On Tue, Jan 18, 2022 at 10:56 AM Matthew Wilcox <willy@xxxxxxxxxxxxx> wrote: > > On Tue, Jan 18, 2022 at 10:53:54AM -0800, Yury Norov wrote: > > vmap() takes struct page *pages as one of arguments, and user may provide > > an invalid pointer, which would lead to DABT at address translation later. > > Currently, kernel checks the pages against NULL. In my case, however, the > > address was not NULL, and was big enough so that the hardware generated > > Address Size Abort. > > > > Interestingly, this abort happens even if copy_from_kernel_nofault() is used, > > which is quite inconvenient for debugging purposes. > > > > This patch adds an arch_vmap_page_valid() helper into vmap() path, so that > > architectures may add arch-specific checks of the pointer passed into vmap. > > > > For arm64, if the page passed to vmap() corresponds to a physical address > > greater than maximum possible value as described in TCR_EL1.IPS register, the > > following table walk would generate Address Size Abort. Instead of creating > > the invalid mapping, kernel will return ERANGE in such situation. > > This seems like a very elaborate way of spelling: > > pfn_valid(page_to_pfn(page)); > > which doesn't require any architecture hook. No? Looks like yes. I'll resend later today if there are no other comments. Thank you for the hint.
