| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Z7YuE2rO5ikSeONy@arm.com>
Date: Wed, 19 Feb 2025 19:16:35 +0000
From: Catalin Marinas <catalin.marinas@....com>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: Naresh Kamboju <naresh.kamboju@...aro.org>, stable@...r.kernel.org,
patches@...ts.linux.dev, linux-kernel@...r.kernel.org,
torvalds@...ux-foundation.org, akpm@...ux-foundation.org,
linux@...ck-us.net, shuah@...nel.org, patches@...nelci.org,
lkft-triage@...ts.linaro.org, pavel@...x.de, jonathanh@...dia.com,
f.fainelli@...il.com, sudipm.mukherjee@...il.com,
srw@...dewatkins.net, rwarsow@....de, conor@...nel.org,
hargar@...rosoft.com, broonie@...nel.org,
Linux Crypto Mailing List <linux-crypto@...r.kernel.org>,
linux-fsdevel@...r.kernel.org, linux-mm <linux-mm@...ck.org>,
Anders Roxell <anders.roxell@...aro.org>,
Dan Carpenter <dan.carpenter@...aro.org>,
Arnd Bergmann <arnd@...db.de>,
Herbert Xu <herbert@...dor.apana.org.au>, willy@...radead.org,
Pankaj Raghav <p.raghav@...sung.com>,
Yang Shi <yang@...amperecomputing.com>,
David Hildenbrand <david@...hat.com>
Subject: Re: [PATCH 6.6 000/389] 6.6.76-rc2 review
On Wed, Feb 19, 2025 at 07:09:26PM +0100, Greg Kroah-Hartman wrote:
> On Wed, Feb 19, 2025 at 05:18:24PM +0000, Catalin Marinas wrote:
> > The problem is in the arm64 arch_calc_vm_flag_bits() as it returns
> > VM_MTE_ALLOWED for any MAP_ANONYMOUS ignoring MAP_HUGETLB (it's been
> > doing this since day 1 of MTE). The implementation does handle the
> > hugetlb file mmap() correctly but not the MAP_ANONYMOUS case.
> >
> > The fix would be something like below:
> >
> > -----------------8<--------------------------
> > diff --git a/arch/arm64/include/asm/mman.h b/arch/arm64/include/asm/mman.h
> > index 5966ee4a6154..8ff5d88c9f12 100644
> > --- a/arch/arm64/include/asm/mman.h
> > +++ b/arch/arm64/include/asm/mman.h
> > @@ -28,7 +28,8 @@ static inline unsigned long arch_calc_vm_flag_bits(unsigned long flags)
> > * backed by tags-capable memory. The vm_flags may be overridden by a
> > * filesystem supporting MTE (RAM-based).
> > */
> > - if (system_supports_mte() && (flags & MAP_ANONYMOUS))
> > + if (system_supports_mte() &&
> > + ((flags & MAP_ANONYMOUS) && !(flags & MAP_HUGETLB)))
> > return VM_MTE_ALLOWED;
> >
> > return 0;
> > -------------------8<-----------------------
> >
> > This fix won't make sense for mainline since it supports MAP_HUGETLB
> > already.
> >
> > Greg, are you ok with a stable-only fix as above or you'd rather see the
> > full 25c17c4b55de ("hugetlb: arm64: add mte support") backported?
>
> A stable-only fix for this is fine, thanks! Can you send it with a
> changelog and I'll queue it up. Does it also need to go to older
> kernels as well?
5.10, that's when we got MTE support in. There may be some slight
variations depending on how far 5baf8b037deb ("mm: refactor
arch_calc_vm_flag_bits() and arm64 MTE handling") got backported. This
goes together with deb0f6562884 ("mm/mmap: undo ->mmap() when
arch_validate_flags() fails"), so they may actually go all the way to
5.10.
I'll prepare the patches tomorrow, give them a try and send to stable.
Thanks.
--
Catalin
Powered by blists - more mailing lists