public-mirrors/linux
1
0
Fork 0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-11-15 11:08:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
linux/arch/x86/kernel
History
Reinette Chatre 49e00eee00 x86/intel_rdt: Fix out-of-bounds memory access in CBM tests 
While the DOC at the beginning of lib/bitmap.c explicitly states that
"The number of valid bits in a given bitmap does _not_ need to be an
exact multiple of BITS_PER_LONG.", some of the bitmap operations do
indeed access BITS_PER_LONG portions of the provided bitmap no matter
the size of the provided bitmap. For example, if bitmap_intersects()
is provided with an 8 bit bitmap the operation will access
BITS_PER_LONG bits from the provided bitmap. While the operation
ensures that these extra bits do not affect the result, the memory
is still accessed.

The capacity bitmasks (CBMs) are typically stored in u32 since they
can never exceed 32 bits. A few instances exist where a bitmap_*
operation is performed on a CBM by simply pointing the bitmap operation
to the stored u32 value.

The consequence of this pattern is that some bitmap_* operations will
access out-of-bounds memory when interacting with the provided CBM. This
is confirmed with a KASAN test that reports:

 BUG: KASAN: stack-out-of-bounds in __bitmap_intersects+0xa2/0x100

and

 BUG: KASAN: stack-out-of-bounds in __bitmap_weight+0x58/0x90

Fix this by moving any CBM provided to a bitmap operation needing
BITS_PER_LONG to an 'unsigned long' variable.

[ tglx: Changed related function arguments to unsigned long and got rid
	of the _cbm extra step ]

