From: Ben Hutchings <ben@decadent.org.uk>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: akpm@linux-foundation.org, "Will Deacon" <will.deacon@arm.com>,
"Russell King" <rmk+kernel@arm.linux.org.uk>
Subject: [PATCH 3.2 24/94] ARM: mm: introduce present, faulting entries for PAGE_NONE
Date: Mon, 28 Apr 2014 02:11:21 +0100 [thread overview]
Message-ID: <lsq.1398647481.924226157@decadent.org.uk> (raw)
In-Reply-To: <lsq.1398647481.453080089@decadent.org.uk>
3.2.58-rc1 review patch. If anyone has any objections, please let me know.
------------------
From: Will Deacon <will.deacon@arm.com>
commit 26ffd0d43b186b0d5186354da8714a1c2d360df0 upstream.
PROT_NONE mappings apply the page protection attributes defined by _P000
which translate to PAGE_NONE for ARM. These attributes specify an XN,
RDONLY pte that is inaccessible to userspace. However, on kernels
configured without support for domains, such a pte *is* accessible to
the kernel and can be read via get_user, allowing tasks to read
PROT_NONE pages via syscalls such as read/write over a pipe.
This patch introduces a new software pte flag, L_PTE_NONE, that is set
to identify faulting, present entries.
Signed-off-by: Will Deacon <will.deacon@arm.com>
[bwh: Backported to 3.2 as dependency of commit b6ccb9803e90
('ARM: 7954/1: mm: remove remaining domain support from ARMv6'):
- Drop 3-level changes
- Adjust filename, context]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
---
--- a/arch/arm/include/asm/pgtable-2level.h
+++ b/arch/arm/include/asm/pgtable-2level.h
@@ -123,6 +123,7 @@
#define L_PTE_USER (_AT(pteval_t, 1) << 8)
#define L_PTE_XN (_AT(pteval_t, 1) << 9)
#define L_PTE_SHARED (_AT(pteval_t, 1) << 10) /* shared(v6), coherent(xsc3) */
+#define L_PTE_NONE (_AT(pteval_t, 1) << 11)
/*
* These are the memory types, defined to be compatible with
--- a/arch/arm/include/asm/pgtable.h
+++ b/arch/arm/include/asm/pgtable.h
@@ -74,7 +74,7 @@ extern pgprot_t pgprot_kernel;
#define _MOD_PROT(p, b) __pgprot(pgprot_val(p) | (b))
-#define PAGE_NONE _MOD_PROT(pgprot_user, L_PTE_XN | L_PTE_RDONLY)
+#define PAGE_NONE _MOD_PROT(pgprot_user, L_PTE_XN | L_PTE_RDONLY | L_PTE_NONE)
#define PAGE_SHARED _MOD_PROT(pgprot_user, L_PTE_USER | L_PTE_XN)
#define PAGE_SHARED_EXEC _MOD_PROT(pgprot_user, L_PTE_USER)
#define PAGE_COPY _MOD_PROT(pgprot_user, L_PTE_USER | L_PTE_RDONLY | L_PTE_XN)
@@ -84,7 +84,7 @@ extern pgprot_t pgprot_kernel;
#define PAGE_KERNEL _MOD_PROT(pgprot_kernel, L_PTE_XN)
#define PAGE_KERNEL_EXEC pgprot_kernel
-#define __PAGE_NONE __pgprot(_L_PTE_DEFAULT | L_PTE_RDONLY | L_PTE_XN)
+#define __PAGE_NONE __pgprot(_L_PTE_DEFAULT | L_PTE_RDONLY | L_PTE_XN | L_PTE_NONE)
#define __PAGE_SHARED __pgprot(_L_PTE_DEFAULT | L_PTE_USER | L_PTE_XN)
#define __PAGE_SHARED_EXEC __pgprot(_L_PTE_DEFAULT | L_PTE_USER)
#define __PAGE_COPY __pgprot(_L_PTE_DEFAULT | L_PTE_USER | L_PTE_RDONLY | L_PTE_XN)
@@ -279,7 +279,7 @@ static inline pte_t pte_mkspecial(pte_t
static inline pte_t pte_modify(pte_t pte, pgprot_t newprot)
{
- const pteval_t mask = L_PTE_XN | L_PTE_RDONLY | L_PTE_USER;
+ const pteval_t mask = L_PTE_XN | L_PTE_RDONLY | L_PTE_USER | L_PTE_NONE;
pte_val(pte) = (pte_val(pte) & ~mask) | (pgprot_val(newprot) & mask);
return pte;
}
--- a/arch/arm/mm/proc-macros.S
+++ b/arch/arm/mm/proc-macros.S
@@ -166,6 +166,10 @@
tst r1, #L_PTE_YOUNG
tstne r1, #L_PTE_PRESENT
moveq r3, #0
+#ifndef CONFIG_CPU_USE_DOMAINS
+ tstne r1, #L_PTE_NONE
+ movne r3, #0
+#endif
str r3, [r0]
mcr p15, 0, r0, c7, c10, 1 @ flush_pte
--- a/arch/arm/mm/proc-v7.S
+++ b/arch/arm/mm/proc-v7.S
@@ -171,6 +171,10 @@ ENTRY(cpu_v7_set_pte_ext)
tst r1, #L_PTE_YOUNG
tstne r1, #L_PTE_PRESENT
+#ifndef CONFIG_CPU_USE_DOMAINS
+ eorne r1, r1, #L_PTE_NONE
+ tstne r1, #L_PTE_NONE
+#endif
moveq r3, #0
ARM( str r3, [r0, #2048]! )
next prev parent reply other threads:[~2014-04-28 1:11 UTC|newest]
Thread overview: 98+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-04-28 1:11 [PATCH 3.2 00/94] 3.2.58-rc1 review Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 12/94] netlink: don't compare the nul-termination in nla_strcmp Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 05/94] net: socket: error on a negative msg_namelen Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 23/94] w1: fix w1_send_slave dropping a slave id Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 20/94] ipv6: don't set DST_NOCOUNT for remotely added routes Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 11/94] ipv6: some ipv6 statistic counters failed to disable bh Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 25/94] ARM: 7954/1: mm: remove remaining domain support from ARMv6 Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 09/94] vhost: validate vhost_get_vq_desc return value Ben Hutchings
2014-04-28 1:11 ` Ben Hutchings [this message]
