• Craig Bergstrom's avatar
    x86/mm: Limit mmap() of /dev/mem to valid physical addresses · ce56a86e
    Craig Bergstrom authored
    Currently, it is possible to mmap() any offset from /dev/mem.  If a
    program mmaps() /dev/mem offsets outside of the addressable limits
    of a system, the page table can be corrupted by setting reserved bits.
    
    For example if you mmap() offset 0x0001000000000000 of /dev/mem on an
    x86_64 system with a 48-bit bus, the page fault handler will be called
    with error_code set to RSVD.  The kernel then crashes with a page table
    corruption error.
    
    This change prevents this page table corruption on x86 by refusing
    to mmap offsets higher than the highest valid address in the system.
    Signed-off-by: default avatarCraig Bergstrom <craigb@google.com>
    Cc: Andrew Morton <akpm@linux-foundation.org>
    Cc: Andy Lutomirski <luto@kernel.org>
    Cc: Borislav Petkov <bp@alien8.de>
    Cc: Brian Gerst <brgerst@gmail.com>
    Cc: Denys Vlasenko <dvlasenk@redhat.com>
    Cc: H. Peter Anvin <hpa@zytor.com>
    Cc: Josh Poimboeuf <jpoimboe@redhat.com>
    Cc: Linus Torvalds <torvalds@linux-foundation.org>
    Cc: Luis R. Rodriguez <mcgrof@suse.com>
    Cc: Peter Zijlstra <peterz@infradead.org>
    Cc: Thomas Gleixner <tglx@linutronix.de>
    Cc: Toshi Kani <toshi.kani@hp.com>
    Cc: dsafonov@virtuozzo.com
    Cc: kirill.shutemov@linux.intel.com
    Cc: mhocko@suse.com
    Cc: oleg@redhat.com
    Link: http://lkml.kernel.org/r/20171019192856.39672-1-craigb@google.comSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
    ce56a86e
Name
Last commit
Last update
Documentation Loading commit data...
arch Loading commit data...
block Loading commit data...
certs Loading commit data...
crypto Loading commit data...
drivers Loading commit data...
firmware Loading commit data...
fs Loading commit data...
include Loading commit data...
init Loading commit data...
ipc Loading commit data...
kernel Loading commit data...
lib Loading commit data...
mm Loading commit data...
net Loading commit data...
samples Loading commit data...
scripts Loading commit data...
security Loading commit data...
sound Loading commit data...
tools Loading commit data...
usr Loading commit data...
virt Loading commit data...
.cocciconfig Loading commit data...
.get_maintainer.ignore Loading commit data...
.gitattributes Loading commit data...
.gitignore Loading commit data...
.mailmap Loading commit data...
COPYING Loading commit data...
CREDITS Loading commit data...
Kbuild Loading commit data...
Kconfig Loading commit data...
MAINTAINERS Loading commit data...
Makefile Loading commit data...
README Loading commit data...