Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1754034AbeAIQj0 (ORCPT <rfc822;ralf@linux-mips.org> + 1 other);
        Tue, 9 Jan 2018 11:39:26 -0500
Received: from mail-eopbgr40112.outbound.protection.outlook.com ([40.107.4.112]:13664
        "EHLO EUR03-DB5-obe.outbound.protection.outlook.com"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S1752128AbeAIQjW (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 9 Jan 2018 11:39:22 -0500
Authentication-Results: spf=none (sender IP is )
 smtp.mailfrom=aryabinin@virtuozzo.com; 
From: Andrey Ryabinin <aryabinin@virtuozzo.com>
To: Andrew Morton <akpm@linux-foundation.org>,
        Linus Torvalds <torvalds@linux-foundation.org>
Cc: linux-kernel@vger.kernel.org, Kees Cook <keescook@chromium.org>,
        Eryu Guan <eguan@redhat.com>,
        Alexander Potapenko <glider@google.com>,
        Chris Metcalf <metcalf@alum.mit.edu>,
        David Laight <David.Laight@ACULAB.COM>,
        Dmitry Vyukov <dvyukov@google.com>,
        Andrey Ryabinin <aryabinin@virtuozzo.com>,
        stable@vger.kernel.org
Subject: [PATCH] lib/strscpy: remove word-at-a-time optimization.
Date: Tue,  9 Jan 2018 19:37:45 +0300
Message-Id: <20180109163745.3692-1-aryabinin@virtuozzo.com>
X-Mailer: git-send-email 2.13.6
MIME-Version: 1.0
Content-Type: text/plain
X-Originating-IP: [195.214.232.6]
X-ClientProxiedBy: HE1PR05CA0170.eurprd05.prod.outlook.com
 (2603:10a6:3:f8::18) To AM4PR08MB2820.eurprd08.prod.outlook.com
 (2603:10a6:205:d::26)
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 2ecfd28c-24c6-4a47-c892-08d5577f87fd
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(4534020)(4602075)(7168020)(4627115)(201703031133081)(201702281549075)(5600026)(4604075)(2017052603307)(7153060)(7193020);SRVR:AM4PR08MB2820;
X-Microsoft-Exchange-Diagnostics: 1;AM4PR08MB2820;3:D4ICmP0RYQ4cF59R0OlnMSAjhYugFCAQzEdPjJo/48T2Ahk5GQr8wTBqN4IjnWQHaDDwIzJfu8+mrocZfJMZqjkZib00pafsaEfL7Q3kJvJzrLJt0U4EvMNzr5Fd3GUVZczEjvYBgub6vG8dSnVjA6p845pPhq8FILypOEQZOlgtYvMrcZOYLsTMmTJIXRMdSPnrAV/4+zIgmPlhROTU37pfcyyT0ihGT9Wee5YuPEsQfLd+0vPED9CDB6MvPRkk;25:C9tuIG2PAPsjABRR8MXnLBmgOb0rBPA29gh64nlOHY+/512DA16kEZuGZ0VAoUu+Bj9V0NmZgNKjn0Si91eR7wh+fGMpnWps3y4FQ56054pUzAev/rY34I7VH9DJkin62wkuI/pprqyrBeOTXNI7g44BKFc2Uo2ERgVnB9xQLT+COP0dWWtbGjbGbCXD1Rlp3SNit2yhQgyMM3JIOAZ6mp9Z+0f7Et53MnhXBnFjMtx4KHGZOo3tm1xxgIEvyGVtn8c4dPQdDX2HDzNa4p+q8OcdpMv+YHwEYLEx/a2Z2fCMgaBQbBgbC1T+bPaYHXVWJb/7pkL4xFXJ0DimzsdU0g==;31:GcO0Wwm3GegiWXXEjg4XnbZjqdapa4E0339XaJXjPjjWI4rzAuJNrNUa1oKOdljYrJnqHk9Z3PYWH/rytaeA7AZ8GWD49X385OAfp/tqoVS2/VDOvb55dghFCQxh/xgCfLCMt+ozgFYFkUHaqUi9CnrTdjtqgXny4xzv5Uz0XiG//MuGDVH8+QQUQlPXLaZDK91Prkwt3DxkwUdIY+PueTl1ig6vB3levIl+kBv9zYY=
X-MS-TrafficTypeDiagnostic: AM4PR08MB2820:
