On Wed, Oct 06, 2021 at 01:42:26PM +0100, Matthew Wilcox (Oracle) wrote:
> Move the compound page overrun detection out of
> CONFIG_HARDENED_USERCOPY_PAGESPAN so it's enabled for more people.
>
> Signed-off-by: Matthew Wilcox (Oracle) <willy@xxxxxxxxxxxxx>
> Acked-by: Kees Cook <keescook@xxxxxxxxxxxx>
> ---
> mm/usercopy.c | 10 +++++-----
> 1 file changed, 5 insertions(+), 5 deletions(-)
>
> diff --git a/mm/usercopy.c b/mm/usercopy.c
> index 63476e1506e0..b825c4344917 100644
> --- a/mm/usercopy.c
> +++ b/mm/usercopy.c
> @@ -194,11 +194,6 @@ static inline void check_page_span(const void *ptr, unsigned long n,
> ((unsigned long)end & (unsigned long)PAGE_MASK)))
> return;
>
> - /* Allow if fully inside the same compound (__GFP_COMP) page. */
> - endpage = virt_to_head_page(end);
> - if (likely(endpage == page))
> - return;
> -
> /*
> * Reject if range is entirely either Reserved (i.e. special or
> * device memory), or CMA. Otherwise, reject since the object spans
Needs an extra hunk to avoid a warning with that config:
@@ -163,7 +163,6 @@ static inline void check_page_span(const void *ptr, unsigned long n,
{
#ifdef CONFIG_HARDENED_USERCOPY_PAGESPAN
const void *end = ptr + n - 1;
- struct page *endpage;
bool is_reserved, is_cma;
/*
I'll wait a few days and send a v3.
