]> git.ipfire.org Git - thirdparty/kernel/stable.git/commitdiff
projects / thirdparty / kernel / stable.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a386b73)
powerpc/8xx: Fix kernel vs user address comparison
authorChristophe Leroy <christophe.leroy@csgroup.eu>
Tue, 20 Aug 2024 17:23:46 +0000 (19:23 +0200)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 4 Oct 2024 14:32:45 +0000 (16:32 +0200)
[ Upstream commit 65a82e117ffeeab0baf6f871a1cab11a28ace183 ]

Since commit 9132a2e82adc ("powerpc/8xx: Define a MODULE area below
kernel text"), module exec space is below PAGE_OFFSET so not only
space above PAGE_OFFSET, but space above TASK_SIZE need to be seen
as kernel space.

Until now the problem went undetected because by default TASK_SIZE
is 0x8000000 which means address space is determined by just
checking upper address bit. But when TASK_SIZE is over 0x80000000,
PAGE_OFFSET is used for comparison, leading to thinking module
addresses are part of user space.

Fix it by using TASK_SIZE instead of PAGE_OFFSET for address
comparison.

Fixes: 9132a2e82adc ("powerpc/8xx: Define a MODULE area below kernel text")
Signed-off-by: Christophe Leroy <christophe.leroy@csgroup.eu>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://msgid.link/3f574c9845ff0a023b46cb4f38d2c45aecd769bd.1724173828.git.christophe.leroy@csgroup.eu
Signed-off-by: Sasha Levin <sashal@kernel.org>
arch/powerpc/kernel/head_8xx.S patch | blob | blame | history

diff --git a/arch/powerpc/kernel/head_8xx.S b/arch/powerpc/kernel/head_8xx.S
index edc479a7c2bce366906e821a8c7a23596dc9509b..0bd317b5647526f87f23cba126d001e2ed0e158c 100644 (file)
--- a/arch/powerpc/kernel/head_8xx.S
+++ b/arch/powerpc/kernel/head_8xx.S
@@ -41,12 +41,12 @@
 #include "head_32.h"
 
 .macro compare_to_kernel_boundary scratch, addr
-#if CONFIG_TASK_SIZE <= 0x80000000 && CONFIG_PAGE_OFFSET >= 0x80000000
+#if CONFIG_TASK_SIZE <= 0x80000000 && MODULES_VADDR >= 0x80000000
 /* By simply checking Address >= 0x80000000, we know if its a kernel address */
        not.    \scratch, \addr
 #else
        rlwinm  \scratch, \addr, 16, 0xfff8
-       cmpli   cr0, \scratch, PAGE_OFFSET@h
+       cmpli   cr0, \scratch, TASK_SIZE@h
 #endif
 .endm
 
@@ -404,7 +404,7 @@ FixupDAR:/* Entry point for dcbx workaround. */
        mfspr   r10, SPRN_SRR0
        mtspr   SPRN_MD_EPN, r10
        rlwinm  r11, r10, 16, 0xfff8
-       cmpli   cr1, r11, PAGE_OFFSET@h
+       cmpli   cr1, r11, TASK_SIZE@h
        mfspr   r11, SPRN_M_TWB /* Get level 1 table */
        blt+    cr1, 3f
 
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git