On Tue, 4 Sep 2018, Yang, Bin wrote:
> On Mon, 2018-09-03 at 23:57 +0200, Thomas Gleixner wrote:
> >
> > The last patch which does the overlap check is equally broken:
>
> Sorry that I did not understand the broken of last patch.
I meant 4/5 sorry. That's the one which introduces the overlap check and
does this:
> > + /*
> > + * Ensure that the requested pgprot does not violate static
> > protection
> > + * requirements.
> > + */
> > + new_prot = static_protections(req_prot, address,
> > + numpages << PAGE_SHIFT, pfn);
> >
> > It expands new_prot to the whole range even if the protections only
> > overlap. That should not happen in practice, but we have no checks for that
> > at all.
>
> Below code in patch #3 should cover this check. It will double check
> new_prot in whole large page range.
Which is exactly what is wrong. Read again what I wrote.
Thanks,
tglx
