| Message ID | 20211206150231.2283069-7-Liam.Howlett@oracle.com |
|---|---|
| State | New |
| Headers | show
Return-Path: <SRS0=1Gou=QX=vger.kernel.org=sparclinux-owner@ozlabs.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: bilbo.ozlabs.org;
dkim=pass (2048-bit key;
unprotected) header.d=oracle.com header.i=@oracle.com header.a=rsa-sha256
header.s=corp-2021-07-09 header.b=dVdf361p;
dkim=pass (1024-bit key;
unprotected) header.d=oracle.onmicrosoft.com header.i=@oracle.onmicrosoft.com
header.a=rsa-sha256 header.s=selector2-oracle-onmicrosoft-com
header.b=ibHE86ci;
dkim-atps=neutral
Received: from gandalf.ozlabs.org (gandalf.ozlabs.org
[IPv6:2404:9400:2:0:216:3eff:fee2:21ea])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest
SHA256)
(No client certificate requested)
by bilbo.ozlabs.org (Postfix) with ESMTPS id 4J76D522WFz9sRK
for <incoming@patchwork.ozlabs.org>; Tue, 7 Dec 2021 02:04:53 +1100 (AEDT)
Received: from gandalf.ozlabs.org (gandalf.ozlabs.org
[IPv6:2404:9400:2:0:216:3eff:fee2:21ea])
by gandalf.ozlabs.org (Postfix) with ESMTP id 4J76D466S5z4xjq
for <incoming@patchwork.ozlabs.org>; Tue, 7 Dec 2021 02:04:52 +1100 (AEDT)
Received: by gandalf.ozlabs.org (Postfix)
id 4J76D464Lxz4xjr; Tue, 7 Dec 2021 02:04:52 +1100 (AEDT)
Delivered-To: patchwork-incoming@ozlabs.org
Authentication-Results: gandalf.ozlabs.org;
spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org
(client-ip=23.128.96.18; helo=vger.kernel.org;
envelope-from=sparclinux-owner@vger.kernel.org; receiver=<UNKNOWN>)
Authentication-Results: gandalf.ozlabs.org;
dkim=pass (2048-bit key;
unprotected) header.d=oracle.com header.i=@oracle.com header.a=rsa-sha256
header.s=corp-2021-07-09 header.b=dVdf361p;
dkim=pass (1024-bit key;
unprotected) header.d=oracle.onmicrosoft.com header.i=@oracle.onmicrosoft.com
header.a=rsa-sha256 header.s=selector2-oracle-onmicrosoft-com
header.b=ibHE86ci;
dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
by gandalf.ozlabs.org (Postfix) with ESMTP id 4J76D460D5z4xjq
for <patchwork-incoming@ozlabs.org>; Tue, 7 Dec 2021 02:04:52 +1100 (AEDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S1347184AbhLFPIT (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);
Mon, 6 Dec 2021 10:08:19 -0500
Received: from mx0b-00069f02.pphosted.com ([205.220.177.32]:7860 "EHLO
mx0b-00069f02.pphosted.com" rhost-flags-OK-OK-OK-OK)
by vger.kernel.org with ESMTP id S1346422AbhLFPG2 (ORCPT
<rfc822;sparclinux@vger.kernel.org>); Mon, 6 Dec 2021 10:06:28 -0500
Received: from pps.filterd (m0246630.ppops.net [127.0.0.1])
by mx0b-00069f02.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id
1B6EdffS006615;
