Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp5975160ybi; Wed, 29 May 2019 00:27:59 -0700 (PDT) X-Google-Smtp-Source: APXvYqzi38El9JhsXPb/2XOwF04rF/BcyRXVJY92n3eSokzg2RC6EdWeIwsUtYwcIwJ3+0VvZsmt X-Received: by 2002:a65:458f:: with SMTP id o15mr2862598pgq.376.1559114879798; Wed, 29 May 2019 00:27:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559114879; cv=none; d=google.com; s=arc-20160816; b=vNugRCSas5/2Q3Ac7rlcRcc7rKAayVsCC9aiL2vHuwURZ/dzMGJ1exO/1zTifsJSAR QI6aZuzuCm0o7KmeEMB2aqAwjRkVEYTpwHh3If7ShYzkS6eMAogBErxt58f7tVpaELvS 0U6Z19pmiz2EIJST+GacPrD3wDpTVSWuMQYtbP8sKxGvM45VAwiJVAZzmwkg/lj7Plvv 6347Lj3lXO1tzDr8FXyzFc0uSELJLxUcFyHi7F8bwlvY9hEb8ziN5kRoNMZ0kgJhlpI6 1MVeUBByxuXm427K6yQgzVnceY5LBZmwHgWfV1NYcSoeKubgzvit6U203p4veleGbG3W nCSA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=ssFcgC6aXDs7dYSAbBmJKcIg4T70eM+DboT0xb2phSs=; b=AidEjTfrQlThRq8cjZV124EU2GJsJ0rCFINir+nMn64byOsyoIuwBWOaXYfKxe/g/B 0hjCIGgV7iJ1lWagU9hju/9teXp1GdzkLX0j5NnmniK3Jgr4/BEeUkuEDw6lgx/ZenoB OqgOSFBneXJoHrOglIhl5YKwe8ZPut5bPYO7MqqAAIZ71g6I81nmvCJ8J9S5s3brIfZn 1fy6s4fp6lZuPrFV1Hpo9Tk0YE9qwfloAtDdtDs3aPFXJoX0Y1c4NmemGx1ox6nQTaDT aPIuzI0QcL5DCtxhM/HpgVoqyLpvzOLH9O334/t3SU8DtBlIsDxGeWl+8pq16y8+kfF7 hByQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id bo10si5924597pjb.59.2019.05.29.00.27.44; Wed, 29 May 2019 00:27:59 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726713AbfE2HZu convert rfc822-to-8bit (ORCPT + 99 others); Wed, 29 May 2019 03:25:50 -0400 Received: from Galois.linutronix.de ([146.0.238.70]:52742 "EHLO Galois.linutronix.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725894AbfE2HZu (ORCPT ); Wed, 29 May 2019 03:25:50 -0400 Received: from bigeasy by Galois.linutronix.de with local (Exim 4.80) (envelope-from ) id 1hVsxw-0002SA-HC; Wed, 29 May 2019 09:25:40 +0200 Date: Wed, 29 May 2019 09:25:40 +0200 From: Sebastian Andrzej Siewior To: Andrew Morton Cc: Hugh Dickins , x86@kernel.org, Mike Rapoport , Andrea Arcangeli , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Borislav Petkov , Pavel Machek , Dave Hansen Subject: [PATCH v2] x86/fpu: Use fault_in_pages_writeable() for pre-faulting Message-ID: <20190529072540.g46j4kfeae37a3iu@linutronix.de> References: <20190526173325.lpt5qtg7c6rnbql5@linutronix.de> <20190528211826.0fa593de5f2c7480357d3ca5@linux-foundation.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8BIT In-Reply-To: <20190528211826.0fa593de5f2c7480357d3ca5@linux-foundation.org> User-Agent: NeoMutt/20180716 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Hugh Dickins Since commit d9c9ce34ed5c8 ("x86/fpu: Fault-in user stack if copy_fpstate_to_sigframe() fails") we use get_user_pages_unlocked() to pre-faulting user's memory if a write generates a pagefault while the handler is disabled. This works in general and uncovered a bug as reported by Mike Rapoport. It has been pointed out that this function may be fragile and a simple pre-fault as in fault_in_pages_writeable() would be a better solution. Better as in taste and simplicity: That write (as performed by the alternative function) performs exactly the same faulting of memory that we had before. This was suggested by Hugh Dickins and Andrew Morton. Use fault_in_pages_writeable() for pre-faulting of user's stack. Fixes: d9c9ce34ed5c8 ("x86/fpu: Fault-in user stack if copy_fpstate_to_sigframe() fails") Suggested-by: Andrew Morton Signed-off-by: Hugh Dickins [bigeasy: patch description] Signed-off-by: Sebastian Andrzej Siewior --- v1…v2: Added a Fixes tag. arch/x86/kernel/fpu/signal.c | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/arch/x86/kernel/fpu/signal.c b/arch/x86/kernel/fpu/signal.c index 5a8d118bc423e..060d6188b4533 100644 --- a/arch/x86/kernel/fpu/signal.c +++ b/arch/x86/kernel/fpu/signal.c @@ -5,6 +5,7 @@ #include #include +#include #include #include @@ -189,15 +190,7 @@ int copy_fpstate_to_sigframe(void __user *buf, void __user *buf_fx, int size) fpregs_unlock(); if (ret) { - int aligned_size; - int nr_pages; - - aligned_size = offset_in_page(buf_fx) + fpu_user_xstate_size; - nr_pages = DIV_ROUND_UP(aligned_size, PAGE_SIZE); - - ret = get_user_pages_unlocked((unsigned long)buf_fx, nr_pages, - NULL, FOLL_WRITE); - if (ret == nr_pages) + if (!fault_in_pages_writeable(buf_fx, fpu_user_xstate_size)) goto retry; return -EFAULT; } -- 2.20.1