linux/arch/arm64/kernel
Peter Collingbourne c4c597f1b3 arm64: mte: Do not set PG_mte_tagged if tags were not initialized
The mte_sync_page_tags() function sets PG_mte_tagged if it initializes
page tags. Then we return to mte_sync_tags(), which sets PG_mte_tagged
again. At best, this is redundant. However, it is possible for
mte_sync_page_tags() to return without having initialized tags for the
page, i.e. in the case where check_swap is true (non-compound page),
is_swap_pte(old_pte) is false and pte_is_tagged is false. So at worst,
we set PG_mte_tagged on a page with uninitialized tags. This can happen
if, for example, page migration causes a PTE for an untagged page to
be replaced. If the userspace program subsequently uses mprotect() to
enable PROT_MTE for that page, the uninitialized tags will be exposed
to userspace.

Fix it by removing the redundant call to set_page_mte_tagged().

Fixes: e059853d14 ("arm64: mte: Fix/clarify the PG_mte_tagged semantics")
Signed-off-by: Peter Collingbourne <pcc@google.com>
Cc: <stable@vger.kernel.org> # 6.1
Link: https://linux-review.googlesource.com/id/Ib02d004d435b2ed87603b858ef7480f7b1463052
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Reviewed-by: Alexandru Elisei <alexandru.elisei@arm.com>
Link: https://lore.kernel.org/r/20230420214327.2357985-1-pcc@google.com
Signed-off-by: Will Deacon <will@kernel.org>
2023-05-16 14:59:16 +01:00
..
pi arm64: unwind: add asynchronous unwind tables to kernel and modules 2022-11-09 18:06:35 +00:00
probes arm64: kprobes: Drop ID map text from kprobes blacklist 2023-02-07 18:25:10 +00:00
vdso vdso: Improve cmd_vdso_check to check all dynamic relocations 2023-03-21 21:15:34 +01:00
vdso32 vdso: Improve cmd_vdso_check to check all dynamic relocations 2023-03-21 21:15:34 +01:00
.gitignore
acpi_numa.c arm64: numa: Don't check node against MAX_NUMNODES 2022-07-19 19:10:28 +01:00
acpi_parking_protocol.c treewide: Drop function_nocfi 2022-09-26 10:13:14 -07:00
acpi.c arm64: acpi: Fix possible memory leak of ffh_ctxt 2023-02-24 14:21:49 +00:00
alternative.c arm64: alternatives: add __init/__initconst to some functions/variables 2022-12-05 13:47:06 +00:00
armv8_deprecated.c arm64: armv8_deprecated: remove unnecessary (void*) conversions 2023-03-28 15:43:44 +01:00
asm-offsets.c arm64: ftrace: Add direct call support 2023-04-11 18:06:39 +01:00
cacheinfo.c cacheinfo: Add arm64 early level initializer implementation 2023-04-13 09:32:33 +01:00
compat_alignment.c arm64: compat: Work around uninitialized variable warning 2023-04-05 17:51:47 +01:00
cpu_errata.c arm64: errata: Workaround possible Cortex-A715 [ESR|FAR]_ELx corruption 2023-01-06 17:14:55 +00:00
cpu_ops.c
cpu-reset.S arm64: kernel: remove SHF_WRITE|SHF_EXECINSTR from .idmap.text 2023-05-02 12:42:22 +01:00
cpufeature.c arm64 fixes for -rc1 2023-05-04 12:45:32 -07:00
cpuidle.c cpuidle, arm64: Fix the ARM64 cpuidle logic 2023-01-18 12:27:17 +01:00