Mon, 6 Dec 2021 15:02:58 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com;
h=from : to : subject :
date : message-id : references : in-reply-to : content-type :
content-transfer-encoding : mime-version; s=corp-2021-07-09;
bh=36uvZ0LGQo49ZsXXmqwAb2WjA1h/ZLY2QL6bpMO5weM=;
b=dVdf361pp4MYgw6HGLEVNrnYW7E7Nib2dHpucMGOPHfwAuygTdHn7hu0FBzQxUIlurfg
06lDL5hZW3GQ0KjGlhvfLOp/k5A0brAVa6cC51FP4Oi9qdssxxKgUKVJevz+m2CES59n
EUOVC5MJO2MNFGTJeTsAZnJdAkI2Mv/6HgpXmqE9xcvbmvKzh1KzK9wks1DpETi+4kqz
MtQ3mnkuOMMvE1OJC4BFLAGi4bMtFtVOit4AjOnHMwJ+Fd6/PxVo4HMFgcn8OHC4goDK
beaf7A6PVS4X3dfPHE1RmabOzk3eaEYmEIH/iujcj7ZTMFHzgW/TzSK7JVwKKcuZjVWx CA==
Received: from aserp3030.oracle.com (aserp3030.oracle.com [141.146.126.71])
by mx0b-00069f02.pphosted.com with ESMTP id 3csc72af1w-1
(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256
verify=OK);
Mon, 06 Dec 2021 15:02:58 +0000
Received: from pps.filterd (aserp3030.oracle.com [127.0.0.1])
by aserp3030.oracle.com (8.16.1.2/8.16.1.2) with SMTP id
1B6Ev91j065229;
Mon, 6 Dec 2021 15:02:57 GMT
Received: from nam11-bn8-obe.outbound.protection.outlook.com
(mail-bn8nam11lp2177.outbound.protection.outlook.com [104.47.58.177])
by aserp3030.oracle.com with ESMTP id 3csc4rvn0a-5
(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256
verify=OK);
Mon, 06 Dec 2021 15:02:57 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=DTuLkhAMsqf8TfX1IYcpQ77slsX6iUkCNDMyLwq6UZ0mwfeO9dXTUYo2NPp1dfbhonPpDiFFL1tqBkYWuQTVbE0ZbeEs6/DtEwK/xn2Hq26yzAdcosSo2oc3roYWPjQ9UzuFYvR/iB6u8KG52/ib6JEkbLArQGvcg8U0GkbKwBwvFQUlBTWZcGBgn5mCMCnSHLkUFvfrq4B/uuw+RrUGC6pdj0hGsjMpv+R3xYN1AVQgoPLpXnDYE66d/BbFhpMdUpFik0KdMsJgQsy1iaRbOSXNHbyBckECmy+e+wKethwKNEuGYJrVvwN5BrkygFeVQkB58quMuZyDUH6XPNZOAw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=36uvZ0LGQo49ZsXXmqwAb2WjA1h/ZLY2QL6bpMO5weM=;
b=Z4uYH+bin4sVjiyWf5TttNHgA8Nq+vkSGJrS1WMqxMO9ozfm2d8gHGgahAAMNo/0U3UgDWdIYVJGZ6dY5XN7WmmWK+JLt7BNmNfIT0mgFPe1yCJ1Op2aukKNdZQEL9Zz9tyaEXsAzsyjT9dV/KcHvfpBx6s7IOXkBIFz4DPdQDdvUJP6VYaC9+FQKOZcUGyeaZ4v7kBOMCef99ScAgwTwMnTgy9qj5jnS6Jh+G+5pc/Rehi7lcqqlAGHrUTIORgIU3EvKEklaItM0Czr5pF4Wi8B8FaFPCu3DLruU6/s+re4VgESCmUJhzffMalinSH7i76XFsi4Nlw0jhc2lHCzhQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
smtp.mailfrom=oracle.com; dmarc=pass action=none header.from=oracle.com;
dkim=pass header.d=oracle.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=oracle.onmicrosoft.com; s=selector2-oracle-onmicrosoft-com;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=36uvZ0LGQo49ZsXXmqwAb2WjA1h/ZLY2QL6bpMO5weM=;
b=ibHE86cimeDA6htmt6ap5bnCsZtsXugaBErnli5ds41FlA+7r1zjiF0wkFNXdGFjorhwDAjDqiMgkvgp/Q48xRHjbMrr5RYRT/CRDbvoNNngAD3q2aDBeUNsVDfs8DQp+glQWVZ3/wYEpXcKVvA6eW7GPEehbAbwI7+UfQh9So4=
