[PATCH 24/35] x86/mm/pti: Add an overflow check to pti_clone_pmds()

From: Joerg Roedel
Date: Fri Mar 16 2018 - 15:31:45 EST


From: Joerg Roedel <jroedel@xxxxxxx>

The addr counter will overflow if we clone the last PMD of
the address space, resulting in an endless loop.

Check for that and bail out of the loop when it happens.

Signed-off-by: Joerg Roedel <jroedel@xxxxxxx>
---
arch/x86/mm/pti.c | 4 ++++
1 file changed, 4 insertions(+)

diff --git a/arch/x86/mm/pti.c b/arch/x86/mm/pti.c
index 8f53d21..96a690e 100644
--- a/arch/x86/mm/pti.c
+++ b/arch/x86/mm/pti.c
@@ -282,6 +282,10 @@ pti_clone_pmds(unsigned long start, unsigned long end, pmdval_t clear)
p4d_t *p4d;
pud_t *pud;

+ /* Overflow check */
+ if (addr < start)
+ break;
+
pgd = pgd_offset_k(addr);
if (WARN_ON(pgd_none(*pgd)))
return;
--
2.7.4