Re: [PATCH 1/2] x86, pkeys: check against max pkey to avoid overflows

From: Kirill A. Shutemov
Date: Thu Feb 23 2017 - 19:08:59 EST


On Thu, Feb 23, 2017 at 02:26:03PM -0800, Dave Hansen wrote:
>
> From: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>
>
> Kirill got a warning from UBSAN about undefined behavior when using
> protection keys. He is running on hardware that actually has support
> for it, which is not widely available.
>
> The warning was because we did some very large shifts of integers when
> doing a pkey_free() of a large, invalid value because we never check
> that the pkey "fits" into the mm_pkey_allocation_map().
>
> I do not believe there is any danger here of anything bad happening
> other than some aliasing issues where somebody could do:
>
> pkey_free(35);
>
> and the kernel would effectively execute:
>
> pkey_free(8);
>
> While this might be confusing to an app that was doing something
> stupid, it has to do something stupid and the effects are limited to
> the app shooting itself in the foot.
>
> Signed-off-by: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>

Acked-by: Kirill A. Shutemov <kirill.shutemov@xxxxxxxxxxxxxxx>

--
Kirill A. Shutemov