diff options
Diffstat (limited to 'common/recipes-kernel/linux/linux-yocto-4.9.21/0025-kaiser-kaiser_remove_mapping-move-along-the-pgd.patch')
-rw-r--r-- | common/recipes-kernel/linux/linux-yocto-4.9.21/0025-kaiser-kaiser_remove_mapping-move-along-the-pgd.patch | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/common/recipes-kernel/linux/linux-yocto-4.9.21/0025-kaiser-kaiser_remove_mapping-move-along-the-pgd.patch b/common/recipes-kernel/linux/linux-yocto-4.9.21/0025-kaiser-kaiser_remove_mapping-move-along-the-pgd.patch new file mode 100644 index 00000000..efd8753a --- /dev/null +++ b/common/recipes-kernel/linux/linux-yocto-4.9.21/0025-kaiser-kaiser_remove_mapping-move-along-the-pgd.patch @@ -0,0 +1,52 @@ +From 53c0f95d99b8f7282166ed59871ef86396ae2a8f Mon Sep 17 00:00:00 2001 +From: Hugh Dickins <hughd@google.com> +Date: Mon, 2 Oct 2017 10:57:24 -0700 +Subject: [PATCH 025/102] kaiser: kaiser_remove_mapping() move along the pgd + +When removing the bogus comment from kaiser_remove_mapping(), +I really ought to have checked the extent of its bogosity: as +Neel points out, there is nothing to stop unmap_pud_range_nofree() +from continuing beyond the end of a pud (and starting in the wrong +position on the next). + +Fix kaiser_remove_mapping() to constrain the extent and advance pgd +pointer correctly: use pgd_addr_end() macro as used throughout base +mm (but don't assume page-rounded start and size in this case). + +But this bug was very unlikely to trigger in this backport: since +any buddy allocation is contained within a single pud extent, and +we are not using vmapped stacks (and are only mapping one page of +stack anyway): the only way to hit this bug here would be when +freeing a large modified ldt. + +Signed-off-by: Hugh Dickins <hughd@google.com> +Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> +--- + arch/x86/mm/kaiser.c | 10 ++++++---- + 1 file changed, 6 insertions(+), 4 deletions(-) + +diff --git a/arch/x86/mm/kaiser.c b/arch/x86/mm/kaiser.c +index fa1cb09..cc0950f 100644 +--- a/arch/x86/mm/kaiser.c ++++ b/arch/x86/mm/kaiser.c +@@ -319,11 +319,13 @@ void kaiser_remove_mapping(unsigned long start, unsigned long size) + extern void unmap_pud_range_nofree(pgd_t *pgd, + unsigned long start, unsigned long end); + unsigned long end = start + size; +- unsigned long addr; ++ unsigned long addr, next; ++ pgd_t *pgd; + +- for (addr = start; addr < end; addr += PGDIR_SIZE) { +- pgd_t *pgd = native_get_shadow_pgd(pgd_offset_k(addr)); +- unmap_pud_range_nofree(pgd, addr, end); ++ pgd = native_get_shadow_pgd(pgd_offset_k(start)); ++ for (addr = start; addr < end; pgd++, addr = next) { ++ next = pgd_addr_end(addr, end); ++ unmap_pud_range_nofree(pgd, addr, next); + } + } + +-- +2.7.4 + |