Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.19 / 4a2af55d5b43e4b862a207138e6cabe26621d99b
commit4a2af55d5b43e4b862a207138e6cabe26621d99b[log] [tgz]
authorSuren Baghdasaryan <surenb@google.com>Fri Nov 18 15:36:13 2022 -0800
committerSrinivasarao Pathipati <quic_c_spathi@quicinc.com>Tue Mar 14 18:26:51 2023 +0530
tree9772f896412c0bcbb8d298f09a636f3b60a02591
parentb93415d547d0a29585a5f21d3b5a8a04d2539ebd [diff]
ANDROID: mm: prevent reads of unstable pmd during speculation

Checks of pmd during speculative page fault handling are racy because
pmd is unprotected and might be modified or cleared. This might cause
use-after-free reads from speculative path, therefore prevent such
checks. At the beginning of speculation pmd is checked to be valid and
if it's changed before page fault is handled, the change will be detected
and page fault will be retried under mmap_lock protection.

Bug: 257443051
Change-Id: I0cbd3b0b44e8296cf0d6cb298fae48c696580068
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Git-commit: 2bb39b912175c3c087978ae5547e277a8422c601
Git-repo: https://android.googlesource.com/kernel/common/
[quic_c_spathi@quicinc.com: resolve merge conflicts]
Signed-off-by: Srinivasarao Pathipati <quic_c_spathi@quicinc.com>
1 file changed
tree: 9772f896412c0bcbb8d298f09a636f3b60a02591
  1. android/
  2. arch/
  3. block/
  4. certs/
  5. crypto/
  6. Documentation/
  7. drivers/
  8. firmware/
  9. fs/
  10. include/
  11. init/
  12. ipc/
  13. kernel/
  14. lib/
  15. LICENSES/
  16. mm/
  17. net/
  18. samples/
  19. scripts/
  20. security/
  21. sound/
  22. techpack/
  23. tools/
  24. usr/
  25. virt/
  26. .clang-format
  27. .cocciconfig
  28. .get_maintainer.ignore
  29. .gitattributes
  30. .gitignore
  31. .mailmap
  32. Android.bp
  33. AndroidKernel.mk
  34. build.config.aarch64
  35. build.config.allmodconfig
  36. build.config.allmodconfig.aarch64
  37. build.config.allmodconfig.arm
  38. build.config.allmodconfig.x86_64
  39. build.config.arm
  40. build.config.common
  41. build.config.gki
  42. build.config.gki-debug.aarch64
  43. build.config.gki-debug.x86_64
  44. build.config.gki.aarch64
  45. build.config.gki.x86_64
  46. build.config.gki_kasan
  47. build.config.gki_kasan.aarch64
  48. build.config.gki_kasan.x86_64
  49. build.config.goldfish.arm
  50. build.config.goldfish.arm64
  51. build.config.goldfish.mips
  52. build.config.goldfish.mips64
  53. build.config.goldfish.x86
  54. build.config.goldfish.x86_64
  55. build.config.x86_64
  56. COPYING
  57. CREDITS
  58. gen_headers_arm.bp
  59. gen_headers_arm64.bp
  60. Kbuild
  61. Kconfig
  62. kernel_headers.py
  63. MAINTAINERS
  64. Makefile
  65. README
  66. verity_dev_keys.x509