Fixes for 4.14

Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/queue-4.14/arm64-hugetlb-avoid-potential-null-dereference.patch b/queue-4.14/arm64-hugetlb-avoid-potential-null-dereference.patch
new file mode 100644 (file)
index 0000000..9c32505
--- /dev/null
+++ b/queue-4.14/arm64-hugetlb-avoid-potential-null-dereference.patch
@@ -0,0 +1,60 @@
+From a9ec0962c069fccbcfb6258b1d0b677e98c58084 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Tue, 5 May 2020 13:59:30 +0100
+Subject: arm64: hugetlb: avoid potential NULL dereference
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Mark Rutland <mark.rutland@arm.com>
+
+[ Upstream commit 027d0c7101f50cf03aeea9eebf484afd4920c8d3 ]
+
+The static analyzer in GCC 10 spotted that in huge_pte_alloc() we may
+pass a NULL pmdp into pte_alloc_map() when pmd_alloc() returns NULL:
+
+|   CC      arch/arm64/mm/pageattr.o
+|   CC      arch/arm64/mm/hugetlbpage.o
+|                  from arch/arm64/mm/hugetlbpage.c:10:
+| arch/arm64/mm/hugetlbpage.c: In function ‘huge_pte_alloc’:
+| ./arch/arm64/include/asm/pgtable-types.h:28:24: warning: dereference of NULL ‘pmdp’ [CWE-690] [-Wanalyzer-null-dereference]
+| ./arch/arm64/include/asm/pgtable.h:436:26: note: in expansion of macro ‘pmd_val’
+| arch/arm64/mm/hugetlbpage.c:242:10: note: in expansion of macro ‘pte_alloc_map’
+|     |arch/arm64/mm/hugetlbpage.c:232:10:
+|     |./arch/arm64/include/asm/pgtable-types.h:28:24:
+| ./arch/arm64/include/asm/pgtable.h:436:26: note: in expansion of macro ‘pmd_val’
+| arch/arm64/mm/hugetlbpage.c:242:10: note: in expansion of macro ‘pte_alloc_map’
+
+This can only occur when the kernel cannot allocate a page, and so is
+unlikely to happen in practice before other systems start failing.
+
+We can avoid this by bailing out if pmd_alloc() fails, as we do earlier
+in the function if pud_alloc() fails.
+
+Fixes: 66b3923a1a0f ("arm64: hugetlb: add support for PTE contiguous bit")
+Signed-off-by: Mark Rutland <mark.rutland@arm.com>
+Reported-by: Kyrill Tkachov <kyrylo.tkachov@arm.com>
+Cc: <stable@vger.kernel.org> # 4.5.x-
+Cc: Will Deacon <will@kernel.org>
+Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ arch/arm64/mm/hugetlbpage.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/arch/arm64/mm/hugetlbpage.c b/arch/arm64/mm/hugetlbpage.c
+index 9f6ae9686dac6..74e03af04548b 100644
+--- a/arch/arm64/mm/hugetlbpage.c
++++ b/arch/arm64/mm/hugetlbpage.c
+@@ -220,6 +220,8 @@ pte_t *huge_pte_alloc(struct mm_struct *mm,
+               pte = (pte_t *)pud;
+       } else if (sz == (PAGE_SIZE * CONT_PTES)) {
+               pmd_t *pmd = pmd_alloc(mm, pud, addr);
++              if (!pmdp)
++                      return NULL;
+ 
+               WARN_ON(addr & (sz - 1));
+               /*
+-- 
+2.20.1
+

diff --git a/queue-4.14/series b/queue-4.14/series
index 4e011b5550a77ec50c77492ede5d7b0e9e4e901d..c52efd92573f75e04d5f9228ab66d03e00ee6b88 100644 (file)
--- a/queue-4.14/series
+++ b/queue-4.14/series
@@ -34,3 +34,4 @@ x86-unwind-orc-fix-error-path-for-bad-orc-entry-type.patch
 netfilter-nat-never-update-the-udp-checksum-when-it-s-0.patch
 objtool-fix-stack-offset-tracking-for-indirect-cfas.patch
 scripts-decodecode-fix-trapping-instruction-formatting.patch
+arm64-hugetlb-avoid-potential-null-dereference.patch