Fixes: 72d5050566 ("x86/intel_rdt: Add utilities to test pseudo-locked region possibility")
Fixes: 49f7b4efa1 ("x86/intel_rdt: Enable setting of exclusive mode")
Fixes: d9b48c86eb ("x86/intel_rdt: Display resource groups' allocations' size in bytes")
Fixes: 95f0b77efa ("x86/intel_rdt: Initialize new resource group with sane defaults")
Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: fenghua.yu@intel.com
Cc: tony.luck@intel.com
Cc: gavin.hindman@intel.com
Cc: jithu.joseph@intel.com
Cc: dave.hansen@intel.com
Cc: hpa@zytor.com
Link: https://lkml.kernel.org/r/69a428613a53f10e80594679ac726246020ff94f.1538686926.git.reinette.chatre@intel.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2018-10-09 08:02:15 +02:00
..
acpi x86/ACPI/cstate: Make APCI C1 FFH MWAIT C-state description vendor-neutral 2018-08-15 00:19:38 +02:00
apic x86/apic/vector: Make error return value negative 2018-09-08 12:12:40 +02:00
cpu x86/intel_rdt: Fix out-of-bounds memory access in CBM tests 2018-10-09 08:02:15 +02:00
fpu x86: Don't include linux/irq.h from asm/hardirq.h 2018-08-05 09:53:13 +02:00
kprobes kprobes/x86: Fix %p uses in error messages 2018-06-21 17:33:42 +02:00
.gitignore
alternative.c x86/alternatives: Lockdep-enforce text_mutex in text_poke*() 2018-08-30 13:02:30 +02:00
amd_gart_64.c x86/dma/amd_gart: Use dma_direct_{alloc,free}() 2018-03-20 10:01:57 +01:00
amd_nb.c x86/amd_nb: Add support for Raven Ridge CPUs 2018-05-13 09:00:27 -07:00
apb_timer.c
aperture_64.c
apm_32.c x86/APM: Fix build warning when PROC_FS is not enabled 2018-09-15 10:16:25 +02:00
asm-offsets.c x86/entry/32: Enter the kernel via trampoline stack 2018-07-20 01:11:37 +02:00
asm-offsets_32.c x86/entry/32: Load task stack from x86_tss.sp1 in SYSENTER handler 2018-07-20 01:11:36 +02:00
asm-offsets_64.c x86/asm-offsets: Move TSS_sp0 and TSS_sp1 to asm-offsets.c 2018-07-20 01:11:35 +02:00
audit_64.c
bootflag.c
check.c
cpuid.c x86/cpuid: Allow cpuid_read() to schedule 2018-03-27 12:01:48 +02:00
crash.c kexec_file, x86: move re-factored code to generic side 2018-04-13 17:10:27 -07:00
crash_dump_32.c
crash_dump_64.c
devicetree.c Merge branch 'x86-platform-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-04-02 16:15:32 -07:00
doublefault.c
dumpstack.c x86/process: Don't mix user/kernel regs in 64bit __show_regs() 2018-09-06 14:33:12 +02:00
dumpstack_32.c x86/dumpstack: Unify show_regs() 2018-03-08 12:04:59 +01:00
dumpstack_64.c x86/dumpstack: Unify show_regs() 2018-03-08 12:04:59 +01:00
e820.c x86/e820: put !E820_TYPE_RAM regions into memblock.reserved 2018-06-28 11:16:44 -07:00
early-quirks.c On GEM side: 2018-07-20 12:29:24 +10:00
early_printk.c
ebda.c
eisa.c x86/EISA: Don't probe EISA bus for Xen PV guests 2018-09-11 23:36:50 +02:00
espfix_64.c x86/espfix: Document use of _PAGE_GLOBAL 2018-04-09 18:27:33 +02:00
ftrace.c
ftrace_32.S
ftrace_64.S
head32.c
head64.c x86/mm: Expand static page table for fixmap space 2018-09-20 23:17:22 +02:00
head_32.S x86/pgtable/32: Allocate 8k page-tables when PTI is enabled 2018-07-20 01:11:41 +02:00
head_64.S x86/mm: Expand static page table for fixmap space 2018-09-20 23:17:22 +02:00
hpet.c x86: Don't include linux/irq.h from asm/hardirq.h 2018-08-05 09:53:13 +02:00
hw_breakpoint.c perf/arch/x86: Implement hw_breakpoint_arch_parse() 2018-06-26 09:07:55 +02:00
i8237.c x86/i8237: Register device based on FADT legacy boot flag 2018-04-27 16:44:29 +02:00
i8253.c
i8259.c x86: Don't include linux/irq.h from asm/hardirq.h 2018-08-05 09:53:13 +02:00
idt.c x86: Don't include linux/irq.h from asm/hardirq.h 2018-08-05 09:53:13 +02:00
io_delay.c
ioport.c x86/ioport: add ksys_ioperm() helper; remove in-kernel calls to sys_ioperm() 2018-04-02 20:16:12 +02:00
irq.c x86: Don't include linux/irq.h from asm/hardirq.h 2018-08-05 09:53:13 +02:00
irq_32.c x86: Don't include linux/irq.h from asm/hardirq.h 2018-08-05 09:53:13 +02:00
irq_64.c x86: Don't include linux/irq.h from asm/hardirq.h 2018-08-05 09:53:13 +02:00
irq_work.c
irqflags.S x86/paravirt: Make native_save_fl() extern inline 2018-07-03 10:56:27 +02:00
irqinit.c x86: Don't include linux/irq.h from asm/hardirq.h 2018-08-05 09:53:13 +02:00
itmt.c
jailhouse.c x86: Convert x86_platform_ops to timespec64 2018-05-19 14:03:14 +02:00
jump_label.c x86/alternatives, jumplabel: Use text_poke_early() before mm_init() 2018-07-20 00:02:38 +02:00
kdebugfs.c
kexec-bzimage64.c Fix kexec forbidding kernels signed with keys in the secondary keyring to boot 2018-08-16 09:57:20 -07:00
