From patchwork Thu Aug 3 15:16:09 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A. Shutemov" X-Patchwork-Id: 13340257 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 62860EB64DD for ; Thu, 3 Aug 2023 15:16:38 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id DB200280277; Thu, 3 Aug 2023 11:16:37 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id D625028022C; Thu, 3 Aug 2023 11:16:37 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C2A0D280277; Thu, 3 Aug 2023 11:16:37 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id AFCEF28022C for ; Thu, 3 Aug 2023 11:16:37 -0400 (EDT) Received: from smtpin29.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 822F5C11BF for ; Thu, 3 Aug 2023 15:16:37 +0000 (UTC) X-FDA: 81083145234.29.3CDC074 Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.126]) by imf20.hostedemail.com (Postfix) with ESMTP id 6424C1C0021 for ; Thu, 3 Aug 2023 15:16:33 +0000 (UTC) Authentication-Results: imf20.hostedemail.com; dkim=pass header.d=intel.com header.s=Intel header.b="Fic/EgAK"; spf=none (imf20.hostedemail.com: domain of kirill.shutemov@linux.intel.com has no SPF policy when checking 134.134.136.126) smtp.mailfrom=kirill.shutemov@linux.intel.com; dmarc=pass (policy=none) header.from=intel.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1691075794; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:references:dkim-signature; bh=WdTHsjgEOvmnmgFlq61uExq4ZFJriDofF8tcorPi+nM=; b=Xk0zbiAe6UteAjSCoCv4b7e5YtJt9+R0zBJCNAHSUczN/6X7QAVSFCLSwSfPOhP0xqu9do fN34qlqucpV4P0JZuFkzi/qNaA+RzI9NteGeMjY8Kvj4nhT1Ia6D5Uw19l4PWJjTnhDbtR 8NxZ7YaEhw2mHBRoORULqLNjBvKdAKc= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1691075794; a=rsa-sha256; cv=none; b=hG/ellFaw7LSMu/GXqg6eENLUWuabORhxT225fKWJvv6CYUg44jS0K/wky/HrPMMQjyBg7 Kn7t/y7eTMIekYnSckUs+XOitq3F6uQh9qumaGoM+Ti2oip1uUlggw8olH3VZWJp135LxA s1OOCB8eJ3QGnzFSohXIR8AnC+6uJwU= ARC-Authentication-Results: i=1; imf20.hostedemail.com; dkim=pass header.d=intel.com header.s=Intel header.b="Fic/EgAK"; spf=none (imf20.hostedemail.com: domain of kirill.shutemov@linux.intel.com has no SPF policy when checking 134.134.136.126) smtp.mailfrom=kirill.shutemov@linux.intel.com; dmarc=pass (policy=none) header.from=intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1691075794; x=1722611794; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=/nVvtIp70+FSePc0879BDHNt5uW/EgkRqUTXM82sSno=; b=Fic/EgAKFYa5Af1x3BiEL8wWItCUAJfzTS7z6lGO8YiYyO/YpvGwNB0c QC4wjBAMiN51XNDREmvbmJCQRJetenL7KYTOkiBDFgNc7Y23RtMSQZll8 xxhYVII/EkgtfU2LKVTeAy6WvDg/3ekaEnYE6Ffv7BlD9Sq+No5DVP0Q3 0QFeXtC/k2qo1WoVwf/aOiNnuxNfXsJFHrMqeFCDJenbgknioS8kVI0nG kGPp8ZmbRXjflFI6KXpjnudyjiPGeWxwPtcom6WEfy4feACCKPegTT2YH I/ajWHjT8iXUDaN5ojCC2yeHGxKYIJQAutYm6vY+cKq/yWM1evVPBCMcf w==; X-IronPort-AV: E=McAfee;i="6600,9927,10791"; a="354833964" X-IronPort-AV: E=Sophos;i="6.01,252,1684825200"; d="scan'208";a="354833964" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 Aug 2023 08:16:32 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10791"; a="903418183" X-IronPort-AV: E=Sophos;i="6.01,252,1684825200"; d="scan'208";a="903418183" Received: from sosterlu-mobl1.ger.corp.intel.com (HELO box.shutemov.name) ([10.251.209.233]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 Aug 2023 08:16:18 -0700 Received: by box.shutemov.name (Postfix, from userid 1000) id CBB2E109FCF; Thu, 3 Aug 2023 18:16:13 +0300 (+03) From: "Kirill A. Shutemov" To: dave.hansen@intel.