X-Microsoft-Exchange-Diagnostics: 1;AM4PR08MB2820;20:zdxJ267H8CeOcG5EJX/dk/14qGqs2hlLnqdCd3A3u1ka/KDAHh3UiIPj+L+fuUNq6DQKzXNGG/mzLpSsqOTjL/tICyCIOPN94WdJitus75NX1y3UnhiEi7EUnPGaSWtqf6VADkjqH6MucXTNK5pqeh1pCmGTT4iyrne1hO1KNBtL7LqjEfQOJ5KWPpVSZ7H/w4d/9E5zoaElu5OTAG3930tYgdKQ+Yo+rAQ/hpE9KtheFGhVeym3oqq6PVqb8VCT9mzmF9L66HBN5bv0JWxxykiN91E7k83/hQisnM9BMqVmLkqvzEyzCDQs7rRYpJqgc+AbtrC+1wv4XbRucoBX3qDi7o/opzW+Rnx1BCifrD8Ls/mxcm34N5FyEuDlQmneOuBgQdpb1f0oUgB4b4HsyETM50O2J6eF/iu5rj6nkRM=;4:6GSpOTk+QHa7ldfzW6BAUKzlpFUkTJAU4Ox1POPMNjSiJgTwm6MbKWfkey/SIUNEbmfdDBp5f6NKjDHCLlQJfa4Sp8GTXpg5Xp5apdt/Rug8E33BSA0c7MY3AnsrmmWHQGV4PsGX18BkWtflZObH8d5J/hDmbuZB3dI0r8m67amj9/o5Izp3slHp5LytBMWA2NCfoWU3u/wyomqa6AsmkIftZ+uX5/JJJ7ZOUYH5e92KpKrXVhuFv4xtGo9xIgJcdA9H17c18u02TUx6SEP2cM4TVAIP+1kFfMQMqUrDv+R1lPwHD5V4F5DL3lWGea79RWKTrafCpQM3kejaT5UU2s5KQ4bFwK5Qg7V7wtrX3ag=
X-Microsoft-Antispam-PRVS: <AM4PR08MB2820DF20E963E23F0E4DE13BB0100@AM4PR08MB2820.eurprd08.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(42068640409301);
X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040470)(2401047)(5005006)(8121501046)(3002001)(93006095)(93001095)(10201501046)(3231023)(944501075)(6041268)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123564045)(20161123562045)(20161123558120)(20161123560045)(6072148)(201708071742011);SRVR:AM4PR08MB2820;BCL:0;PCL:0;RULEID:(100000803101)(100110400095);SRVR:AM4PR08MB2820;
X-Forefront-PRVS: 0547116B72
X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10019020)(6069001)(39380400002)(396003)(366004)(376002)(346002)(39850400004)(199004)(189003)(316002)(105586002)(110136005)(50226002)(106356001)(48376002)(81166006)(50466002)(54906003)(3846002)(6116002)(1076002)(16586007)(16526018)(8936002)(575784001)(2906002)(6666003)(478600001)(966005)(36756003)(86362001)(7416002)(5660300001)(76506005)(53416004)(66066001)(52116002)(55236004)(386003)(6306002)(68736007)(59450400001)(8676002)(51416003)(7736002)(69596002)(25786009)(6506007)(6486002)(305945005)(53936002)(230783001)(81156014)(47776003)(6512007)(97736004)(4326008);DIR:OUT;SFP:1102;SCL:1;SRVR:AM4PR08MB2820;H:localhost.sw.ru;FPR:;SPF:None;PTR:InfoNoRecords;A:1;MX:1;LANG:en;
X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1;AM4PR08MB2820;23:BYDP/uRpv+HbPiNfo2Cdk1MshTjYOQuPoh1B2wm+V?=
 =?us-ascii?Q?CBrdgPMyNFRYDGoe+Lxvc2v48vXe/whzI1PN30MWRVDlwt32RpX5brobhzFl?=
 =?us-ascii?Q?ePKQlkuZY9OoXxmiT88rk7mQkCw4YtZLLKx5xhBuEWvOETaqMDSeOifFVkSX?=
 =?us-ascii?Q?ACHAjvYZ2YL7EcJlqMYP1zHtVnL8sMkasLmxuC1Ji9+5rZ7/fHO9Q5hrceFW?=
 =?us-ascii?Q?yK7qG1IH6ksdqV8+Dk0QVorXehViZEuZSaeBdbP8YKVv96MT/ujjjTokoFWS?=
 =?us-ascii?Q?pOYtGmYxalEEzaFcJF5F7xstGbXUvc7NTnRWvCw6/yr24I/5MWtCpA+Ycxcg?=
 =?us-ascii?Q?f4ip+MhMGccatDfJ6Q2Y9dwn/DSq1NRsCeJ+KF+sWDKlq5KbrUsOnMTBrV2U?=
 =?us-ascii?Q?G41FVPOY7KvgwxFLxVRaojAaEgKa3SYENsmb5kfxewaIwD4cOgapKsyBEKBd?=