Received: from SN6PR10MB3022.namprd10.prod.outlook.com (2603:10b6:805:d8::25)
by SN4PR10MB5543.namprd10.prod.outlook.com (2603:10b6:806:1ea::13) with
Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4755.20; Mon, 6 Dec
2021 15:02:54 +0000
Received: from SN6PR10MB3022.namprd10.prod.outlook.com
([fe80::3857:3a25:3444:fdd3]) by SN6PR10MB3022.namprd10.prod.outlook.com
([fe80::3857:3a25:3444:fdd3%4]) with mapi id 15.20.4755.022; Mon, 6 Dec 2021
15:02:54 +0000
From: Liam Howlett <liam.howlett@oracle.com>
To: Liam Howlett <liam.howlett@oracle.com>,
"David S. Miller" <davem@davemloft.net>,
"sparclinux@vger.kernel.org" <sparclinux@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: [RFC PATCH 6/6] sys_sparc_64.c: Check length of unmapped area before
allowing MAP_FIXED
Thread-Topic: [RFC PATCH 6/6] sys_sparc_64.c: Check length of unmapped area
before allowing MAP_FIXED
Thread-Index: AQHX6rJYkRSYHKfv10mk39GZObrubg==
Date: Mon, 6 Dec 2021 15:02:54 +0000
Message-ID: <20211206150231.2283069-7-Liam.Howlett@oracle.com>
References: <20211206150231.2283069-1-Liam.Howlett@oracle.com>
In-Reply-To: <20211206150231.2283069-1-Liam.Howlett@oracle.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: git-send-email 2.30.2
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 6c198dea-927c-455d-7b63-08d9b8c97b19
x-ms-traffictypediagnostic: SN4PR10MB5543:EE_
x-microsoft-antispam-prvs:
<SN4PR10MB5543DE57CA8C10C9EEE41A54FD6D9@SN4PR10MB5543.namprd10.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:6430;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info:
SU9fQcg21qmW2R/fpCvLP0liuOtPcOS+vIpj2r1jZUSLCF5j98y7vXJjsOyqQOS5iWG8jfDtdsvWj6tpBb4ah3RVEixRrr0E8sKBm7PH0edIv1ZMNqyHwye0AQJOdpz8FNYNAyr9WyabwE7EdAdHvRjGhDpUd6HF/f7FXcI8lorLn+ZhD7D9oa8dji/4XhwGVUp4L8hy27rksFymoUXKx98q+lqc6c+snCHiycvRfmdJYgDDx/hxxyZ5Ijgpg4u+botkWx0lR7T55UJPeNyMUkgm62E3wIWQW1MTBP0ooUU4cBX0BinxECAW5PlGrDMMVbCvCFbsaotlmcYFOmSpJ+KlK6kDwycQ9gRl62BtKselqZcsC3IuRIrkDLQSlRx91kL1Bww9Wb7dRUNFxOB4gPAijAOzgUOU8jemKwnPGndk3bi+JP1BjzqwWZwSLnXmXlLUMnDRScBUJ1ijIWpC6AmKRsosHNgdj7xWuu4RSXrEARRvdw70LQtn37RpK/S0uuiVVRaXjHhMwpPbCv1Lb+IjCYwwMbHkRvG2FFi25fE0AfMO1sNGEkHArPMRH5EB2wcRO6YBOYJy0SJZjEauSbP5Kwh8dW1v6Z/EekufDUFtnHkCVjY/kKmX7JXhYL4/9X+Da6mvUI80mxpQ1W31D/UKYrCUBV9sfFBfqZr2JrwbD46aGW86bnXGffiuHU1/roHwBsn5PyLsbXW4JnQhJA==
x-forefront-antispam-report:
CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR10MB3022.namprd10.prod.outlook.com;PTR:;CAT:NONE;SFS:(366004)(2906002)(1076003)(38070700005)(66446008)(6512007)(86362001)(36756003)(2616005)(66476007)(316002)(8936002)(66556008)(64756008)(26005)(186003)(6506007)(38100700002)(91956017)(76116006)(71200400001)(8676002)(508600001)(66946007)(5660300002)(122000001)(110136005)(6486002)(44832011)(83380400001);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?q?Jc555GC7uowIb0hAp7VOfqD?=