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de Cc: x86@kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" , Yingcong Wu Subject: [PATCHv2] x86/mm: Fix VDSO and VVAR placement on 5-level paging machines Date: Thu, 3 Aug 2023 18:16:09 +0300 Message-ID: <20230803151609.22141-1-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.41.0 MIME-Version: 1.0 X-Stat-Signature: 58ujxbogkdmcgzwi3g3swcb1dqpawb18 X-Rspamd-Server: rspam10 X-Rspamd-Queue-Id: 6424C1C0021 X-Rspam-User: X-HE-Tag: 1691075793-792890 X-HE-Meta: U2FsdGVkX1+wR5yuq/N0Sy7mNRZiQWKknnuwRzgI98jRsa7oJrq3xVkimYkRTyTp9cb/Pm7aNx1Mrs6T/oKLRSrhAsN+xOBNML7WMZ5ZsKq6bS7aoSSohJofJ9TQFG9RgMrPS1HdzIlM+Gfn/E8El9UPCxZL6YKv+NskW5Z/qFFxfH5lAgaMXzWRgZ9TpT+bo6J3YWgidi+Kh4H1O9oJK2HHQW2EivvhmeXj7TXZN4szQPloVSy5H6Mo/LlalW+bp8xLOA3eW3qVr4w8HdNIVy5FP0ykKeLYjH+tOBRi9nfYe0UUBh3NKxrXmNyUyLhog0pO06pqep3T+2FUCfPylJECEksmHwQLHLnOXCS3s2/YQg2saIcK6VCrVEweeegJHGx3n1IfMNBpY97VKc2PT6RxNMAHI84puaWkMfI4oVsiyvrd/tubyxm+x0SzETxQcR5JzNMI1sa+TSbbFX9EwCxzdxBrj77puu0dyn9Cd7CG/7YNPKXVQqG+f4Jva5JQKEGNyAdP6dmHNQSeNoKXuJyn86tR4lahn1QwYVqtRwU3QvoU8SAA9xkiml29fhEyNzeiwZihxNvbJLPrVxBxl7g/hSJN5pGUR3D6RzCZDZPxW1fBSRLY+y7tSlC+aUDNct+Dby8MNImSghhWfGCImJNRyMGRfN8vuLzhq3Oz4MRJlXEFIl4MZBdpb2fe3D4KHF24FWYkBkgMGfvFKWw6TAFt+MWMO1th1Y//csogkwhB97IFMZ6/kx6TUuE5pfg41Ru55lB/tj/KtB+OsxQc6Tu2FPMG+uLVnjWBSeX7rFQy195O57UCz8D2HmgAYfckal1lsOp6poa/HLPWkhN59bwAPoPvRfGDcLjhm1LrCQoZdvdcXDrbNkBeijtiErtsyOuHuB92xHOHoeYiQv9fevmfOnQaJH7jf96zMRdJKDr1WPIiufJDTQS6W7aXlNPOmCUMrMXaQEgxze7y76n +H78TfYk Qkocf2Wr9HQW8pOU1K9kpJpN2DmIplXqderHTJT/6TTZqNE8eO4GCRV4qQfejuAIBePHrORuFajqpMAGCEnV0Dkxvn8zq5Dfu2rnFM37/+JYMrtCFjoqcWfGxizM09ahJstMMSFM1ax3JWzg= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Yingcong has noticed that on the 5-level paging machine, VDSO and VVAR VMAs are placed above the 47-bit border: 8000001a9000-8000001ad000 r--p 00000000 00:00 0 [vvar] 8000001ad000-8000001af000 r-xp 00000000 00:00 0 [vdso] This might confuse users who are not aware of 5-level paging and expect all userspace addresses to be under the 47-bit border. So far problem has only been triggered with ASLR disabled, although it may also occur with ASLR enabled if the layout is randomized in a just right way. The problem happens due to custom placement for the VMAs in the VDSO code: vdso_addr() tries to place them above the stack and checks the result against TASK_SIZE_MAX, which is wrong. TASK_SIZE_MAX is set to the 56-bit border on 5-level paging machines. Use DEFAULT_MAP_WINDOW instead. Signed-off-by: Kirill A. Shutemov Reported-by: Yingcong Wu Fixes: b569bab78d8d ("x86/mm: Prepare to expose larger address space to userspace") Reviewed-by: Rick Edgecombe --- v2: - Fix commit message: grammar and passive voice arch/x86/entry/vdso/vma.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/entry/vdso/vma.c b/arch/x86/entry/vdso/vma.c index 11a5c68d1218..7645730dc228 100644 --- a/arch/x86/entry/vdso/vma.c +++ b/arch/x86/entry/vdso/vma.c @@ -299,8 +299,8 @@ static unsigned long vdso_addr(unsigned long start, unsigned len) /* Round the lowest possible end address up to a PMD boundary. */ end = (start + len + PMD_SIZE - 1) & PMD_MASK; - if (end >= TASK_SIZE_MAX) - end = TASK_SIZE_MAX; + if (end >= DEFAULT_MAP_WINDOW) + end = DEFAULT_MAP_WINDOW; end -= len; if (end > start) {