* [PATCH v2] arm64/mm: Sanity check PTE address before runtime P4D/PUD folding
@ 2024-11-05 9:39 Ard Biesheuvel
2024-11-05 13:52 ` Catalin Marinas
0 siblings, 1 reply; 2+ messages in thread
From: Ard Biesheuvel @ 2024-11-05 9:39 UTC (permalink / raw)
To: linux-arm-kernel; +Cc: catalin.marinas, will, Ard Biesheuvel
From: Ard Biesheuvel <ardb@kernel.org>
The runtime P4D/PUD folding logic assumes that the respective pgd_t* and
p4d_t* arguments are pointers into actual page tables that are part of
the hierarchy being operated on.
This may not always be the case, and we have been bitten once by this
already [0], where the argument was actually a stack variable, and in
this case, the logic does not work at all.
So let's add a VM_BUG_ON() for each case, to ensure that the address of
the provided page table entry is consistent with the address being
translated.
[0] https://lore.kernel.org/all/20240725090345.28461-1-will@kernel.org/T/#u
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
v2: drop complicated logic and static inline helper
arch/arm64/include/asm/pgtable.h | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/arch/arm64/include/asm/pgtable.h b/arch/arm64/include/asm/pgtable.h
index dd5dcf7ae056..b76603618716 100644
--- a/arch/arm64/include/asm/pgtable.h
+++ b/arch/arm64/include/asm/pgtable.h
@@ -932,6 +932,9 @@ static inline phys_addr_t p4d_page_paddr(p4d_t p4d)
static inline pud_t *p4d_to_folded_pud(p4d_t *p4dp, unsigned long addr)
{
+ /* Ensure that 'p4dp' indexes a page table according to 'addr' */
+ VM_BUG_ON(((addr >> P4D_SHIFT) ^ ((u64)p4dp >> 3)) % PTRS_PER_P4D);
+
return (pud_t *)PTR_ALIGN_DOWN(p4dp, PAGE_SIZE) + pud_index(addr);
}
@@ -1056,6 +1059,9 @@ static inline phys_addr_t pgd_page_paddr(pgd_t pgd)
static inline p4d_t *pgd_to_folded_p4d(pgd_t *pgdp, unsigned long addr)
{
+ /* Ensure that 'pgdp' indexes a page table according to 'addr' */
+ VM_BUG_ON(((addr >> PGDIR_SHIFT) ^ ((u64)pgdp >> 3)) % PTRS_PER_PGD);
+
return (p4d_t *)PTR_ALIGN_DOWN(pgdp, PAGE_SIZE) + p4d_index(addr);
}
--
2.47.0.199.ga7371fff76-goog
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH v2] arm64/mm: Sanity check PTE address before runtime P4D/PUD folding
2024-11-05 9:39 [PATCH v2] arm64/mm: Sanity check PTE address before runtime P4D/PUD folding Ard Biesheuvel
@ 2024-11-05 13:52 ` Catalin Marinas
0 siblings, 0 replies; 2+ messages in thread
From: Catalin Marinas @ 2024-11-05 13:52 UTC (permalink / raw)
To: linux-arm-kernel, Ard Biesheuvel; +Cc: Will Deacon, Ard Biesheuvel
On Tue, 05 Nov 2024 10:39:20 +0100, Ard Biesheuvel wrote:
> The runtime P4D/PUD folding logic assumes that the respective pgd_t* and
> p4d_t* arguments are pointers into actual page tables that are part of
> the hierarchy being operated on.
>
> This may not always be the case, and we have been bitten once by this
> already [0], where the argument was actually a stack variable, and in
> this case, the logic does not work at all.
>
> [...]
Applied to arm64 (for-next/misc), thanks!
Easier to read now ;).
[1/1] arm64/mm: Sanity check PTE address before runtime P4D/PUD folding
https://git.kernel.org/arm64/c/baec23979719
--
Catalin
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2024-11-05 13:56 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-11-05 9:39 [PATCH v2] arm64/mm: Sanity check PTE address before runtime P4D/PUD folding Ard Biesheuvel
2024-11-05 13:52 ` Catalin Marinas
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).