linux/arch/powerpc/mm
Aneesh Kumar K.V 374f3f5979 powerpc/mm/hash: Handle user access of kernel address gracefully
In commit 2865d08dd9 ("powerpc/mm: Move the DSISR_PROTFAULT sanity
check") we moved the protection fault access check before the vma
lookup. That means we hit that WARN_ON when user space accesses a
kernel address. Before that commit this was handled by find_vma() not
finding vma for the kernel address and considering that access as bad
area access.

Avoid the confusing WARN_ON and convert that to a ratelimited printk.

With the patch we now get:

for load:
  a.out[5997]: User access of kernel address (c00000000000dea0) - exploit attempt? (uid: 1000)
  a.out[5997]: segfault (11) at c00000000000dea0 nip 1317c0798 lr 7fff80d6441c code 1 in a.out[1317c0000+10000]
  a.out[5997]: code: 60000000 60420000 3c4c0002 38427790 4bffff20 3c4c0002 38427784 fbe1fff8
  a.out[5997]: code: f821ffc1 7c3f0b78 60000000 e9228030 <89290000> 993f002f 60000000 383f0040

for exec:
  a.out[6067]: User access of kernel address (c00000000000dea0) - exploit attempt? (uid: 1000)
  a.out[6067]: segfault (11) at c00000000000dea0 nip c00000000000dea0 lr 129d507b0 code 1
  a.out[6067]: Bad NIP, not dumping instructions.