2014-04-28 1:11 ` [PATCH 3.2 17/94] Revert "sparc64: Fix __copy_{to,from}_user_inatomic defines." Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 21/94] drm/i915: inverted brightness quirk for Acer Aspire 4736Z Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 14/94] isdnloop: several buffer overflows Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 16/94] sparc: PCI: Fix incorrect address calculation of PCI Bridge windows on Simba-bridges Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 01/94] net: sctp: fix skb leakage in COOKIE ECHO path of chunk->auth_chunk Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 04/94] vlan: Set correct source MAC address with TX VLAN offload enabled Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 06/94] ipv6: Avoid unnecessary temporary addresses being generated Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 10/94] xen-netback: remove pointless clause from if statement Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 15/94] rds: prevent dereference of a NULL device in rds_iw_laddr_check Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 18/94] sparc32: fix build failure for arch_jump_label_transform Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 07/94] ipv6: ip6_append_data_mtu do not handle the mtu of the second fragment properly Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 02/94] bridge: multicast: add sanity check for query source addresses Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 22/94] drm/i915: quirk invert brightness for Acer Aspire 5336 Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 08/94] vhost: fix total length when packets are too short Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 27/94] framebuffer: fix cfb_copyarea Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 03/94] net: unix: non blocking recvmsg() should not return -EINTR Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 13/94] isdnloop: Validate NUL-terminated strings from user Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 19/94] sparc64: don't treat 64-bit syscall return codes as 32-bit Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 26/94] matroxfb: restore the registers M_ACCESS and M_PITCH Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 87/94] target/tcm_fc: Fix use-after-free of ft_tpg Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 30/94] tgafb: fix data copying Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 92/94] powernow-k6: correctly initialize default parameters Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 66/94] dm thin: fix dangling bio in process_deferred_bios error path Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 40/94] Btrfs: skip submitting barrier for missing device Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 72/94] reiserfs: fix race in readdir Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 68/94] MIPS: Hibernate: Flush TLB entries in swsusp_arch_resume() Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 67/94] nfsd4: fix setclientid encode size Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 58/94] Btrfs: fix deadlock with nested trans handles Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 56/94] pid: get pid_t ppid of task in init_pid_ns Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 88/94] drivers: hv: additional switch to use mb() instead of smp_mb() Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 78/94] ocfs2: do not put bh when buffer_uptodate failed Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 57/94] audit: convert PPIDs to the inital PID namespace Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 60/94] x86, hyperv: Bypass the timer_irq_works() check Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 39/94] staging:serqt_usb2: Fix sparse warning restricted __le16 degrades to integer Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 41/94] jffs2: remove from wait queue after schedule() Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 35/94] [media] uvcvideo: Do not use usb_set_interface on bulk EP Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 55/94] mfd: 88pm860x: Fix possible NULL pointer dereference on i2c_new_dummy error Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 77/94] ocfs2: dlm: fix recovery hung Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 31/94] hvc: ensure hvc_init is only ever called once in hvc_console.c Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 48/94] ath9k: fix ready time of the multicast buffer queue Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 63/94] nfsd: Add fh_{want,drop}_write() Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 69/94] ALSA: hda - Enable beep for ASUS 1015E Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 51/94] mfd: Include all drivers in subsystem menu Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 32/94] usb: dwc3: fix wrong bit mask in dwc3_event_devt Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 59/94] gpio: mxs: Allow for recursive enable_irq_wake() call Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 42/94] jffs2: avoid soft-lockup in jffs2_reserve_space_gc() Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 