From patchwork Sat Oct 22 07:28:48 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Greg KH X-Patchwork-Id: 7754 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4242:0:0:0:0:0 with SMTP id s2csp1114967wrr; Sat, 22 Oct 2022 02:09:02 -0700 (PDT) X-Google-Smtp-Source: AMsMyM4ZbrVz1ZboYMm8tKiXxbYV6wnziicpmu1QSr7s9kCrBhOEsw8aSaLv1sUnBDdArnUk4ExR X-Received: by 2002:a17:902:bd47:b0:17f:685b:27ee with SMTP id b7-20020a170902bd4700b0017f685b27eemr22589345plx.22.1666429742620; Sat, 22 Oct 2022 02:09:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666429742; cv=none; d=google.com; s=arc-20160816; b=gxHXWJFD2CY7GnhSVoz3bVXuHhnbaXnlKWGzfZtm7qppldCBBsYI4EaKK/tuGQltMd n2Dx+xHd/IXj3erLQ5jVkQ7VxgDvpgkIsscvHoSkYbXFuh7C10EjXeVroAeydQiaHX3n tRFBMrBr/SBNuKRajYkU3GZr8zLcD0So7ycD76tP+dGIY4/7yL7kPhx/7q/gTO2K3fiy ZccuV+nc09nvBEHLFqvx6Sk+7HN0rdSx/UEdbbeYNzCv/epjEgCUTYkhoxnUiSEovtTw Ay7aRH+dzIoQY6wY5YfPtxnPU9LsDm1TR4GwRYnbsFu8UoRdxSDGx7gwhOXBRAGuJ1fb eU0A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=ZYKs19NpNds32LIG5eISO4IzsDRW1ep9Llc5g9G0PkQ=; b=WitIVD10QRkPfvtkVLvbIz7kWJJBCSXrwCn9zPChVuKa+kwWzAAlniN4wG+UlWV48L WsQukudsY0qzrmrxP/ZxMblDA2+yXCnXp24w6w3pMRJrpFEfBEqAAuD19DrfK0/ZNyqZ VP3kFgmDRMEMZkWXkIExm/5iik2lyDlkUYY2NXXss2y1QCspVqqw14PWH70lxn7kV/OI X1T0iHi2UDsLOQr39ujfA0A+ausDHfe7hkoIuaje222dDKoWfzPzYY5KTv8OSQP2c64e T2eJYSP8PVTvpbEndFU8brJXtUUihxp1TaJlvTgtrDpvLLbuuvGw2HSQUqrN25Q5M/bl XI1A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=1TZmoSMg; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id cm4-20020a17090afa0400b00208606154f7si7338068pjb.117.2022.10.22.02.08.49; Sat, 22 Oct 2022 02:09:02 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=1TZmoSMg; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235048AbiJVI46 (ORCPT + 99 others); Sat, 22 Oct 2022 04:56:58 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43206 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230518AbiJVI4T (ORCPT ); Sat, 22 Oct 2022 04:56:19 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 745BB1F2FD; Sat, 22 Oct 2022 01:14:35 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 61B7E60B49; Sat, 22 Oct 2022 08:04:54 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 6F76BC433C1; Sat, 22 Oct 2022 08:04:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1666425893; bh=TvPV0O+Kmdv7gIYS3XYbXJAt0YZQk0UJbeoYiMjrHmI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=1TZmoSMgvPpNQEbxROGg+d88DmVkm459sgcEasXvu1uMTjz9cCPoW7CQp+FeXerp2 5/s9DtClFkia1QWgodDHupEjsUmUiN9+cf3xUmDVG5+57xLTlQiUwCYntFwF+rQQgz FUOAZCy25Q9pmW7j0BMNtUrvzOg5DzYChhj6NsN0= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Linus Walleij , Alexander Sverdlin , "Russell King (Oracle)" , Sasha Levin Subject: [PATCH 5.19 649/717] ARM: 9242/1: kasan: Only map modules if CONFIG_KASAN_VMALLOC=n Date: Sat, 22 Oct 2022 09:28:48 +0200 Message-Id: <20221022072527.144212718@linuxfoundation.org> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20221022072415.034382448@linuxfoundation.org> References: <20221022072415.034382448@linuxfoundation.org> User-Agent: quilt/0.67 MIME-Version: 1.0 X-Spam-Status: No, score=-7.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1747378233835765290?= X-GMAIL-MSGID: =?utf-8?q?1747378233835765290?= From: Alex Sverdlin [ Upstream commit 823f606ab6b4759a1faf0388abcf4fb0776710d2 ] In case CONFIG_KASAN_VMALLOC=y kasan_populate_vmalloc() allocates the shadow pages dynamically. But even worse is that kasan_release_vmalloc() releases them, which is not compatible with create_mapping() of MODULES_VADDR..MODULES_END range: BUG: Bad page state in process kworker/9:1 pfn:2068b page:e5e06160 refcount:0 mapcount:0 mapping:00000000 index:0x0 flags: 0x1000(reserved) raw: 00001000 e5e06164 e5e06164 00000000 00000000 00000000 ffffffff 00000000 page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set bad because of flags: 0x1000(reserved) Modules linked in: ip_tables CPU: 9 PID: 154 Comm: kworker/9:1 Not tainted 5.4.188-... #1 Hardware name: LSI Axxia AXM55XX Workqueue: events do_free_init unwind_backtrace show_stack dump_stack bad_page free_pcp_prepare free_unref_page kasan_depopulate_vmalloc_pte __apply_to_page_range apply_to_existing_page_range kasan_release_vmalloc __purge_vmap_area_lazy _vm_unmap_aliases.part.0 __vunmap do_free_init process_one_work worker_thread kthread Reviewed-by: Linus Walleij Signed-off-by: Alexander Sverdlin Signed-off-by: Russell King (Oracle) Signed-off-by: Sasha Levin --- arch/arm/mm/kasan_init.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/arch/arm/mm/kasan_init.c b/arch/arm/mm/kasan_init.c index 5ad0d6c56d56..29d7233e5ad2 100644 --- a/arch/arm/mm/kasan_init.c +++ b/arch/arm/mm/kasan_init.c @@ -264,12 +264,17 @@ void __init kasan_init(void) /* * 1. The module global variables are in MODULES_VADDR ~ MODULES_END, - * so we need to map this area. + * so we need to map this area if CONFIG_KASAN_VMALLOC=n. With + * VMALLOC support KASAN will manage this region dynamically, + * refer to kasan_populate_vmalloc() and ARM's implementation of + * module_alloc(). * 2. PKMAP_BASE ~ PKMAP_BASE+PMD_SIZE's shadow and MODULES_VADDR * ~ MODULES_END's shadow is in the same PMD_SIZE, so we can't * use kasan_populate_zero_shadow. */ - create_mapping((void *)MODULES_VADDR, (void *)(PKMAP_BASE + PMD_SIZE)); + if (!IS_ENABLED(CONFIG_KASAN_VMALLOC) && IS_ENABLED(CONFIG_MODULES)) + create_mapping((void *)MODULES_VADDR, (void *)(MODULES_END)); + create_mapping((void *)PKMAP_BASE, (void *)(PKMAP_BASE + PMD_SIZE)); /* * KAsan may reuse the contents of kasan_early_shadow_pte directly, so