From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.6 required=3.0 tests=DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_PASS,T_DKIM_INVALID, URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 231E3C5CFE7 for ; Wed, 11 Jul 2018 11:31:46 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id BCCF6208FA for ; Wed, 11 Jul 2018 11:31:45 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (2048-bit key) header.d=8bytes.org header.i=@8bytes.org header.b="YJPK2dVi" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org BCCF6208FA Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=8bytes.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1733009AbeGKLeK (ORCPT ); Wed, 11 Jul 2018 07:34:10 -0400 Received: from 8bytes.org ([81.169.241.247]:37844 "EHLO theia.8bytes.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732981AbeGKLeJ (ORCPT ); Wed, 11 Jul 2018 07:34:09 -0400 Received: by theia.8bytes.org (Postfix, from userid 1000) id CFA61AF1; Wed, 11 Jul 2018 13:30:04 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=8bytes.org; s=mail-1; t=1531308605; bh=ZUviePOIgsE5gr4utevp7AAlceBk2UMlvJXiUAzZDAo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=YJPK2dVikT1QTf11eAOH6cpGO/plvjWVTnhAhHQRXXRmN8fic3Xm3fxwOSuiCTKUV kIrW0RN8Uktoee7yFRs6qi8LRYOi3Ropmi4Nc45NzBaYPugye9wv6qk7vZ8mhYW2qC Uw0Zmm3G58VBApBlM6yTZduxMKepwhNBj5aMkaT4+2z/Q8c07V3SHaQV8Ip4oOQABd N+vlAksWg/ok5Fnw/rkAUgMkKzMzAsXp3+puj8KkJ4Fv0RweVvSxJKSO9qxrrIrXBZ jDa1tyZQTdJMdu1VfduC83myP5G1/ys0sl4A0ZSqEZ+NDT3Zesfv1XmGe0B9MFoqj1 h7FTpxh3pP4pQ== From: Joerg Roedel To: Thomas Gleixner , Ingo Molnar , "H . Peter Anvin" Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, Linus Torvalds , Andy Lutomirski , Dave Hansen , Josh Poimboeuf , Juergen Gross , Peter Zijlstra , Borislav Petkov , Jiri Kosina , Boris Ostrovsky , Brian Gerst , David Laight , Denys Vlasenko , Eduardo Valentin , Greg KH , Will Deacon , aliguori@amazon.com, daniel.gruss@iaik.tugraz.at, hughd@google.com, keescook@google.com, Andrea Arcangeli , Waiman Long , Pavel Machek , "David H . Gutteridge" , jroedel@suse.de, joro@8bytes.org Subject: [PATCH 24/39] x86/mm/pti: Add an overflow check to pti_clone_pmds() Date: Wed, 11 Jul 2018 13:29:31 +0200 Message-Id: <1531308586-29340-25-git-send-email-joro@8bytes.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1531308586-29340-1-git-send-email-joro@8bytes.org> References: <1531308586-29340-1-git-send-email-joro@8bytes.org> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Joerg Roedel The addr counter will overflow if we clone the last PMD of the address space, resulting in an endless loop. Check for that and bail out of the loop when it happens. Signed-off-by: Joerg Roedel --- arch/x86/mm/pti.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/x86/mm/pti.c b/arch/x86/mm/pti.c index f512222..dc02fd4 100644 --- a/arch/x86/mm/pti.c +++ b/arch/x86/mm/pti.c @@ -297,6 +297,10 @@ pti_clone_pmds(unsigned long start, unsigned long end, pmdval_t clear) p4d_t *p4d; pud_t *pud; + /* Overflow check */ + if (addr < start) + break; + pgd = pgd_offset_k(addr); if (WARN_ON(pgd_none(*pgd))) return; -- 2.7.4