89/94] Char: ipmi_bt_sm, fix infinite loop Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 82/94] wait: fix reparent_leader() vs EXIT_DEAD->EXIT_ZOMBIE race Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 76/94] ocfs2: dlm: fix lock migration crash Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 43/94] jffs2: Fix segmentation fault found in stress test Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 44/94] jffs2: Fix crash due to truncation of csize Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 64/94] nfsd: notify_change needs elevated write count Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 83/94] ALSA: ice1712: Fix boundary checks in PCM pointer ops Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 65/94] drm/i915/tv: fix gen4 composite s-video tv-out Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 28/94] mach64: use unaligned access Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 52/94] mfd: max8997: Fix possible NULL pointer dereference on i2c_new_dummy error Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 34/94] tty: Set correct tty name in 'active' sysfs attribute Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 75/94] sh: fix format string bug in stack tracer Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 61/94] nfsd4: buffer-length check for SUPPATTR_EXCLCREAT Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 86/94] x86-64, modify_ldt: Ban 16-bit segments on 64-bit kernels Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 47/94] ext4: fix partial cluster handling for bigalloc file systems Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 29/94] mach64: fix cursor when character width is not a multiple of 8 pixels Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 93/94] powernow-k6: reorder frequencies Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 50/94] IB/nes: Return an error on ib_copy_from_udata() failure instead of NULL Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 85/94] b43: Fix machine check error due to improper access of B43_MMIO_PSM_PHY_HDR Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 38/94] rtlwifi: rtl8192se: Fix too long disable of IRQs Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 84/94] lib/percpu_counter.c: fix bad percpu counter state during suspend Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 37/94] blktrace: fix accounting of partially completed requests Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 74/94] drm/radeon: call drm_edid_to_eld when we update the edid Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 70/94] IB/mthca: Return an error on ib_copy_to_udata() failure Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 73/94] drm/vmwgfx: correct fb_fix_screeninfo.line_length Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 49/94] IB/ipath: Fix potential buffer overrun in sending diag packet routine Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 45/94] iwlwifi: dvm: take mutex when sending SYNC BT config command Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 53/94] mfd: max8998: Fix possible NULL pointer dereference on i2c_new_dummy error Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 54/94] mfd: max8925: " Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 71/94] IB/ehca: Returns an error on ib_copy_to_udata() failure Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 91/94] powernow-k6: disable cache when changing frequency Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 79/94] iscsi-target: Fix ERL=2 ASYNC_EVENT connection pointer bug Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 94/94] Revert "alpha: fix broken network checksum" Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 90/94] selinux: correctly label /proc inodes in use before the policy is loaded Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 62/94] nfsd4: session needs room for following op to error out Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 46/94] virtio_balloon: don't softlockup on huge balloon changes Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 81/94] mm: hugetlb: fix softlockup when a large number of hugepages are freed Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 36/94] usb: gadget: atmel_usba: fix crashed during stopping when DEBUG is enabled Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 80/94] mm: try_to_unmap_cluster() should lock_page() before mlocking Ben Hutchings
2014-04-28 1:11 ` [PATCH 3.2 33/94] [media] media: gspca: sn9c20x: add ID for Genius Look 1320 V2 Ben Hutchings
2014-04-28 15:05 ` [PATCH 3.2 00/94] 3.2.58-rc1 review Ben Hutchings
2014-04-29 4:01 ` Guenter Roeck
2014-04-30 12:21 ` Ben Hutchings
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=lsq.1398647481.924226157@decadent.org.uk \
--to=ben@decadent.org.uk \
--cc=akpm@linux-foundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=rmk+kernel@arm.linux.org.uk \
--cc=stable@vger.kernel.org \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox