RE: [PATCH v2] x86: Allow user accesses to the base of the guard page

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

CC stable.

This needs picking up for 6.12

Head commit 573f45a9f9a47 applied by Linus with a modified commit message.

	David

> -----Original Message-----
> From: David Laight
> Sent: 24 November 2024 15:39
> To: 'Linus Torvalds' <torvalds@xxxxxxxxxxxxxxxxxxxx>; 'Andrew Cooper' <andrew.cooper3@xxxxxxxxxx>;
> 'bp@xxxxxxxxx' <bp@xxxxxxxxx>; 'Josh Poimboeuf' <jpoimboe@xxxxxxxxxx>
> Cc: 'x86@xxxxxxxxxx' <x86@xxxxxxxxxx>; 'linux-kernel@xxxxxxxxxxxxxxx' <linux-kernel@xxxxxxxxxxxxxxx>;
> 'Arnd Bergmann' <arnd@xxxxxxxxxx>; 'Mikel Rychliski' <mikel@xxxxxxxxxx>; 'Thomas Gleixner'
> <tglx@xxxxxxxxxxxxx>; 'Ingo Molnar' <mingo@xxxxxxxxxx>; 'Borislav Petkov' <bp@xxxxxxxxx>; 'Dave
> Hansen' <dave.hansen@xxxxxxxxxxxxxxx>; 'H. Peter Anvin' <hpa@xxxxxxxxx>
> Subject: [PATCH v2] x86: Allow user accesses to the base of the guard page
> 
> __access_ok() calls valid_user_address() with the address after
> the last byte of the user buffer.
> It is valid for a buffer to end with the last valid user address
> so valid_user_address() must allow accesses to the base of the
> guard page.
> 
> Fixes: 86e6b1547b3d0 ("x86: fix user address masking non-canonical speculation issue")
> Signed-off-by: David Laight <david.laight@xxxxxxxxxx>
> ---
> 
> v2: Rewritten commit message.
> 
>  arch/x86/kernel/cpu/common.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
> index 06a516f6795b..ca327cfa42ae 100644
> --- a/arch/x86/kernel/cpu/common.c
> +++ b/arch/x86/kernel/cpu/common.c
> @@ -2389,12 +2389,12 @@ void __init arch_cpu_finalize_init(void)
>  	alternative_instructions();
> 
>  	if (IS_ENABLED(CONFIG_X86_64)) {
> -		unsigned long USER_PTR_MAX = TASK_SIZE_MAX-1;
> +		unsigned long USER_PTR_MAX = TASK_SIZE_MAX;
> 
>  		/*
>  		 * Enable this when LAM is gated on LASS support
>  		if (cpu_feature_enabled(X86_FEATURE_LAM))
> -			USER_PTR_MAX = (1ul << 63) - PAGE_SIZE - 1;
> +			USER_PTR_MAX = (1ul << 63) - PAGE_SIZE;
>  		 */
>  		runtime_const_init(ptr, USER_PTR_MAX);
> 
> --
> 2.17.1

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux