lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20250813145607.1612234-1-chaitanyas.prakash@arm.com>
Date: Wed, 13 Aug 2025 20:26:05 +0530
From: Chaitanya S Prakash <chaitanyas.prakash@....com>
To: linux-arm-kernel@...ts.infradead.org,
	linux-mm@...ck.org,
	linux-kernel@...r.kernel.org
Cc: Chaitanya S Prakash <chaitanyas.prakash@....com>,
	Ryan Roberts <ryan.roberts@....com>,
	Yang Shi <yang@...amperecomputing.com>,
	Catalin Marinas <catalin.marinas@....com>,
	Will Deacon <will@...nel.org>,
	Kevin Brodsky <kevin.brodsky@....com>,
	Anshuman Khandual <anshuman.khandual@....com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Zhenhua Huang <quic_zhenhuah@...cinc.com>,
	Joey Gouly <joey.gouly@....com>
Subject: [PATCH 0/2] arm64/mm: prevent panic on -ENOMEM in arch_add_memory() 

arch_add_memory() acts as a means to hotplug memory into a system. It
invokes __create_pgd_mapping() which further unwinds to call
pgtable_alloc(). Initially, this path was only invoked during early boot
and therefore it made sense to BUG_ON() in case pgtable_alloc() failed.
Now however, we risk running into a kernel crash if we try to hotplug
memory into a system that is already extremely tight on available
memory. This is undesirable and hence __create_pgd_mapping() and it's
helpers are reworked to be able to propagate the error from
pgtable_alloc() allowing the system to fail gracefully.

Keeping in mind that it is still essential to BUG_ON() if
pgtable_alloc() encounters failure at the time of boot, a wrapper is
created around __create_pgd_mapping() which is designed to BUG_ON() if
it encounters a non-zero return value. This wrapper is then invoked from
the init functions instead of __create_pgd_mapping(), thereby keeping the
original functionality intact.

Lastly, create_kpti_ng_temp_pgd() which originally acted as an alias for
the void returning __create_pgd_mapping_locked() has now been updated
accordingly to handle the return value and BUG_ON() if needed.

This theoretical bug was identified by Ryan Roberts<ryan.roberts@....com>
as a part of code review of the following series[1].

[1] https://lore.kernel.org/linux-arm-kernel/20250304222018.615808-4-yang@os.amperecomputing.com/

Cc: Ryan Roberts <ryan.roberts@....com>
Cc: Yang Shi <yang@...amperecomputing.com>
Cc: Catalin Marinas <catalin.marinas@....com>
Cc: Will Deacon <will@...nel.org>
Cc: Kevin Brodsky <kevin.brodsky@....com> 
Cc: Anshuman Khandual <anshuman.khandual@....com>
Cc: Andrew Morton <akpm@...ux-foundation.org>
Cc: Zhenhua Huang <quic_zhenhuah@...cinc.com>
Cc: Joey Gouly <joey.gouly@....com>
Cc: Chaitanya S Prakash <chaitanyas.prakash@....com>
Cc: linux-arm-kernel@...ts.infradead.org 
Cc: linux-kernel@...r.kernel.org

Chaitanya S Prakash (2):
  arm64/mm: Allow __create_pgd_mapping() to propagate pgtable_alloc()
    errors
  arm64/mm: Update create_kpti_ng_temp_pgd() to handle pgtable_alloc
    failure

 arch/arm64/mm/mmu.c | 174 +++++++++++++++++++++++++++++++++-----------
 1 file changed, 133 insertions(+), 41 deletions(-)

-- 
2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