powerpc/hugetlb: fix page rights verification in gup_hugepte()
gup_hugepte() checks if pages are present and readable, and
when 'write' is set, also checks if the pages are writable.
Initially this was done by checking if _PAGE_PRESENT and
_PAGE_READ were set. In addition, _PAGE_WRITE was verified for write
accesses.
The problem is that we have to handle the three following cases:
1/ The target defines __PAGE_READ and __PAGE_WRITE
2/ The target defines __PAGE_RW
3/ The target defines __PAGE_RO
In case 1/, this is obvious
In case 2/, __PAGE_READ is defined as 0 and __PAGE_WRITE as __PAGE_RW
so it works as well.
But in case 3, __PAGE_RW is defined as 0, which means __PAGE_WRITE is 0
and then the test returns true (page writable) in all cases.
A first correction was attempted in commit 6b8cb66a6a ("powerpc: Fix
usage of _PAGE_RO in hugepage"), but that fix is wrong:
instead of checking that the page is writable when write is requested,
it checks that the page is NOT writable when write is NOT requested.
This patch adds a new pte_read() helper to check whether a page is
readable or not. This avoids handling all possible cases in
gup_hugepte().
Then gup_hugepte() is modified to use pte_present(), pte_read()
and pte_write() instead of the raw flags.
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Reviewed-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Tento commit je obsažen v:
Christophe Leroy
odevzdal
Michael Ellerman
Michael Ellerman
rodič
4cfac2f9c7
revize
ca8afd4046
@@ -977,7 +977,6 @@ EXPORT_SYMBOL_GPL(__find_linux_pte_or_hugepte);
|
||||
int gup_hugepte(pte_t *ptep, unsigned long sz, unsigned long addr,
|
||||
unsigned long end, int write, struct page **pages, int *nr)
|
||||
{
|
||||
unsigned long mask;
|
||||
unsigned long pte_end;
|
||||
struct page *head, *page;
|
||||
pte_t pte;
|
||||
@@ -988,18 +987,10 @@ int gup_hugepte(pte_t *ptep, unsigned long sz, unsigned long addr,
|
||||
end = pte_end;
|
||||
|
||||
pte = READ_ONCE(*ptep);
|
||||
mask = _PAGE_PRESENT | _PAGE_READ;
|
||||
|
||||
/*
|
||||
* On some CPUs like the 8xx, _PAGE_RW hence _PAGE_WRITE is defined
|
||||
* as 0 and _PAGE_RO has to be set when a page is not writable
|
||||
*/
|
||||
if (write)
|
||||
mask |= _PAGE_WRITE;
|
||||
else
|
||||
mask |= _PAGE_RO;
|
||||
|
||||
if ((pte_val(pte) & mask) != mask)
|
||||
if (!pte_present(pte) || !pte_read(pte))
|
||||
return 0;
|
||||
if (write && !pte_write(pte))
|
||||
return 0;
|
||||
|
||||
/* hugepages are never "special" */
|
||||
|
||||
Odkázat v novém úkolu
Zablokovat Uživatele