kgdb.c
ksysfs.c treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
kvm.c x86/mm: Only use tlb_remove_table() for paravirt 2018-08-23 11:56:31 -07:00
kvmclock.c x86/kvm: Use __bss_decrypted attribute in shared variables 2018-09-15 20:48:46 +02:00
ldt.c x86/ldt: Enable LDT user-mapping for PAE 2018-07-20 01:11:48 +02:00
livepatch.c
machine_kexec_32.c x86/kexec: Allocate 8k PGDs for PTI 2018-07-30 13:53:48 +02:00
machine_kexec_64.c x86/mm: Stop pretending pgtable_l5_enabled is a variable 2018-05-19 11:56:57 +02:00
Makefile x86/paravirt: Make native_save_fl() extern inline 2018-07-03 10:56:27 +02:00
mmconf-fam10h_64.c
module.c x86: Treat R_X86_64_PLT32 as R_X86_64_PC32 2018-02-22 09:01:10 -08:00
mpparse.c Merge branch 'x86-pti-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-02-14 17:02:15 -08:00
msr.c
nmi.c
nmi_selftest.c
paravirt-spinlocks.c
paravirt.c x86/paravirt: Fix some warning messages 2018-09-19 13:22:04 +02:00
paravirt_patch_32.c
paravirt_patch_64.c x86/asm/64: Use 32-bit XOR to zero registers 2018-07-03 09:59:29 +02:00
pci-calgary_64.c x86/dma: Remove dma_alloc_coherent_gfp_flags() 2018-03-20 10:01:58 +01:00
pci-dma.c IOMMU Update for Linux v4.19 2018-08-24 13:10:38 -07:00
pci-iommu_table.c x86/iommu: Use NULL instead of 0 2018-08-02 14:33:19 +02:00
pci-swiotlb.c x86/dma: Use generic swiotlb_ops 2018-03-20 10:01:57 +01:00
pcspeaker.c x86/platform/pcspeaker: Use PTR_ERR_OR_ZERO() to fix ptr_ret.cocci warning 2018-07-24 09:46:42 +02:00
perf_regs.c perf/x86: Store user space frame-pointer value on a sample 2018-05-25 08:11:12 +02:00
platform-quirks.c x86/i8237: Register device based on FADT legacy boot flag 2018-04-27 16:44:29 +02:00
pmem.c
probe_roms.c
process.c x86/entry/32: Enter the kernel via trampoline stack 2018-07-20 01:11:37 +02:00
process_32.c x86/process: Don't mix user/kernel regs in 64bit __show_regs() 2018-09-06 14:33:12 +02:00
process_64.c x86/process: Don't mix user/kernel regs in 64bit __show_regs() 2018-09-06 14:33:12 +02:00
ptrace.c signal: Ensure every siginfo we send has all bits initialized 2018-04-25 10:40:51 -05:00
pvclock.c x86: Convert x86_platform_ops to timespec64 2018-05-19 14:03:14 +02:00
quirks.c x86/mce: Check for alternate indication of machine check recovery on Skylake 2018-06-07 22:22:12 +02:00
reboot.c x86/apic: Fix restoring boot IRQ mode in reboot and kexec/kdump 2018-02-17 11:47:45 +01:00
reboot_fixups_32.c
relocate_kernel_32.S
relocate_kernel_64.S x86/kexec: Make kexec (mostly) work in 5-level paging mode 2018-01-31 08:39:40 +01:00
resource.c
rtc.c x86: Convert x86_platform_ops to timespec64 2018-05-19 14:03:14 +02:00
setup.c pci-v4.19-changes 2018-08-16 09:21:54 -07:00
setup_percpu.c x86/cpu_entry_area: Sync cpu_entry_area to initial_page_table 2018-03-01 09:48:27 +01:00
signal.c rseq: Avoid infinite recursion when delivering SIGSEGV 2018-06-22 19:04:22 +02:00
signal_compat.c signal: Add TRAP_UNK si_code for undiagnosted trap exceptions 2018-04-25 10:40:56 -05:00
smp.c x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d 2018-08-05 09:53:13 +02:00
smpboot.c Merge 4.18-rc7 into master to pick up the KVM dependcy 2018-08-05 16:39:29 +02:00
stacktrace.c x86/stacktrace: Do not fail for ORC with regs on stack 2018-06-21 16:34:56 +02:00
step.c
sys_x86_64.c compat: Move compat_timespec/ timeval to compat_time.h 2018-04-19 13:29:54 +02:00
sysfb.c
sysfb_efi.c
sysfb_simplefb.c
tboot.c
tce_64.c
time.c x86: Don't include linux/irq.h from asm/hardirq.h 2018-08-05 09:53:13 +02:00
tls.c
tls.h
topology.c x86/xen: Disable CPU0 hotplug for Xen PV 2018-09-12 21:15:02 +02:00
trace_clock.c
tracepoint.c
traps.c Merge branch 'linus' into x86/urgent 2018-06-22 21:20:35 +02:00
tsc.c x86/tsc: Fix UV TSC initialization 2018-10-02 21:29:16 +02:00
tsc_msr.c x86/platform/intel-mid: Remove custom TSC calibration 2018-07-03 13:08:21 +02:00
tsc_sync.c
umip.c signal: Ensure every siginfo we send has all bits initialized 2018-04-25 10:40:51 -05:00
unwind_frame.c
unwind_guess.c
unwind_orc.c x86/unwind/orc: Detect the end of the stack 2018-06-21 16:34:56 +02:00
uprobes.c uprobes/x86: Remove incorrect WARN_ON() in uprobe_init_insn() 2018-06-21 17:11:02 +02:00
verify_cpu.S
vm86_32.c x86/entry: Rename update_sp0 to update_task_stack 2018-07-20 01:11:40 +02:00
vmlinux.lds.S x86/mm: Add .bss..decrypted section to hold shared variables 2018-09-15 20:48:45 +02:00
vsmp_64.c
x86_init.c x86/tsc: Make use of tsc_calibrate_cpu_early() 2018-07-20 00:02:44 +02:00