cpuinfo.c Merge branches 'for-next/sysreg', 'for-next/sme', 'for-next/kselftest', 'for-next/misc', 'for-next/sme2', 'for-next/tpidr2', 'for-next/scs', 'for-next/compat-hwcap', 'for-next/ftrace', 'for-next/efi-boot-mmu-on', 'for-next/ptrauth' and 'for-next/pseudo-nmi', remote-tracking branch 'arm64/for-next/perf' into for-next/core 2023-02-10 18:51:49 +00:00
crash_core.c arm64: move PAC masks to <asm/pointer_auth.h> 2023-04-13 12:27:11 +01:00
crash_dump.c vmcore: convert copy_oldmem_page() to take an iov_iter 2022-04-29 14:37:59 -07:00
debug-monitors.c arm64: kgdb: Set PSTATE.SS to 1 to re-enable single-step 2023-04-14 13:39:47 +01:00
efi-header.S arm64: efi: Enable BTI codegen and add PE/COFF annotation 2023-04-20 15:43:45 +02:00
efi-rt-wrapper.S arm64: efi: Avoid workqueue to check whether EFI runtime is live 2023-01-16 15:27:31 +01:00
efi.c A healthy mix of EFI contributions this time: 2023-02-23 14:41:48 -08:00
elfcore.c arm64: mte: Avoid the racy walk of the vma list during core dump 2023-01-05 15:12:12 +00:00
entry-common.c arm64/cpu: Mark cpu_park_loop() and friends __noreturn 2023-04-14 17:31:24 +02:00
entry-fpsimd.S arm64/sme: Implement context switching for ZT0 2023-01-20 12:23:06 +00:00
entry-ftrace.S arm64: ftrace: Add direct call support 2023-04-11 18:06:39 +01:00
entry.S Merge branches 'for-next/sysreg', 'for-next/sme', 'for-next/kselftest', 'for-next/misc', 'for-next/sme2', 'for-next/tpidr2', 'for-next/scs', 'for-next/compat-hwcap', 'for-next/ftrace', 'for-next/efi-boot-mmu-on', 'for-next/ptrauth' and 'for-next/pseudo-nmi', remote-tracking branch 'arm64/for-next/perf' into for-next/core 2023-02-10 18:51:49 +00:00
fpsimd.c arm64/sme: Fix some comments of ARM SME 2023-04-12 09:41:48 +01:00
ftrace.c arm64: ftrace: Simplify get_ftrace_plt 2023-04-11 18:06:39 +01:00
head.S arm64: Fix label placement in record_mmu_state() 2023-04-26 09:01:04 +01:00
hibernate-asm.S
hibernate.c arm64: mte: Fix/clarify the PG_mte_tagged semantics 2022-11-29 09:26:07 +00:00
hw_breakpoint.c arm64: Treat ESR_ELx as a 64-bit register 2022-04-29 19:26:27 +01:00
hyp-stub.S arm64/sme: Fix __finalise_el2 SMEver check 2023-02-06 16:34:29 +00:00
idle.c arch/idle: Change arch_cpu_idle() behavior: always exit with IRQs disabled 2023-01-13 11:48:15 +01:00
idreg-override.c Merge branch 'for-next/sysreg' into for-next/core 2023-04-20 18:03:07 +01:00
image-vars.h efi/zboot: arm64: Inject kernel code size symbol into the zboot payload 2023-04-26 18:01:41 +02:00
image.h
io.c
irq.c Merge branch 'for-next/stacks' into for-next/core 2022-12-06 11:26:40 +00:00
jump_label.c jump_label: make initial NOP patching the special case 2022-06-24 09:48:55 +02:00
kaslr.c arm64: kaslr: don't pretend KASLR is enabled if offset < MIN_KIMG_ALIGN 2023-02-28 11:21:04 +00:00
kexec_image.c arm64: kexec_file: use more system keyrings to verify kernel image signature 2022-07-15 12:21:16 -04:00
kgdb.c arm64: kgdb: Set PSTATE.SS to 1 to re-enable single-step 2023-04-14 13:39:47 +01:00
kuser32.S arm64: compat: Move kuser32.S to .rodata section 2022-06-23 16:01:42 +01:00
machine_kexec_file.c arm64/kexec: Fix missing extra range for crashkres_low. 2022-09-01 11:50:00 +01:00