 =?us-ascii?Q?lJnJ5WHgPAVJCXJRq4pZquve+rYM3M1tlcj51ezqc5GdyTU03mSRKBMV9YJ+?=
 =?us-ascii?Q?e3e4fkq26ZWVcuFcSk36oFqcw1dJqkSZkCQ0R0qtsZw71zhy9Yo0Ub/zTRBF?=
 =?us-ascii?Q?iOBtsBNZWlI0Nh1WZEo/wAT2ddO5NAUZYlFUvlxKeNYm0AuQZqFQtQxH6ai6?=
 =?us-ascii?Q?AreBxjuR9IwEMHM5Il18QWwRzJ6oARw6do++w5kpBbNhyfpyLUfa0JQopjRB?=
 =?us-ascii?Q?O44HIuFklJ+Iez4q8Y5HDu74mQSPyMIUL6BznlNAN84Ee1xViZg/jsA8Xnla?=
 =?us-ascii?Q?nycRP23D+ixPLa9tEmjFEIVtjJKvnR494fI98f/NpyDbElOQSGlAuBoQog0p?=
 =?us-ascii?Q?PL7dxUrR6S1IpEza0zEWZpQB5FUZ8V/bH9+mCNzArBO5m39rA7ie2MGsLUmH?=
 =?us-ascii?Q?xWWT2on7B+1MO5/svIKwcg6M82T3kX+Mal+EPtszv2+wEM3QPUhwzNXyqp5Q?=
 =?us-ascii?Q?gAO3AikgkCZxSXRihi5ADc1du6AwPeIlGHPUbWS+6rhMbYIRr/XoVuE0CpG5?=
 =?us-ascii?Q?a2ydwIiblqrHztwJe2TxYMnrvDpu3HUl0aT3Kq9nw6t/A0WwtqoYFxTLbdoB?=
 =?us-ascii?Q?oQxKAXQQi4Xfse2T7LM7sYcf3TGUzDY5KJlO+Q0klr9IC30dsPYndITWEnGb?=
 =?us-ascii?Q?pZQjrKKHircs1fIP8TwnzlMWanpwNVAqnnZ4n7dOOv3UHR/KW1HIojhJ5Jja?=
 =?us-ascii?Q?zwYnuv7wlbMDLbLKewUeaeM2go5Ak2i57qBhJUxT59dVt09zQYwotSVgCy2k?=
 =?us-ascii?Q?QYZDux6zkp6DeExM6A7H7QDC6J9sQ0itsI6raUrbCr/39Htw6vc7Rx/R0yR1?=
 =?us-ascii?B?Zz09?=
X-Microsoft-Exchange-Diagnostics: 1;AM4PR08MB2820;6:BA6ea6ZqPaP30F4dBpOYbfr294vL9sND0UC0rA7CcU2U9zdO98UwkGZUv46hi2uTLWgRZv+vvptTdseH1db+QwjH4uH4Xy8rf6AnV4RlGmU2ren0aS9FJ67X+JG0sirgKtU0sE89aHie/e5jowK+W/llL25DZcedhUyHrmJ6Zne00wfsMfUKsatX2hcM3NXYAH6TUXVYkFr4iGWhkitbnYGJKBGuHxBh3ySAxkryWW/EoS9HiTGlcWq23nmnKnc8vEOr1c1lLvGhbr4ZREAChgqFUrl2BaL4Y056A53xsTLqk+fUTdMEZccqJ3dpfRho0URCy8X3iRubGGQZDi2LWb7ITZ3dbAmmXQ3W1JRCp74=;5:5lPS6rddgk0SN0KM7wTbhLCnw0VEAvYk8okTmcMGeo4KTi93qt8G7A2K66L40hnoLdIdzh+96KfZNyt5KRg0jE8IhSSfD6NlEy536BjxIXVVoNmJqY6x/jh7JK8rFioLoxZAmbYFQeZy8UyBfJqlSzx1H0j0T63OLhTD7bFrnFI=;24:6kMIzij/bVUfjnQJY015HpM276y4brrqEjKXDhtSAnG1ja1lSA6Lzn/vfOmp9YvQ/+r82RoIWdOmp5FSeqGrGZlzlJ8jp/gBDKJ4TpuOz7k=;7:onhXyw4wjTJnW1pC8LHusrzWInNlwlRK0U5a9Ay1SmXOvE5o/ET3egTGm0bc0DN9tTdylEwG5/UynxUpcV1V98cD2AkOAsvpKqZSMreSo+F9n4YpA3u6VL85voorBU1myYc2BLo7dh+dSKoUFGIw1w9lyCMNO8FXYTYYhYbh9Uo81qJRiPTiomq6qIGQ/KC9scqDTekiq5rCQ+JmFCRxiSW8spluxH0nGE7QYyUFRKRuCNT/MOaG/669sL5dJMn/
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1;AM4PR08MB2820;20:gAYRX9K1uwjStoHdOCp/u6mfMb3t3Cu/2J6jhauDw1jddW+VMheZFwHS5Va+Qq1Zp5pf/QJtHSmAAhpudZIiXtOK9FnUtEOAv5ckN4h6x3VxoP4nyv7K1nSaaXWpdoNuxW7SebTC8qyaTTzG9HBRmIh6/1LLg9+w4ERpkZKKqNU=
X-OriginatorOrg: virtuozzo.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Jan 2018 16:39:18.9156 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 2ecfd28c-24c6-4a47-c892-08d5577f87fd
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 0bc7f26d-0264-416e-a6fc-8352af79c58f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4PR08MB2820
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>

