| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 16 Nov 2017 19:47:18 +0800
From: kbuild test robot <fengguang.wu@...el.com>
To: Tony Luck <tony.luck@...el.com>
Cc: kbuild-all@...org, linux-kernel@...r.kernel.org,
tipbuild@...or.com, Thomas Gleixner <tglx@...utronix.de>,
Borislav Petkov <bp@...e.de>
Subject: [tip:x86/urgent 3/3] arch/x86//kernel/cpu/mcheck/mce.c:601:52: note:
in expansion of macro 'BIT'
tree: https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git x86/urgent
head: f1a041552c403949ab3c0902c1030c3a3d186ec1
commit: f1a041552c403949ab3c0902c1030c3a3d186ec1 [3/3] x86/mm, mm/hwpoison: Don't unconditionally unmap kernel 1: 1 pages
config: i386-randconfig-x001-201746 (attached as .config)
compiler: gcc-6 (Debian 6.4.0-9) 6.4.0 20171026
reproduce:
git checkout f1a041552c403949ab3c0902c1030c3a3d186ec1
# save the attached .config to linux build tree
make ARCH=i386
All warnings (new ones prefixed by >>):
In file included from include/linux/kernel.h:11:0,
from include/asm-generic/bug.h:16,
from arch/x86/include/asm/bug.h:82,
from include/linux/bug.h:5,
from include/linux/thread_info.h:12,
from arch/x86//kernel/cpu/mcheck/mce.c:13:
arch/x86//kernel/cpu/mcheck/mce.c: In function 'mce_unmap_kpfn':
include/linux/bitops.h:7:24: warning: left shift count >= width of type [-Wshift-count-overflow]
#define BIT(nr) (1UL << (nr))
^
>> arch/x86//kernel/cpu/mcheck/mce.c:601:52: note: in expansion of macro 'BIT'
decoy_addr = (pfn << PAGE_SHIFT) + (PAGE_OFFSET ^ BIT(63));
^~~
vim +/BIT +601 arch/x86//kernel/cpu/mcheck/mce.c
573
574 /*
575 * Unmap this page from the kernel 1:1 mappings to make sure we don't log
576 * more errors because of speculative access to the page.
577 *
578 * We would like to just call:
579 * set_memory_np((unsigned long)pfn_to_kaddr(pfn), 1);
580 *
581 * but doing that would radically increase the odds of a speculative access
582 * to the poison page because we'd have the virtual address of the kernel
583 * 1:1 mapping sitting around in registers.
584 * Instead we get tricky. We create a non-canonical address that looks
585 * just like the one we want, but has bit 63 flipped. This relies on
586 * set_memory_np() not checking whether we passed a legal address.
587 */
588 static void mce_unmap_kpfn(unsigned long pfn)
589 {
590 unsigned long decoy_addr;
591
592 /*
593 * Build time check to see if we have a spare virtual bit. Don't
594 * want to leave this until run time because most developers don't
595 * have a system that can exercise this code path. This will only
596 * become a problem if/when we move beyond 5-level page tables.
597 *
598 * Hard code "9" here because cpp doesn't grok ilog2(PTRS_PER_PGD)
599 */
600 #if PGDIR_SHIFT + 9 < 63
> 601 decoy_addr = (pfn << PAGE_SHIFT) + (PAGE_OFFSET ^ BIT(63));
602 #else
603 #error "No unused virtual bit available"
604 #endif
605
606 if (set_memory_np(decoy_addr, 1))
607 pr_warn("Could not invalidate pfn=0x%lx from 1:1 map\n", pfn);
608 }
609
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
Download attachment ".config.gz" of type "application/gzip" (28672 bytes)
Powered by blists - more mailing lists