=?iso-8859-1?q?26gXNepl4vxeEzA+ddmyaH3HfdD2xz7pq2sbPvSd/aA54tOXm+YIFQWdSCYE?=
=?iso-8859-1?q?QXoYJCkTASkLlNuB3a7dgk2Oqg8k+ml8GsNT4UglF+APx2SrcV4UcUAaSxqn?=
=?iso-8859-1?q?6WubdjPDKFxaOJq1i3rdRz9gp2UazolJpg4Ez66u/B7opW6HdpuHJgQgy12D?=
=?iso-8859-1?q?RlSl6mW/u1oNhTPE9XA7sdS71wDJJZHpRfpjTX5ZLoOiqnBfuKrx07xIe0Qj?=
=?iso-8859-1?q?lZI0wakH4l50UO7v+ednBtDA6cjCMBmveTDcyC3eopukBUmuaTNsc0j9ZsTY?=
=?iso-8859-1?q?v46xGooSIy8RQoTB1q8XN8NGkQf4wNJAIxmOxCDulNxXzJNYKgS+ViYRFysp?=
=?iso-8859-1?q?ttYrTRC06LUd9Enil6Aiw2sXds8qc80w0NQpPCqknrs6rqvnBZr8MH98igOr?=
=?iso-8859-1?q?3nArorR6iKnz/93iePBgrtXCMNskKaEYusHfGUv7acInxNuL1nELmgpZaGzj?=
=?iso-8859-1?q?SKBxsVu3cXRYuTvDzst8PqeOewsJemAPrqjc1Fwgk7FZB2yw31Ue1EPK1QnZ?=
=?iso-8859-1?q?EgIii8xSqq7/hFOPbpG4d8+XdVdmitJ6XOWqiV0lVtOuH9265iFkhCBJz5OM?=
=?iso-8859-1?q?n9BpuwbJlBGen57BDiTOMWtLFmI1lC8P9sAhzKcqGKi7BQju8lbZ91+JZFZs?=
=?iso-8859-1?q?aJQ9wNIoyefS8L1vtz2qnRpZHVUsmj5MLwmW0VxvdfKl0jMUTuqalbBD0CX0?=
=?iso-8859-1?q?P+R2n6zmSZLBm3i4oPBJtTgF0BMxTm9/rKzpICowzY5NBzXUw65b6b+Q1BdM?=
=?iso-8859-1?q?xOdelQ04p9hIvUCypt1pQgKVhBL4wF3lR2b/Fh30MzMhE3vVCAzzDuOUGuQD?=
=?iso-8859-1?q?JgHuSOJl/4bps4meqywaShTPdKG2m6s+xGVx9C/2C3EU2iDaQZJH0egxN1bS?=
=?iso-8859-1?q?tKWOb7Jn2sOoUreQlpfNdY5h6Z4xYhuaEiSUqLjYly2anj4nPY90UmHwwqfq?=
=?iso-8859-1?q?GQiX0fi03LrV3fgfWhp1PN8S2Rt6Q6wdMN4ZZsZiDkdvUf58ZPSL+NRaKswW?=
=?iso-8859-1?q?piznsPHnFjQiGDwwKnF//SjhihVAITmEC4KCt4wv1SMMpcqVjClbf2GAgpqJ?=
=?iso-8859-1?q?Bo6KxjmWI8PpJHz4W/SF6fyTt4j10VJjejPh9+XeYfTXki8q4pv1DACouiSX?=
=?iso-8859-1?q?nozvXmNmLOpjhjdl+zYMNya04OEs1Wfj5mnOtBAIagpL7x2fABZJoDsirvuf?=
=?iso-8859-1?q?HDjA2hYI2kvfEQKTr6/z2FS1wvi9wtYskaKU/bBnS4ALAnEEClBDEox7TIvU?=
=?iso-8859-1?q?eypSC15N76W/ef0Z6mJlnNWJB0Fcnk2619rUMIslw6iPSgv0wmKoeFzHT3Ql?=
=?iso-8859-1?q?1EvZj5RBR5RfXrvhHhy9/42SXr66Knv5mvypYAIjs6Mm+9vmSzwYLpozg65O?=
=?iso-8859-1?q?vjxMavwuZ92lN8ZHj05n75fSqcCNttQh5xs4H0EIUao5Kll5p4e5lM2qFQMi?=
=?iso-8859-1?q?uUX+Mahp6RInOT+DITkASemTnGU2vGYx+f57AxFq1elpIuffHKEyYdGAdxmb?=
=?iso-8859-1?q?6QvxbCcYNtP4OgUsiHbP/gNgDJCU4QtIzoTE7rrVYtNhwHS7IGKa3U+Ma3wX?=
=?iso-8859-1?q?1UCzjoFK6wU7FtbNaWqNt9H4+FvObOG9pugKrkA0Aw90y5cWJnSeGWPACHqU?=
=?iso-8859-1?q?=3D?=
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: oracle.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SN6PR10MB3022.namprd10.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id:
6c198dea-927c-455d-7b63-08d9b8c97b19
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Dec 2021 15:02:54.2215
(UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname:
