kernel / kernel-source

Clone
Source Code
GIT

Blame patches.suse/powerpc-mm-Fix-false-detection-of-read-faults.patch

ALP-current ALP-current-GA ALP-current-RT ALP-current-RT-GA SLE12-SP5 SLE12-SP5-AZURE SLE12-SP5-RT SLE15-SP2-EB SLE15-SP3-RT-LTSS SLE15-SP4-RT-LTSS SLE15-SP5 SLE15-SP5-AZURE SLE15-SP5-RT SLE15-SP6 SLE15-SP6-AZURE SLE15-SP6-AZURE-GA SLE15-SP6-GA SLE15-SP6-RT SLE15-SP6-RT-GA linux-next master packaging scripts slowroll stable vanilla
  1.   0f51cbfe057495312ac3d0820374c74ddc6c12f5
  2.   patches.suse
  3.   powerpc-mm-Fix-false-detection-of-read-faults.patch
Blob History Raw
Michal Suchanek 0f51cb 
From cbe94edc1c062ba2f31e9d2432a374d17f25a002 Mon Sep 17 00:00:00 2001
Michal Suchanek 0f51cb 
From: Russell Currey <ruscur@russell.cc>
Michal Suchanek 0f51cb 
Date: Fri, 10 Mar 2023 16:08:34 +1100
Michal Suchanek 0f51cb 
Subject: [PATCH] powerpc/mm: Fix false detection of read faults
Michal Suchanek 0f51cb 
MIME-Version: 1.0
Michal Suchanek 0f51cb 
Content-Type: text/plain; charset=UTF-8
Michal Suchanek 0f51cb 
Content-Transfer-Encoding: 8bit
Michal Suchanek 0f51cb
Michal Suchanek 0f51cb 
Patch-mainline: submitted http://patchwork.ozlabs.org/project/linuxppc-dev/patch/20230310050834.63105-1-ruscur@russell.cc/
Michal Suchanek 0f51cb 
References: bsc#1208864
Michal Suchanek 0f51cb
Michal Suchanek 0f51cb 
To support detection of read faults with Radix execute-only memory, the
Michal Suchanek 0f51cb 
vma_is_accessible() check in access_error() (which checks for PROT_NONE)
Michal Suchanek 0f51cb 
was replaced with a check to see if VM_READ was missing, and if so,
Michal Suchanek 0f51cb 
returns true to assert the fault was caused by a bad read.
Michal Suchanek 0f51cb
Michal Suchanek 0f51cb 
This is incorrect, as it ignores that both VM_WRITE and VM_EXEC imply
Michal Suchanek 0f51cb 
read on powerpc, as defined in protection_map[].  This causes mappings
Michal Suchanek 0f51cb 
containing VM_WRITE or VM_EXEC without VM_READ to misreport the cause of
Michal Suchanek 0f51cb 
page faults, since the MMU is still allowing reads.
Michal Suchanek 0f51cb
Michal Suchanek 0f51cb 
Correct this by restoring the original vma_is_accessible() check for
Michal Suchanek 0f51cb 
PROT_NONE mappings, and adding a separate check for Radix PROT_EXEC-only
Michal Suchanek 0f51cb 
mappings.
Michal Suchanek 0f51cb
Michal Suchanek 0f51cb 
Fixes: 395cac7752b9 ("powerpc/mm: Support execute-only memory on the Radix MMU")
Michal Suchanek 0f51cb 
Reported-by: Michal Suchánek <msuchanek@suse.de>
Michal Suchanek 0f51cb 
Tested-by: Benjamin Gray <bgray@linux.ibm.com>
Michal Suchanek 0f51cb 
Signed-off-by: Russell Currey <ruscur@russell.cc>
Michal Suchanek 0f51cb 
Acked-by: Michal Suchanek <msuchanek@suse.de>
Michal Suchanek 0f51cb 
---
Michal Suchanek 0f51cb 
 arch/powerpc/mm/fault.c | 11 ++++++++---
Michal Suchanek 0f51cb 
 1 file changed, 8 insertions(+), 3 deletions(-)
Michal Suchanek 0f51cb
Michal Suchanek 0f51cb 
diff --git a/arch/powerpc/mm/fault.c b/arch/powerpc/mm/fault.c
Michal Suchanek 0f51cb 
index 2bef19cc1b98..af46aa88422b 100644
Michal Suchanek 0f51cb 
--- a/arch/powerpc/mm/fault.c
Michal Suchanek 0f51cb 
+++ b/arch/powerpc/mm/fault.c
Michal Suchanek 0f51cb 
@@ -271,11 +271,16 @@ static bool access_error(bool is_write, bool is_exec, struct vm_area_struct *vma
Michal Suchanek 0f51cb 
 	}
Michal Suchanek 0f51cb
Michal Suchanek 0f51cb 
 	/*
Michal Suchanek 0f51cb 
-	 * Check for a read fault.  This could be caused by a read on an
Michal Suchanek 0f51cb 
-	 * inaccessible page (i.e. PROT_NONE), or a Radix MMU execute-only page.
Michal Suchanek 0f51cb 
+	 * VM_READ, VM_WRITE and VM_EXEC all imply read permissions, as
Michal Suchanek 0f51cb 
+	 * defined in protection_map[].  Read faults can only be caused by
Michal Suchanek 0f51cb 
+	 * a PROT_NONE mapping, or with a PROT_EXEC-only mapping on Radix.
Michal Suchanek 0f51cb 
 	 */
Michal Suchanek 0f51cb 
-	if (unlikely(!(vma->vm_flags & VM_READ)))
Michal Suchanek 0f51cb 
+	if (unlikely(!vma_is_accessible(vma)))
Michal Suchanek 0f51cb 
 		return true;
Michal Suchanek 0f51cb 
+
Michal Suchanek 0f51cb 
+	if (unlikely(radix_enabled() && ((vma->vm_flags & VM_ACCESS_FLAGS) == VM_EXEC)))
Michal Suchanek 0f51cb 
+		return true;
Michal Suchanek 0f51cb 
+
Michal Suchanek 0f51cb 
 	/*
Michal Suchanek 0f51cb 
 	 * We should ideally do the vma pkey access check here. But in the
Michal Suchanek 0f51cb 
 	 * fault path, handle_mm_fault() also does the same check. To avoid
Michal Suchanek 0f51cb 
--
Michal Suchanek 0f51cb 
2.39.2
Michal Suchanek 0f51cb
Powered by Pagure 5.13.3
DocumentationAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.