[PATCH v5] mm: huge-vmap: fail gracefully on unexpected huge vmap mappings
Ard Biesheuvel
ard.biesheuvel at linaro.org
Fri Jun 9 02:27:15 PDT 2017
On 9 June 2017 at 09:22, Mark Rutland <mark.rutland at arm.com> wrote:
> On Fri, Jun 09, 2017 at 08:22:26AM +0000, Ard Biesheuvel wrote:
>> Existing code that uses vmalloc_to_page() may assume that any
>> address for which is_vmalloc_addr() returns true may be passed
>> into vmalloc_to_page() to retrieve the associated struct page.
>>
>> This is not un unreasonable assumption to make, but on architectures
>> that have CONFIG_HAVE_ARCH_HUGE_VMAP=y, it no longer holds, and we
>> need to ensure that vmalloc_to_page() does not go off into the weeds
>> trying to dereference huge PUDs or PMDs as table entries.
>>
>> Given that vmalloc() and vmap() themselves never create huge
>> mappings or deal with compound pages at all, there is no correct
>> answer in this case, so return NULL instead, and issue a warning.
>>
>> Signed-off-by: Ard Biesheuvel <ard.biesheuvel at linaro.org>
>> ---
>> v5: - fix typo
>>
>> v4: - use pud_bad/pmd_bad instead of pud_huge/pmd_huge, which don't require
>> changes to hugetlb.h, and give us what we need on all architectures
>> - move WARN_ON_ONCE() calls out of conditionals
^^^
>> - add explanatory comment
>>
>> mm/vmalloc.c | 15 +++++++++++++--
>> 1 file changed, 13 insertions(+), 2 deletions(-)
>>
>> diff --git a/mm/vmalloc.c b/mm/vmalloc.c
>> index 34a1c3e46ed7..0fcd371266a4 100644
>> --- a/mm/vmalloc.c
>> +++ b/mm/vmalloc.c
>> @@ -287,10 +287,21 @@ struct page *vmalloc_to_page(const void *vmalloc_addr)
>> if (p4d_none(*p4d))
>> return NULL;
>> pud = pud_offset(p4d, addr);
>> - if (pud_none(*pud))
>> +
>> + /*
>> + * Don't dereference bad PUD or PMD (below) entries. This will also
>> + * identify huge mappings, which we may encounter on architectures
>> + * that define CONFIG_HAVE_ARCH_HUGE_VMAP=y. Such regions will be
>> + * identified as vmalloc addresses by is_vmalloc_addr(), but are
>> + * not [unambiguously] associated with a struct page, so there is
>> + * no correct value to return for them.
>> + */
>> + WARN_ON_ONCE(pud_bad(*pud));
>> + if (pud_none(*pud) || pud_bad(*pud))
>> return NULL;
>
> Nit: the WARN_ON_ONCE() can be folded into the conditional:
>
> if (pud_none(*pud) || WARN_ON_ONCE(pud_bad(*pud)))
> reutrn NULL;
>
>> pmd = pmd_offset(pud, addr);
>> - if (pmd_none(*pmd))
>> + WARN_ON_ONCE(pmd_bad(*pmd));
>> + if (pmd_none(*pmd) || pmd_bad(*pmd))
>> return NULL;
>
> Likewise here.
>
Actually, it was Dave who requested them to be taken out of the conditional.
> Otherwise, looks good to me. FWIW:
>
> Acked-by: Mark Rutland <mark.rutland at arm.com>
>
Thanks,
Ard.
More information about the linux-arm-kernel
mailing list