| From b06fd7ebe4711c5b2d1edaf3350106e8e9f5fcfb Mon Sep 17 00:00:00 2001 |
| From: Christophe Leroy <christophe.leroy@c-s.fr> |
| Date: Wed, 21 Aug 2019 10:20:11 +0000 |
| Subject: [PATCH] powerpc/mm: Fix an Oops in kasan_mmu_init() |
| |
| commit cbd18991e24fea2c31da3bb117c83e4a3538cd11 upstream. |
| |
| Uncompressing Kernel Image ... OK |
| Loading Device Tree to 01ff7000, end 01fff74f ... OK |
| [ 0.000000] printk: bootconsole [udbg0] enabled |
| [ 0.000000] BUG: Unable to handle kernel data access at 0xf818c000 |
| [ 0.000000] Faulting instruction address: 0xc0013c7c |
| [ 0.000000] Thread overran stack, or stack corrupted |
| [ 0.000000] Oops: Kernel access of bad area, sig: 11 [#1] |
| [ 0.000000] BE PAGE_SIZE=16K PREEMPT |
| [ 0.000000] Modules linked in: |
| [ 0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 5.3.0-rc4-s3k-dev-00743-g5abe4a3e8fd3-dirty #2080 |
| [ 0.000000] NIP: c0013c7c LR: c0013310 CTR: 00000000 |
| [ 0.000000] REGS: c0c5ff38 TRAP: 0300 Not tainted (5.3.0-rc4-s3k-dev-00743-g5abe4a3e8fd3-dirty) |
| [ 0.000000] MSR: 00001032 <ME,IR,DR,RI> CR: 99033955 XER: 80002100 |
| [ 0.000000] DAR: f818c000 DSISR: 82000000 |
| [ 0.000000] GPR00: c0013310 c0c5fff0 c0ad6ac0 c0c600c0 f818c031 82000000 00000000 ffffffff |
| [ 0.000000] GPR08: 00000000 f1f1f1f1 c0013c2c c0013304 99033955 00400008 00000000 07ff9598 |
| [ 0.000000] GPR16: 00000000 07ffb94c 00000000 00000000 00000000 00000000 00000000 f818cfb2 |
| [ 0.000000] GPR24: 00000000 00000000 00001000 ffffffff 00000000 c07dbf80 00000000 f818c000 |
| [ 0.000000] NIP [c0013c7c] do_page_fault+0x50/0x904 |
| [ 0.000000] LR [c0013310] handle_page_fault+0xc/0x38 |
| [ 0.000000] Call Trace: |
| [ 0.000000] Instruction dump: |
| [ 0.000000] be010080 91410014 553fe8fe 3d40c001 3d20f1f1 7d800026 394a3c2c 3fffe000 |
| [ 0.000000] 6129f1f1 900100c4 9181007c 91410018 <913f0000> 3d2001f4 6129f4f4 913f0004 |
| |
| Don't map the early shadow page read-only yet when creating the new |
| page tables for the real shadow memory, otherwise the memblock |
| allocations that immediately follows to create the real shadow pages |
| that are about to replace the early shadow page trigger a page fault |
| if they fall into the region being worked on at the moment. |
| |
| Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> |
| Fixes: 2edb16efc899 ("powerpc/32: Add KASAN support") |
| Cc: stable@vger.kernel.org |
| Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> |
| Link: https://lore.kernel.org/r/fe86886fb8db44360417cee0dc515ad47ca6ef72.1566382750.git.christophe.leroy@c-s.fr |
| Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com> |
| |
| diff --git a/arch/powerpc/mm/kasan/kasan_init_32.c b/arch/powerpc/mm/kasan/kasan_init_32.c |
| index e8ab3cc5f6e4..0e6ed4413eea 100644 |
| --- a/arch/powerpc/mm/kasan/kasan_init_32.c |
| +++ b/arch/powerpc/mm/kasan/kasan_init_32.c |
| @@ -34,7 +34,7 @@ static int __ref kasan_init_shadow_page_tables(unsigned long k_start, unsigned l |
| { |
| pmd_t *pmd; |
| unsigned long k_cur, k_next; |
| - pgprot_t prot = kasan_prot_ro(); |
| + pgprot_t prot = slab_is_available() ? kasan_prot_ro() : PAGE_KERNEL; |
| |
| pmd = pmd_offset(pud_offset(pgd_offset_k(k_start), k_start), k_start); |
| |
| @@ -110,9 +110,22 @@ static int __ref kasan_init_region(void *start, size_t size) |
| static void __init kasan_remap_early_shadow_ro(void) |
| { |
| pgprot_t prot = kasan_prot_ro(); |
| + unsigned long k_start = KASAN_SHADOW_START; |
| + unsigned long k_end = KASAN_SHADOW_END; |
| + unsigned long k_cur; |
| + phys_addr_t pa = __pa(kasan_early_shadow_page); |
| |
| kasan_populate_pte(kasan_early_shadow_pte, prot); |
| |
| + for (k_cur = k_start & PAGE_MASK; k_cur < k_end; k_cur += PAGE_SIZE) { |
| + pmd_t *pmd = pmd_offset(pud_offset(pgd_offset_k(k_cur), k_cur), k_cur); |
| + pte_t *ptep = pte_offset_kernel(pmd, k_cur); |
| + |
| + if ((pte_val(*ptep) & PTE_RPN_MASK) != pa) |
| + continue; |
| + |
| + __set_pte_at(&init_mm, k_cur, ptep, pfn_pte(PHYS_PFN(pa), prot), 0); |
| + } |
| flush_tlb_kernel_range(KASAN_SHADOW_START, KASAN_SHADOW_END); |
| } |
| |
| -- |
| 2.7.4 |
| |