| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 21 Jul 2021 15:48:10 -0400
From: Jeff Moyer <jmoyer@...hat.com>
To: dan.j.williams@...el.com
Cc: Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>,
"H. Peter Anvin" <hpa@...or.com>, Tony Luck <tony.luck@...el.com>,
Borislav Petkov <bp@...en8.de>, <linux-edac@...r.kernel.org>,
<x86@...nel.org>, linux-kernel@...r.kernel.org, linux-mm@...ck.org
Subject: [patch] x86/pat: pass correct address to sanitize_phys
memtype_reserve takes an address range of the form [start, end). It
then passes the start and end addresses to sanitize_phys, which is meant
to operate on the inclusive addresses. If end falls at the end of the
physical address space, sanitize_phys will return 0. This can result in
drivers failing to load:
[ 10.000087] mpt3sas_cm0: unable to map adapter memory! or resource not found
[ 10.000334] mpt3sas_cm0: failure at drivers/scsi/mpt3sas/mpt3sas_scsih.c:10597/_scsih_probe()!
Fix this by passing the inclusive end address to sanitize_phys.
Fixes: 510ee090abc3 ("x86/mm/pat: Prepare {reserve, free}_memtype() for "decoy" addresses")
Signed-off-by: Jeff Moyer <jmoyer@...hat.com>
--
It might be worth adding a comment, here. If there are any suggestions
on what a sane wording would be, I'm all ears.
diff --git a/arch/x86/mm/pat/memtype.c b/arch/x86/mm/pat/memtype.c
index 3112ca7786ed..482557905294 100644
--- a/arch/x86/mm/pat/memtype.c
+++ b/arch/x86/mm/pat/memtype.c
@@ -583,7 +583,7 @@ int memtype_reserve(u64 start, u64 end, enum page_cache_mode req_type,
int err = 0;
start = sanitize_phys(start);
- end = sanitize_phys(end);
+ end = sanitize_phys(end - 1) + 1;
if (start >= end) {
WARN(1, "%s failed: [mem %#010Lx-%#010Lx], req %s\n", __func__,
start, end - 1, cattr_name(req_type));
Powered by blists - more mailing lists