Fixes: 2865d08dd9 ("powerpc/mm: Move the DSISR_PROTFAULT sanity check")
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.ibm.com>
Tested-by: Breno Leitao <leitao@debian.org>
[mpe: Don't split printk() string across lines]
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
2018-12-20 20:52:54 +11:00
..
8xx_mmu.c powerpc/8xx: use modify_instruction_site() 2018-12-19 18:56:32 +11:00
40x_mmu.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
44x_mmu.c powerpc/44x: use patch_sites for TLB handlers patching 2018-12-19 18:56:32 +11:00
Makefile powerpc/mm: dump block address translation on book3s/32 2018-12-04 19:46:49 +11:00
copro_fault.c mm: convert return type of handle_mm_fault() caller to vm_fault_t 2018-08-17 16:20:28 -07:00
dma-noncoherent.c powerpc: handover page flags with a pgprot_t parameter 2018-10-14 18:04:09 +11:00
drmem.c powerpc/mm/drmem: Fix unexpected flag value in ibm,dynamic-memory-v2 2018-02-23 16:45:51 +11:00
dump_bats.c powerpc/mm: dump block address translation on book3s/32 2018-12-04 19:46:49 +11:00
dump_hashpagetable.c powerpc: remove superflous inclusions of asm/fixmap.h 2018-07-30 22:48:18 +10:00
dump_linuxpagetables-8xx.c powerpc/8xx: change name of a few page flags to avoid confusion 2018-10-14 18:04:09 +11:00
dump_linuxpagetables-book3s64.c powerpc/book3s64: fix dump_linuxpagetables "present" flag 2018-10-20 13:26:47 +11:00
dump_linuxpagetables-generic.c powerpc/mm: add exec protection on powerpc 603 2018-12-19 18:56:32 +11:00
dump_linuxpagetables.c powerpc/mm: Fix linux page tables build with some configs 2018-11-27 11:03:36 +11:00
dump_linuxpagetables.h powerpc/mm: Split dump_pagelinuxtables flag_array table 2018-10-14 18:04:09 +11:00
dump_sr.c powerpc/mm: dump segment registers on book3s/32 2018-12-04 19:45:54 +11:00
fault.c powerpc/mm/hash: Handle user access of kernel address gracefully 2018-12-20 20:52:54 +11:00
fsl_booke_mmu.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
hash64_4k.c powerpc/mm/hash: Remove the superfluous bitwise operation when find hpte group 2018-07-24 22:03:17 +10:00
hash64_64k.c powerpc/mm/hash: Remove the superfluous bitwise operation when find hpte group 2018-07-24 22:03:17 +10:00
hash_low_32.S powerpc/book3s/32: Use patch_site to patch hash functions 2018-12-19 18:56:32 +11:00
hash_native_64.c powerpc/64s/hash: Do not use PPC_INVALIDATE_ERAT on CPUs before POWER9 2018-10-04 23:16:53 +10:00
hash_utils_64.c powerpc/64s/hash: Simplify slb_flush_and_rebolt() 2018-10-14 18:04:09 +11:00
highmem.c powerpc/mm: remove warning about ‘type’ being set 2018-08-10 22:12:38 +10:00
hugepage-hash64.c arch/powerpc/mm/hash: validate the pte entries before handling the hash fault 2018-10-03 15:39:59 +10:00
hugetlbpage-book3e.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
hugetlbpage-hash64.c arch/powerpc/mm/hash: validate the pte entries before handling the hash fault 2018-10-03 15:39:59 +10:00
hugetlbpage-radix.c powerpc updates for 4.15 2017-11-16 12:47:46 -08:00
hugetlbpage.c powerpc/8xx: Enable 512k hugepage support with HW assistance 2018-12-04 19:45:01 +11:00
init-common.c powerpc/mm: remove unnecessary test in pgtable_cache_init() 2018-12-04 19:45:01 +11:00
init_32.c powerpc/mm/32: Remove the reserved memory hack 2018-04-01 00:47:44 +11:00
init_64.c powerpc/mm: Fallback to RAM if the altmap is unusable 2018-12-09 21:33:21 +11:00
mem.c powerpc: change CONFIG_PPC_STD_MMU to CONFIG_PPC_BOOK3S 2018-11-26 22:33:37 +11:00
mmap.c exec: pass stack rlimit into mm layout functions 2018-04-11 10:28:37 -07:00
mmu_context.c powerpc/mm: Extend pte_fragment functionality to PPC32 2018-12-04 19:45:01 +11:00
mmu_context_book3s64.c powerpc/mm: Move pte_fragment_alloc() to a common location 2018-12-04 19:45:01 +11:00
mmu_context_hash32.c powerpc: remove unnecessary inclusion of asm/tlbflush.h 2018-07-30 22:48:20 +10:00
mmu_context_iommu.c KVM: PPC: Avoid marking DMA-mapped pages dirty in real mode 2018-09-12 08:49:54 +10:00
mmu_context_nohash.c powerpc/mm: define an empty slice_init_new_context_exec() 2018-12-19 18:56:32 +11:00
mmu_decl.h powerpc: change CONFIG_6xx to CONFIG_PPC_BOOK3S_32 2018-11-26 22:33:37 +11:00
numa.c powerpc: Use device_type helpers to access the node type 2018-11-26 22:33:37 +11:00
pgtable-book3e.c powerpc: handover page flags with a pgprot_t parameter 2018-10-14 18:04:09 +11:00
pgtable-book3s64.c powerpc/mm: Avoid useless lock with single page fragments 2018-12-04 19:45:01 +11:00
pgtable-frag.c powerpc/mm: add helpers to get/set mm.context->pte_frag 2018-12-04 19:45:01 +11:00
pgtable-hash64.c powerpc: handover page flags with a pgprot_t parameter 2018-10-14 18:04:09 +11:00
pgtable-radix.c powerpc/mm/radix: Display if mappings are exec or not 2018-10-20 13:26:47 +11:00
pgtable.c powerpc/mm: add exec protection on powerpc 603 2018-12-19 18:56:32 +11:00
pgtable_32.c powerpc: implement CONFIG_DEBUG_VIRTUAL 2018-12-19 18:56:26 +11:00
pgtable_64.c powerpc/mm: use pte helpers in generic code 2018-10-14 18:04:09 +11:00
pkeys.c powerpc/pkey: Define functions as static 2018-11-25 17:11:21 +11:00
ppc_mmu_32.c powerpc/book3s/32: fix number of bats in p/v_block_mapped() 2018-12-19 18:56:32 +11:00
slb.c powerpc/mm/64s: Fix preempt warning in slb_allocate_kernel() 2018-11-12 13:22:10 +11:00
slice.c powerpc/mm: fix always true/false warning in slice.c 2018-10-20 13:26:47 +11:00
subpage-prot.c powerpc: remove unnecessary inclusion of asm/tlbflush.h 2018-07-30 22:48:20 +10:00
tlb-radix.c powerpc updates for 4.20 2018-10-26 14:36:21 -07:00
tlb_hash32.c powerpc/sparse: Fix plain integer as NULL pointer warning 2018-05-25 12:04:38 +10:00
tlb_hash64.c powerpc/mm: Add support for handling > 512TB address in SLB miss 2018-03-31 00:10:38 +11:00
tlb_low_64e.S powerpc: clean inclusions of asm/feature-fixups.h 2018-07-30 22:48:17 +10:00
tlb_nohash.c powerpc/8xx: Enable 512k hugepage support with HW assistance 2018-12-04 19:45:01 +11:00
tlb_nohash_low.S powerpc: clean inclusions of asm/feature-fixups.h 2018-07-30 22:48:17 +10:00
vphn.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
vphn.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00