lib/test_lockup: fix kernel pointer check for separate address spaces

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

test_kernel_ptr() uses access_ok() to figure out if a given address
points to user space instead of kernel space. However on architectures
that set CONFIG_ALTERNATE_USER_ADDRESS_SPACE, a pointer can be valid
for both, and the check always fails because access_ok() returns true.

Make the check for user space pointers conditional on the type of
address space layout.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>

Arnd Bergmann 4 years ago 5a06fcb1 12700c17

+8 -3

1 changed file

expand all

lib

test_lockup.c

+8 -3

lib/test_lockup.c

··· 417 417 return false; 418 418 419 419 /* should be at least readable kernel address */ 420 - if (access_ok((void __user *)ptr, 1) || 421 - access_ok((void __user *)ptr + size - 1, 1) || 422 - get_kernel_nofault(buf, ptr) || 420 + if (!IS_ENABLED(CONFIG_ALTERNATE_USER_ADDRESS_SPACE) && 421 + (access_ok((void __user *)ptr, 1) || 422 + access_ok((void __user *)ptr + size - 1, 1))) { 423 + pr_err("user space ptr invalid in kernel: %#lx\n", addr); 424 + return true; 425 + } 426 + 427 + if (get_kernel_nofault(buf, ptr) || 423 428 get_kernel_nofault(buf, ptr + size - 1)) { 424 429 pr_err("invalid kernel ptr: %#lx\n", addr); 425 430 return true;