* Thomas Gleixner <t...@linutronix.de> wrote:
> From: Song Liu <songliubrav...@fb.com>
>
> pti_clone_pmds() assumes that the supplied address is either:
>
> - properly PUD/PMD aligned
> or
> - the address is actually mapped which means that independently
> of the mapping level (PUD/PMD/PTE) the next higher mapping
> exists.
>
> If that's not the case the unaligned address can be incremented by PUD or
> PMD size incorrectly. All callers supply mapped and/or aligned addresses,
> but for the sake of robustness it's better to handle that case properly and
> to emit a warning.
>
> [ tglx: Rewrote changelog and added WARN_ON_ONCE() ]
>
> Signed-off-by: Song Liu <songliubrav...@fb.com>
> Signed-off-by: Thomas Gleixner <t...@linutronix.de>
> ---
> V2: Negate P[UM]D_MASK for checking whether the offset part is 0
> V3: Fix changelog
> ---
> arch/x86/mm/pti.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> --- a/arch/x86/mm/pti.c
> +++ b/arch/x86/mm/pti.c
> @@ -330,13 +330,15 @@ pti_clone_pgtable(unsigned long start, u
>
> pud = pud_offset(p4d, addr);
> if (pud_none(*pud)) {
> - addr += PUD_SIZE;
> + WARN_ON_ONCE(addr & ~PUD_MASK);
> + addr = round_up(addr + 1, PUD_SIZE);
> continue;
> }
>
> pmd = pmd_offset(pud, addr);
> if (pmd_none(*pmd)) {
> - addr += PMD_SIZE;
> + WARN_ON_ONCE(addr & ~PMD_MASK);
> + addr = round_up(addr + 1, PMD_SIZE);
> continue;
> }
Reviewed-by: Ingo Molnar <mi...@kernel.org>
Thanks,
Ingo