jUSwqhokfJeay178c+zrYbXEBlP83oFZFG5dR2AuwpPbj/ePOMFQjgDYj5/+6HZawc7t7YaN02EMgLVXnGu5oQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN4PR10MB5543
X-Proofpoint-Virus-Version: vendor=nai engine=6300 definitions=10189
signatures=668683
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 adultscore=0
mlxlogscore=999
phishscore=0 bulkscore=0 malwarescore=0 spamscore=0 suspectscore=0
mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1
engine=8.12.0-2110150000 definitions=main-2112060094
X-Proofpoint-ORIG-GUID: nGcsDmgXMD8AHiaKOqDaj2RRvSHQw9L6
X-Proofpoint-GUID: nGcsDmgXMD8AHiaKOqDaj2RRvSHQw9L6
Precedence: bulk
List-ID: <sparclinux.vger.kernel.org>
X-Mailing-List: sparclinux@vger.kernel.org
|
| Series |
Check length of unmapped area on MAP_FIXED
|
expand
|
diff --git a/arch/sparc/kernel/sys_sparc_64.c b/arch/sparc/kernel/sys_sparc_64.c index 1e9a9e016237..4ca7f9c18c54 100644 --- a/arch/sparc/kernel/sys_sparc_64.c +++ b/arch/sparc/kernel/sys_sparc_64.c @@ -95,6 +95,11 @@ unsigned long arch_get_unmapped_area(struct file *filp, unsigned long addr, unsi int do_color_align; struct vm_unmapped_area_info info; + if (test_thread_flag(TIF_32BIT)) + task_size = STACK_TOP32; + if (unlikely(len > task_size || len >= VA_EXCLUDE_START)) + return -ENOMEM; + if (flags & MAP_FIXED) { /* We do not accept a shared mapping if it would violate * cache aliasing constraints. @@ -105,11 +110,6 @@ unsigned long arch_get_unmapped_area(struct file *filp, unsigned long addr, unsi return addr; } - if (test_thread_flag(TIF_32BIT)) - task_size = STACK_TOP32; - if (unlikely(len > task_size || len >= VA_EXCLUDE_START)) - return -ENOMEM; - do_color_align = 0; if (filp || (flags & MAP_SHARED)) do_color_align = 1; @@ -159,6 +159,9 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, /* This should only ever run for 32-bit processes. */ BUG_ON(!test_thread_flag(TIF_32BIT)); + if (unlikely(len > task_size)) + return -ENOMEM; + if (flags & MAP_FIXED) { /* We do not accept a shared mapping if it would violate * cache aliasing constraints. @@ -169,9 +172,6 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, return addr; } - if (unlikely(len > task_size)) - return -ENOMEM; - do_color_align = 0; if (filp || (flags & MAP_SHARED)) do_color_align = 1;
arch_get_unmapped_area() and arch_get_unmapped_area_topdown() could potentially allow a larger than possible length when using the MAP_FIXED flag. The bound check should come before the check for MAP_FIXED. Fixes: ca56c8ee6fa0 (v2.4.3.2 -> v2.4.3.3) Signed-off-by: Liam R. Howlett <Liam.Howlett@oracle.com> --- arch/sparc/kernel/sys_sparc_64.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-)