arm-kernel
On 4 March 2015 at 14:27, Mark Rutland <mark.rutland@arm.com> wrote:
> Fixmap indices are in the interval (FIX_HOLE, __end_of_fixed_addresses),
> but in __set_fixmap we only check idx <= __end_of_fixed_addresses, and
> therefore indices <= FIX_HOLE are erroneously accepted. If called with
> such an idx, __set_fixmap may corrupt page tables outside of the fixmap
> region.
>
> This patch ensures that we validate the idx against both endpoints of
> the interval.
>
> Signed-off-by: Mark Rutland <mark.rutland@arm.com>
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Cc: Catalin Marinas <catalin.marinas@arm.com>
> Cc: Kees Cook <keescook@chromium.org>
> Cc: Laura Abbott <lauraa@codeaurora.org>
> Cc: Will Deacon <will.deacon@arm.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
> arch/arm64/mm/mmu.c | 5 +----
> 1 file changed, 1 insertion(+), 4 deletions(-)
>
> diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c
> index c6daaf6..c9267ac 100644
> --- a/arch/arm64/mm/mmu.c
> +++ b/arch/arm64/mm/mmu.c
> @@ -627,10 +627,7 @@ void __set_fixmap(enum fixed_addresses idx,
> unsigned long addr = __fix_to_virt(idx);
> pte_t *pte;
>
> - if (idx >= __end_of_fixed_addresses) {
> - BUG();
> - return;
> - }
> + BUG_ON(idx <= FIX_HOLE || idx >= __end_of_fixed_addresses);
>
> pte = fixmap_pte(addr);
>
> --
> 1.9.1
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH 1/2] arm64: fixmap: make FIX_TEXT_POKE0 permanent
2015-03-04 13:27 [PATCH 1/2] arm64: fixmap: make FIX_TEXT_POKE0 permanent Mark Rutland
2015-03-04 13:27 ` [PATCH 2/2] arm64: fixmap: check idx is definitely valid Mark Rutland
2015-03-04 13:33 ` [PATCH 1/2] arm64: fixmap: make FIX_TEXT_POKE0 permanent Ard Biesheuvel
@ 2015-03-05 18:48 ` Laura Abbott
2 siblings, 0 replies; 6+ messages in thread
From: Laura Abbott @ 2015-03-05 18:48 UTC (permalink / raw)
To: linux-arm-kernel
On 3/4/2015 5:27 AM, Mark Rutland wrote:
> The FIX_TEST_POKE0 is currently at the end of the temporary fixmap
> slots, despite the fact that it can be used at any point during runtime
> (e.g. for poking the text of loaded modules), and thus should be a
> permanent fixmap slot (as is the case on arm and x86).
>
> This patch moves FIX_TEXT_POKE0 into the set of permanent fixmap slots.
>
> Signed-off-by: Mark Rutland <mark.rutland@arm.com>
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Cc: Catalin Marinas <catalin.marinas@arm.com>
> Cc: Kees Cook <keescook@chromium.org>
> Cc: Laura Abbott <lauraa@codeaurora.org>
> Cc: Will Deacon <will.deacon@arm.com>
> ---
Acked-by: Laura Abbott <lauraa@codeaurora.org>
> arch/arm64/include/asm/fixmap.h | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/arch/arm64/include/asm/fixmap.h b/arch/arm64/include/asm/fixmap.h
> index defa0ff9..9264956 100644
> --- a/arch/arm64/include/asm/fixmap.h
> +++ b/arch/arm64/include/asm/fixmap.h
> @@ -33,6 +33,7 @@
> enum fixed_addresses {
> FIX_HOLE,
> FIX_EARLYCON_MEM_BASE,
> + FIX_TEXT_POKE0,
> __end_of_permanent_fixed_addresses,
>
> /*
> @@ -49,7 +50,6 @@ enum fixed_addresses {
>
> FIX_BTMAP_END = __end_of_permanent_fixed_addresses,
> FIX_BTMAP_BEGIN = FIX_BTMAP_END + TOTAL_FIX_BTMAPS - 1,
> - FIX_TEXT_POKE0,
> __end_of_fixed_addresses
> };
>
>
--
Qualcomm Innovation Center, Inc.
Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum,
a Linux Foundation Collaborative Project
This e-mail address will be inactive after March 20, 2015
Please contact privately for follow up after that date.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH 2/2] arm64: fixmap: check idx is definitely valid
2015-03-04 13:27 ` [PATCH 2/2] arm64: fixmap: check idx is definitely valid Mark Rutland
2015-03-04 13:33 ` Ard Biesheuvel
@ 2015-03-05 18:48 ` Laura Abbott
1 sibling, 0 replies; 6+ messages in thread
From: Laura Abbott @ 2015-03-05 18:48 UTC (permalink / raw)
To: linux-arm-kernel
On 3/4/2015 5:27 AM, Mark Rutland wrote:
> Fixmap indices are in the interval (FIX_HOLE, __end_of_fixed_addresses),
> but in __set_fixmap we only check idx <= __end_of_fixed_addresses, and
> therefore indices <= FIX_HOLE are erroneously accepted. If called with
> such an idx, __set_fixmap may corrupt page tables outside of the fixmap
> region.
>
> This patch ensures that we validate the idx against both endpoints of
> the interval.
>
> Signed-off-by: Mark Rutland <mark.rutland@arm.com>
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Cc: Catalin Marinas <catalin.marinas@arm.com>
> Cc: Kees Cook <keescook@chromium.org>
> Cc: Laura Abbott <lauraa@codeaurora.org>
> Cc: Will Deacon <will.deacon@arm.com>
Acked-by: Laura Abbott <lauraa@codeaurora.org>
> ---
> arch/arm64/mm/mmu.c | 5 +----
> 1 file changed, 1 insertion(+), 4 deletions(-)
>
> diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c
> index c6daaf6..c9267ac 100644
> --- a/arch/arm64/mm/mmu.c
> +++ b/arch/arm64/mm/mmu.c
> @@ -627,10 +627,7 @@ void __set_fixmap(enum fixed_addresses idx,
> unsigned long addr = __fix_to_virt(idx);
> pte_t *pte;
>
> - if (idx >= __end_of_fixed_addresses) {
> - BUG();
> - return;
> - }
> + BUG_ON(idx <= FIX_HOLE || idx >= __end_of_fixed_addresses);
>
> pte = fixmap_pte(addr);
>
>
--
Qualcomm Innovation Center, Inc.
Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum,
a Linux Foundation Collaborative Project
This e-mail address will be inactive after March 20, 2015
Please contact privately for follow up after that date.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2015-03-05 18:48 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-03-04 13:27 [PATCH 1/2] arm64: fixmap: make FIX_TEXT_POKE0 permanent Mark Rutland
2015-03-04 13:27 ` [PATCH 2/2] arm64: fixmap: check idx is definitely valid Mark Rutland
2015-03-04 13:33 ` Ard Biesheuvel
2015-03-05 18:48 ` Laura Abbott
2015-03-04 13:33 ` [PATCH 1/2] arm64: fixmap: make FIX_TEXT_POKE0 permanent Ard Biesheuvel
2015-03-05 18:48 ` Laura Abbott
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).