s390/mm: Do not map lowcore with identity mapping

[ Upstream commit 93f616ff870a1fb7e84d472cad0af651b18f9f87 ]

Since the identity mapping is pinned to address zero the lowcore is always
also mapped to address zero, this happens regardless of the relocate_lowcore
command line option. If the option is specified the lowcore is mapped
twice, instead of only once.

This means that NULL pointer accesses will succeed instead of causing an
exception (low address protection still applies, but covers only parts).
To fix this never map the first two pages of physical memory with the
identity mapping.

Fixes: 32db401965f1 ("s390/mm: Pin identity mapping base to zero")
Reviewed-by: Alexander Gordeev <agordeev@linux.ibm.com>
Signed-off-by: Heiko Carstens <hca@linux.ibm.com>
Signed-off-by: Alexander Gordeev <agordeev@linux.ibm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/arch/s390/boot/vmem.c b/arch/s390/boot/vmem.c
index 3fa28db2fe59f4e23b8a43fc2b95af94062eb447..14aee852402176d4814a80adeac2dd7690a08e18 100644 (file)
--- a/arch/s390/boot/vmem.c
+++ b/arch/s390/boot/vmem.c
@@ -471,6 +471,9 @@ void setup_vmem(unsigned long kernel_start, unsigned long kernel_end, unsigned l
                         lowcore_address + sizeof(struct lowcore),
                         POPULATE_LOWCORE);
        for_each_physmem_usable_range(i, &start, &end) {
+               /* Do not map lowcore with identity mapping */
+               if (!start)
+                       start = sizeof(struct lowcore);
                pgtable_populate((unsigned long)__identity_va(start),
                                 (unsigned long)__identity_va(end),
                                 POPULATE_IDENTITY);