Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753883AbbLCUig (ORCPT ); Thu, 3 Dec 2015 15:38:36 -0500 Received: from asavdk3.altibox.net ([109.247.116.14]:38085 "EHLO asavdk3.altibox.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753421AbbLCUif (ORCPT ); Thu, 3 Dec 2015 15:38:35 -0500 Date: Thu, 3 Dec 2015 21:38:10 +0100 From: Sam Ravnborg To: Yang Shi Cc: davem@davemloft.net, linux-kernel@vger.kernel.org, sparclinux@vger.kernel.org, linaro-kernel@lists.linaro.org Subject: Re: [V2 PATCH] sparc64/gup: check address scope legitimacy Message-ID: <20151203203809.GA15235@ravnborg.org> References: <1448490684-17171-1-git-send-email-yang.shi@linaro.org> <1448491543-17946-1-git-send-email-yang.shi@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1448491543-17946-1-git-send-email-yang.shi@linaro.org> User-Agent: Mutt/1.5.23 (2014-03-12) X-CMAE-Score: 0 X-CMAE-Analysis: v=2.1 cv=bZvLKL7B c=1 sm=1 tr=0 a=Ij76tQDYWdb01v2+RnYW5w==:117 a=Ij76tQDYWdb01v2+RnYW5w==:17 a=7gkXJVJtAAAA:8 a=Git7GJnPAAAA:8 a=kj9zAlcOel0A:10 a=KKAkSRfTAAAA:8 a=xPjcn49UgSek_jU7sZ8A:9 a=CjuIK1q_8ugA:10 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2149 Lines: 63 Hi Yang. On Wed, Nov 25, 2015 at 02:45:43PM -0800, Yang Shi wrote: > Check if user address is accessible in atomic version __get_user_pages_fast() > before walking the page table. > And, check if end > start in get_user_pages_fast(), otherwise fallback to slow > path. Two different but related things in one patch is often a bad thing. It would have been better to split it up. > > Signed-off-by: Yang Shi > --- > Just found slow_irqon label is not defined, added it to avoid compile error. > > arch/sparc/mm/gup.c | 7 ++++++- > 1 file changed, 6 insertions(+), 1 deletion(-) > > diff --git a/arch/sparc/mm/gup.c b/arch/sparc/mm/gup.c > index 2e5c4fc..cf4fb47 100644 > --- a/arch/sparc/mm/gup.c > +++ b/arch/sparc/mm/gup.c > @@ -173,6 +173,9 @@ int __get_user_pages_fast(unsigned long start, int nr_pages, int write, > addr = start; > len = (unsigned long) nr_pages << PAGE_SHIFT; > end = start + len; > + if (unlikely(!access_ok(write ? VERIFY_WRITE : VERIFY_READ, > + (void __user *)start, len))) > + return 0; This change is not justified. Why would we take the time to first do the access_ok() stuff. If this had been an expensive operation then we had made this function slower in the normal case ( assuming there were no access violations in the normal case). When I look at the implementation of access_ok() I get the impression that this is not really a check we need. access_ok() always returns 1. > > local_irq_save(flags); > pgdp = pgd_offset(mm, addr); > @@ -203,6 +206,8 @@ int get_user_pages_fast(unsigned long start, int nr_pages, int write, > addr = start; > len = (unsigned long) nr_pages << PAGE_SHIFT; > end = start + len; > + if (end < start) > + goto slow_irqon; end can only be smaller than start if there is some overflow. See how end is calculated just the line above. This looks like a highly suspicious change. Sam -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/