[PATCH v5 06/10] arm64: untag user address in __do_user_fault

From: Andrey Konovalov
Date: Mon Aug 06 2018 - 12:41:50 EST

Next message: Andrey Konovalov: "[PATCH v5 07/10] fs, arm64: untag user address in copy_mount_options"
Previous message: Andrey Konovalov: "[PATCH v5 09/10] arm64: update Documentation/arm64/tagged-pointers.txt"
In reply to: Andrey Konovalov: "[PATCH v5 09/10] arm64: update Documentation/arm64/tagged-pointers.txt"
Next in thread: Andrey Konovalov: "[PATCH v5 07/10] fs, arm64: untag user address in copy_mount_options"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In __do_user_fault the fault address is being compared to TASK_SIZE to
find out whether the address lies in the kernel or in user space. Since
the fault address is coming from a user it can be tagged.

Untag the pointer before comparing.

Signed-off-by: Andrey Konovalov <andreyknvl@xxxxxxxxxx>
---
arch/arm64/mm/fault.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c
index b8eecc7b9531..89033d992d28 100644
--- a/arch/arm64/mm/fault.c
+++ b/arch/arm64/mm/fault.c
@@ -313,7 +313,7 @@ static void __do_user_fault(struct siginfo *info, unsigned int esr)
* type", so we ignore this wrinkle and just return the translation
* fault.)
*/
- if (current->thread.fault_address >= TASK_SIZE) {
+ if (untagged_addr(current->thread.fault_address) >= TASK_SIZE) {
switch (ESR_ELx_EC(esr)) {
case ESR_ELx_EC_DABT_LOW:
/*
--
2.18.0.597.ga71716f1ad-goog

Next message: Andrey Konovalov: "[PATCH v5 07/10] fs, arm64: untag user address in copy_mount_options"
Previous message: Andrey Konovalov: "[PATCH v5 09/10] arm64: update Documentation/arm64/tagged-pointers.txt"
In reply to: Andrey Konovalov: "[PATCH v5 09/10] arm64: update Documentation/arm64/tagged-pointers.txt"
Next in thread: Andrey Konovalov: "[PATCH v5 07/10] fs, arm64: untag user address in copy_mount_options"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]