From patchwork Fri Feb 12 14:57:26 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 61867 Delivered-To: patch@linaro.org Received: by 10.112.43.199 with SMTP id y7csp873334lbl; Fri, 12 Feb 2016 06:59:53 -0800 (PST) X-Received: by 10.98.64.4 with SMTP id n4mr2795778pfa.58.1455289193518; Fri, 12 Feb 2016 06:59:53 -0800 (PST) Return-Path: Received: from bombadil.infradead.org (bombadil.infradead.org. [2001:1868:205::9]) by mx.google.com with ESMTPS id vb6si20434818pac.158.2016.02.12.06.59.53 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 12 Feb 2016 06:59:53 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org designates 2001:1868:205::9 as permitted sender) client-ip=2001:1868:205::9; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org designates 2001:1868:205::9 as permitted sender) smtp.mailfrom=linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org; dkim=neutral (body hash did not verify) header.i=@linaro.org Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux)) id 1aUFBR-0003PU-J5; Fri, 12 Feb 2016 14:58:57 +0000 Received: from mail-wm0-x232.google.com ([2a00:1450:400c:c09::232]) by bombadil.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat Linux)) id 1aUFAb-0002tG-7v for linux-arm-kernel@lists.infradead.org; Fri, 12 Feb 2016 14:58:07 +0000 Received: by mail-wm0-x232.google.com with SMTP id p63so24312111wmp.1 for ; Fri, 12 Feb 2016 06:57:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=27TV2Pg1sAFwhiybOpZOpeaFRqMIpRMg3cTzr/irrEI=; b=dRMMpZ17rW9fxVxDRaPzyrMM9QIvZWxRrn/84pIrTMFCCuBZryCvWUjllUWyeDh+De T5aKy7o9fHivG6llBVlxl4jolsVJSngoT8ckjBdNXL/2I/WoDYEIPshYLNZaD+F3JhQl rYZ7K2R87d/XR3Zmy2qBvbEOxGjGVF7EblsxM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=27TV2Pg1sAFwhiybOpZOpeaFRqMIpRMg3cTzr/irrEI=; b=kB3h81GtARSKPFAijTazTKKi4yBLFEESbiRMMU6QilDkT+VjIVwXtZtNSTgF8yDssk 2+GPVJ7VT8t9dPH/g6IG6L63Nl32v0WMZV16QbngsnL2wqO3oAuQGWlsaJlqa+a1cEyB 3oMZIVAzmDxBv4ZGnBzaTO7itisR2p/E+lfyRCdN12K+uZiqoKzmrnTIPU6251aaZ8ak 9y5jgbjJOIySms8RB2P/kM9w3WoMUibaGiih+M1NkJSrEqNNWCiL3l0Y6wd8oOearkaE qAIAjxH5WQ4YAP78P1wvpNtzn2L5cvlD3Rh/X/RfkJeto9cbj6hp0qFRcXyan3hDQfzD L+lQ== X-Gm-Message-State: AG10YOR9N54isZHJGx7JZWdJQbzJJcaiUJiqdF+ACIE+i2Ng0hbziGmnSM3mFSVosrQdqAwR X-Received: by 10.194.203.5 with SMTP id km5mr2427679wjc.172.1455289063547; Fri, 12 Feb 2016 06:57:43 -0800 (PST) Received: from localhost.localdomain ([195.55.142.58]) by smtp.gmail.com with ESMTPSA id e9sm12412008wja.25.2016.02.12.06.57.41 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 12 Feb 2016 06:57:42 -0800 (PST) From: Ard Biesheuvel To: linux-arm-kernel@lists.infradead.org, catalin.marinas@arm.com, will.deacon@arm.com, mark.rutland@arm.com, arnd@arndb.de Subject: [PATCH v3 4/4] arm64: prevent __va() translations before memstart_addr is assigned Date: Fri, 12 Feb 2016 15:57:26 +0100 Message-Id: <1455289046-21321-5-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.5.0 In-Reply-To: <1455289046-21321-1-git-send-email-ard.biesheuvel@linaro.org> References: <1455289046-21321-1-git-send-email-ard.biesheuvel@linaro.org> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20160212_065805_688440_45207A66 X-CRM114-Status: GOOD ( 13.18 ) X-Spam-Score: -2.7 (--) X-Spam-Report: SpamAssassin version 3.4.0 on bombadil.infradead.org summary: Content analysis details: (-2.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low trust [2a00:1450:400c:c09:0:0:0:232 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: dave.martin@arm.com, Ard Biesheuvel MIME-Version: 1.0 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org Since memstart_addr is assigned relatively late in the boot code, after generic code like DT parsing and memblock manipulation has already occurred, we need to ensure that no __va() translation occur until memstart_addr has been set to a meaningful value. So initialize memstart_addr to a value that cannot represent a valid physical address, and BUG() if memstart_addr is referenced while it still holds this value. Note that the > comparison against LLONG_MAX (not ULLONG_MAX) resolves to a single tbnz instruction that performs a conditional jump to a brk instruction that is emitted out of line. Signed-off-by: Ard Biesheuvel --- arch/arm64/include/asm/memory.h | 4 +++- arch/arm64/mm/init.c | 8 +++++++- 2 files changed, 10 insertions(+), 2 deletions(-) -- 2.5.0 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel diff --git a/arch/arm64/include/asm/memory.h b/arch/arm64/include/asm/memory.h index c900883a3119..ae398919fb5f 100644 --- a/arch/arm64/include/asm/memory.h +++ b/arch/arm64/include/asm/memory.h @@ -24,6 +24,7 @@ #include #include #include +#include #include /* @@ -133,7 +134,8 @@ extern phys_addr_t memstart_addr; /* PHYS_OFFSET - the physical address of the start of memory. */ -#define PHYS_OFFSET ({ memstart_addr; }) +#define PHYS_OFFSET \ + ({ BUG_ON(memstart_addr > LLONG_MAX); memstart_addr; }) /* the virtual base of the kernel image (minus TEXT_OFFSET) */ extern u64 kimage_vaddr; diff --git a/arch/arm64/mm/init.c b/arch/arm64/mm/init.c index ed85778b32e5..023c41f22b5b 100644 --- a/arch/arm64/mm/init.c +++ b/arch/arm64/mm/init.c @@ -48,7 +48,13 @@ #include "mm.h" -phys_addr_t memstart_addr __read_mostly = 0; +/* + * We need to be able to catch inadvertent references to memstart_addr + * that occur (potentially in generic code) before arm64_memblock_init() + * executes, which assigns it its actual value. So use a default value + * that cannot be mistaken for a real physical address. + */ +phys_addr_t memstart_addr __read_mostly = ULLONG_MAX; phys_addr_t arm64_dma_phys_limit __read_mostly; #ifdef CONFIG_BLK_DEV_INITRD