strscpy() performs the word-at-a-time optimistic reads. So it may
may access the memory past the end of the object, which is perfectly fine
since strscpy() doesn't use that (past-the-end) data and makes sure the
optimistic read won't cross a page boundary.

But KASAN doesn't know anything about that so it will complain.
There are several possible ways to address this issue, but none
are perfect. See https://lkml.kernel.org/r/9f0a9cf6-51f7-cd1f-5dc6-6d510a7b8ec4@virtuozzo.com

It seems the best solution is to simply disable word-at-a-time
optimization. My trivial testing shows that byte-at-a-time
could be up to x4.3 times slower than word-at-a-time.
It may seems like a lot, but it's actually ~1.2e-10 sec per symbol vs
~4.8e-10 sec per symbol on modern hardware. And we don't use strscpy()
in a performance critical paths to copy large amounts of data,
so it shouldn't matter anyway.

Fixes: 30035e45753b7 ("string: provide strscpy()")
Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
Cc: <stable@vger.kernel.org>
---
 lib/string.c | 38 --------------------------------------
 1 file changed, 38 deletions(-)

diff --git a/lib/string.c b/lib/string.c
index 64a9e33f1daa..6205dd71aa0f 100644
--- a/lib/string.c
+++ b/lib/string.c
@@ -29,7 +29,6 @@
 #include <linux/errno.h>
 
 #include <asm/byteorder.h>
-#include <asm/word-at-a-time.h>
 #include <asm/page.h>
 
 #ifndef __HAVE_ARCH_STRNCASECMP
@@ -177,45 +176,8 @@ EXPORT_SYMBOL(strlcpy);
  */
 ssize_t strscpy(char *dest, const char *src, size_t count)
 {
-	const struct word_at_a_time constants = WORD_AT_A_TIME_CONSTANTS;
-	size_t max = count;
 	long res = 0;
 
-	if (count == 0)
-		return -E2BIG;
-
-#ifdef CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS
-	/*
-	 * If src is unaligned, don't cross a page boundary,
-	 * since we don't know if the next page is mapped.
-	 */
-	if ((long)src & (sizeof(long) - 1)) {
-		size_t limit = PAGE_SIZE - ((long)src & (PAGE_SIZE - 1));
-		if (limit < max)
-			max = limit;
-	}
-#else
-	/* If src or dest is unaligned, don't do word-at-a-time. */
-	if (((long) dest | (long) src) & (sizeof(long) - 1))
-		max = 0;
-#endif
-
-	while (max >= sizeof(unsigned long)) {
-		unsigned long c, data;
-
-		c = *(unsigned long *)(src+res);
-		if (has_zero(c, &data, &constants)) {
-			data = prep_zero_mask(c, data, &constants);
-			data = create_zero_mask(data);
-			*(unsigned long *)(dest+res) = c & zero_bytemask(data);
-			return res + find_zero(data);
-		}
-		*(unsigned long *)(dest+res) = c;
-		res += sizeof(unsigned long);
-		count -= sizeof(unsigned long);
-		max -= sizeof(unsigned long);
-	}
-
 	while (count) {
 		char c;
 
-- 
2.13.6