linux/arch/arm64
Mike Rapoport 260364d112 arm[64]/memremap: don't abuse pfn_valid() to ensure presence of linear map
The semantics of pfn_valid() is to check presence of the memory map for a
PFN and not whether a PFN is covered by the linear map.  The memory map
may be present for NOMAP memory regions, but they won't be mapped in the
linear mapping.  Accessing such regions via __va() when they are
memremap()'ed will cause a crash.

On v5.4.y the crash happens on qemu-arm with UEFI [1]:

<1>[    0.084476] 8<--- cut here ---
<1>[    0.084595] Unable to handle kernel paging request at virtual address dfb76000
<1>[    0.084938] pgd = (ptrval)
<1>[    0.085038] [dfb76000] *pgd=5f7fe801, *pte=00000000, *ppte=00000000

...

<4>[    0.093923] [<c0ed6ce8>] (memcpy) from [<c16a06f8>] (dmi_setup+0x60/0x418)
<4>[    0.094204] [<c16a06f8>] (dmi_setup) from [<c16a38d4>] (arm_dmi_init+0x8/0x10)
<4>[    0.094408] [<c16a38d4>] (arm_dmi_init) from [<c0302e9c>] (do_one_initcall+0x50/0x228)
<4>[    0.094619] [<c0302e9c>] (do_one_initcall) from [<c16011e4>] (kernel_init_freeable+0x15c/0x1f8)
<4>[    0.094841] [<c16011e4>] (kernel_init_freeable) from [<c0f028cc>] (kernel_init+0x8/0x10c)
<4>[    0.095057] [<c0f028cc>] (kernel_init) from [<c03010e8>] (ret_from_fork+0x14/0x2c)

On kernels v5.10.y and newer the same crash won't reproduce on ARM because
commit b10d6bca87 ("arch, drivers: replace for_each_membock() with
for_each_mem_range()") changed the way memory regions are registered in
the resource tree, but that merely covers up the problem.

On ARM64 memory resources registered in yet another way and there the
issue of wrong usage of pfn_valid() to ensure availability of the linear
map is also covered.

Implement arch_memremap_can_ram_remap() on ARM and ARM64 to prevent access
to NOMAP regions via the linear mapping in memremap().

Link: https://lore.kernel.org/all/Yl65zxGgFzF1Okac@sirena.org.uk
Link: https://lkml.kernel.org/r/20220426060107.7618-1-rppt@kernel.org
Signed-off-by: Mike Rapoport <rppt@linux.ibm.com>
Reported-by: "kernelci.org bot" <bot@kernelci.org>
Tested-by: Mark Brown <broonie@kernel.org>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Mark Brown <broonie@kernel.org>
Cc: Mark-PK Tsai <mark-pk.tsai@mediatek.com>
Cc: Russell King <linux@armlinux.org.uk>
Cc: Tony Lindgren <tony@atomide.com>
Cc: Will Deacon <will@kernel.org>
Cc: <stable@vger.kernel.org>	[5.4+]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
2022-05-09 17:34:28 -07:00
..
boot arm64: dts: qcom/sdm845-shift-axolotl: Fix boolean properties with values 2022-04-14 22:52:17 +02:00
configs ARM: DT updates for 5.18 2022-03-23 18:37:22 -07:00
crypto crypto: arm64 - cleanup comments 2022-03-09 15:12:32 +12:00
hyperv arm64: hyperv: Initialize hypervisor on boot 2021-08-04 16:54:36 +00:00
include arm[64]/memremap: don't abuse pfn_valid() to ensure presence of linear map 2022-05-09 17:34:28 -07:00
kernel arm64: Add part number for Arm Cortex-A78AE 2022-04-08 11:46:46 +01:00
kvm KVM: arm64: mixed-width check should be skipped for uninitialized vCPUs 2022-04-06 12:29:45 +01:00
lib Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2022-03-21 16:02:36 -07:00
mm arm[64]/memremap: don't abuse pfn_valid() to ensure presence of linear map 2022-05-09 17:34:28 -07:00
net kasan, arm64: don't tag executable vmalloc allocations 2022-03-24 19:06:48 -07:00
tools Merge branch 'for-next/spectre-bhb' into for-next/core 2022-03-14 19:08:31 +00:00
xen xen: allow pv-only hypercalls only with CONFIG_XEN_PV 2021-11-02 08:11:01 -05:00
Kbuild kbuild: use more subdir- for visiting subdirectories while cleaning 2021-10-24 13:49:46 +09:00
Kconfig arm64: fix typos in comments 2022-04-14 10:52:53 +01:00
Kconfig.debug arm64: remove TEXT_OFFSET randomization 2020-06-15 13:10:59 +01:00
Kconfig.platforms ARM: DT updates for 5.18 2022-03-23 18:37:22 -07:00
Makefile arm64/xor: use EOR3 instructions when available 2021-12-14 12:14:26 +00:00