machine_kexec.c Merge branch 'for-next/misc' into for-next/core 2023-04-20 11:22:09 +01:00
Makefile arm64: perf: Move PMUv3 driver to drivers/perf 2023-03-27 14:01:18 +01:00
module-plts.c module: replace module_layout with module_memory 2023-03-09 12:55:15 -08:00
module.c Merge branch 'for-next/ftrace' into for-next/core 2022-12-06 11:07:39 +00:00
mte.c arm64: mte: Do not set PG_mte_tagged if tags were not initialized 2023-05-16 14:59:16 +01:00
paravirt.c arm64: paravirt: remove conduit check in has_pv_steal_clock 2022-11-09 18:11:56 +00:00
patch-scs.c arm64: Apply dynamic shadow call stack patching in two passes 2023-01-26 17:54:15 +00:00
patching.c arm64: patching: Add aarch64_insn_write_literal_u64() 2023-01-24 11:49:43 +00:00
pci.c
perf_callchain.c arm64: use XPACLRI to strip PAC 2023-04-13 12:27:11 +01:00
perf_regs.c perf: arm64: Add SVE vector granule register to user regs 2022-09-22 15:06:02 +01:00
pointer_auth.c
process.c Objtool changes for v6.4: 2023-04-28 14:02:54 -07:00
proton-pack.c arm64: delete dead code in this_cpu_set_vectors() 2023-04-20 10:44:54 +01:00
psci.c treewide: Drop function_nocfi 2022-09-26 10:13:14 -07:00
ptrace.c arm64 updates for 6.3: 2023-02-21 15:27:48 -08:00
reloc_test_core.c ARM64: reloc_test: add __init/__exit annotations to module init/exit funcs 2022-09-29 18:04:25 +01:00
reloc_test_syms.S
relocate_kernel.S arm64: kexec: load from kimage prior to clobbering 2022-05-17 14:25:35 +01:00
return_address.c
sdei.c arm64: implement dynamic shadow call stack for Clang 2022-11-09 18:06:35 +00:00
setup.c arm64: head: record the MMU state at primary entry 2023-01-24 11:51:07 +00:00
signal32.c signal: Deliver SIGTRAP on perf event asynchronously if blocked 2022-04-22 12:14:05 +02:00
signal.c arm64/signal: Alloc tpidr2 sigframe after checking system_supports_tpidr2() 2023-04-12 09:41:48 +01:00
sigreturn32.S arm64: compat: Move sigreturn32.S to .rodata section 2022-07-01 12:05:45 +01:00
sleep.S arm64: kernel: remove SHF_WRITE|SHF_EXECINSTR from .idmap.text 2023-05-02 12:42:22 +01:00
smccc-call.S
smp_spin_table.c treewide: Drop function_nocfi 2022-09-26 10:13:14 -07:00
smp.c SMP cross-CPU function-call updates for v6.4: 2023-04-28 15:03:43 -07:00
stacktrace.c arm64: use XPACLRI to strip PAC 2023-04-13 12:27:11 +01:00
suspend.c cpuidle, arm64: Fix the ARM64 cpuidle logic 2023-01-18 12:27:17 +01:00
sys32.c
sys_compat.c arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall 2022-04-29 19:26:27 +01:00
sys.c
syscall.c arm64/sme: Optimise SME exit on syscall entry 2023-01-12 17:09:21 +00:00
time.c arm64: Make profile_pc() use arch_stack_walk() 2021-12-10 14:06:04 +00:00
topology.c RISC-V Patches for the 6.1 Merge Window, Part 1 2022-10-09 13:24:01 -07:00
trace-events-emulation.h
traps.c arm64/cpu: Mark cpu_park_loop() and friends __noreturn 2023-04-14 17:31:24 +02:00
vdso32-wrap.S
vdso-wrap.S
vdso.c arm64: vdso: Pass (void *) to virt_to_page() 2023-05-16 14:53:36 +01:00
vmlinux.lds.S arm64: lds: move .got section out of .text 2023-05-02 13:12:45 +01:00