Received: by 2002:a25:8b12:0:0:0:0:0 with SMTP id i18csp1381130ybl; Sat, 10 Aug 2019 02:35:09 -0700 (PDT) X-Google-Smtp-Source: APXvYqw86zPNruC4myJltkQG6Shyncm875KaBDcCWkRBu9jZBpiKEXCPuWfQlG4S9zMgIqLrSvaE X-Received: by 2002:a17:902:728b:: with SMTP id d11mr19490336pll.265.1565429709431; Sat, 10 Aug 2019 02:35:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565429709; cv=none; d=google.com; s=arc-20160816; b=W0/DsZ2juH/I0VugcIrLlFTCWyX5DCHqYzduwYlEJLrSCWTVYEQvoXsvt8fR3H9kX8 VhJWfkxC+NMmx3nrV4BXJRFhfyizqaS8Xxs48N/H+XP+82xdgKtK1CJjqNeSqSsxd9+9 BqXB3dQ7cTFRa6OiNfTh9JQS2WpzN0P1JD5w1Mgle+1U6KLRLyWAx4+4cm9Dmy+R5dQI zEA6WU+f/1R9/xVoaVZUA63NucsDWS5v1J6cSWRlbMPnvOnbII2uhBvP93ZPdw/2qN4R JeP6bdFOEg/e3et4ILvwZ9JSJmef4CJauxIDdJnyBq7nNes1Nrp66V3x4QEoko5+G2Mj dUUQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:message-id:date:references :in-reply-to:subject:cc:to:from; bh=10C0EpTd2owpATWtp+NvS8Tx3Q3T4BQfKCY2/G4u/UE=; b=TwKrAnXTipAibO3GK47X8qC0reKMa4iXF9C363ZaOYqCY6/+nEJZ8J6Pk+vzXj/DdO SRQLcuhc6AHbRZJENCYtDDGVW1AH59uIfDjloOzoDuKq2JrbzTwU+8hyZw0TbHBPQXsS rUuIYTkTt1abqNa88Rl2Y4zq6g0bXk/DTv4BqfC4w8UQEV/7Q3lnJF3lEpknNKQgGrcc H1y6kHgqq7Lb8un4p2VrGIKhfubub45f9KHCDmJ72zmVz996GhW3n+qDcCbG6SolzTXn GFiM2AjWwIX9EVxQ0D3RsNumIh1QfIk0WkHxYwm+rYoTIdSxlGOhn/D6WCGJVXssYB5m 9qyg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i19si59263543pfa.232.2019.08.10.02.34.25; Sat, 10 Aug 2019 02:35:09 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726057AbfHJJd3 (ORCPT + 99 others); Sat, 10 Aug 2019 05:33:29 -0400 Received: from ozlabs.org ([203.11.71.1]:48821 "EHLO ozlabs.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725497AbfHJJd3 (ORCPT ); Sat, 10 Aug 2019 05:33:29 -0400 Received: from authenticated.ozlabs.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail.ozlabs.org (Postfix) with ESMTPSA id 465H3W09KHz9sN6; Sat, 10 Aug 2019 19:33:26 +1000 (AEST) From: Michael Ellerman To: Santosh Sivaraj , linuxppc-dev , Linux Kernel Cc: "Aneesh Kumar K.V" , Mahesh Salgaonkar , Reza Arbab , Balbir Singh , Chandan Rajendra , Nicholas Piggin , christophe leroy Subject: Re: [PATCH v8 7/7] powerpc: add machine check safe copy_to_user In-Reply-To: <20190807145700.25599-8-santosh@fossix.org> References: <20190807145700.25599-1-santosh@fossix.org> <20190807145700.25599-8-santosh@fossix.org> Date: Sat, 10 Aug 2019 19:33:27 +1000 Message-ID: <87lfw1s6u0.fsf@concordia.ellerman.id.au> MIME-Version: 1.0 Content-Type: text/plain Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Santosh Sivaraj writes: > Use memcpy_mcsafe() implementation to define copy_to_user_mcsafe() > > Signed-off-by: Santosh Sivaraj > --- > arch/powerpc/Kconfig | 1 + > arch/powerpc/include/asm/uaccess.h | 14 ++++++++++++++ > 2 files changed, 15 insertions(+) > > diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig > index 77f6ebf97113..4316e36095a2 100644 > --- a/arch/powerpc/Kconfig > +++ b/arch/powerpc/Kconfig > @@ -137,6 +137,7 @@ config PPC > select ARCH_HAS_STRICT_KERNEL_RWX if ((PPC_BOOK3S_64 || PPC32) && !RELOCATABLE && !HIBERNATION) > select ARCH_HAS_TICK_BROADCAST if GENERIC_CLOCKEVENTS_BROADCAST > select ARCH_HAS_UACCESS_FLUSHCACHE if PPC64 > + select ARCH_HAS_UACCESS_MCSAFE if PPC64 > select ARCH_HAS_UBSAN_SANITIZE_ALL > select ARCH_HAVE_NMI_SAFE_CMPXCHG > select ARCH_KEEP_MEMBLOCK > diff --git a/arch/powerpc/include/asm/uaccess.h b/arch/powerpc/include/asm/uaccess.h > index 8b03eb44e876..15002b51ff18 100644 > --- a/arch/powerpc/include/asm/uaccess.h > +++ b/arch/powerpc/include/asm/uaccess.h > @@ -387,6 +387,20 @@ static inline unsigned long raw_copy_to_user(void __user *to, > return ret; > } > > +static __always_inline unsigned long __must_check > +copy_to_user_mcsafe(void __user *to, const void *from, unsigned long n) > +{ > + if (likely(check_copy_size(from, n, true))) { > + if (access_ok(to, n)) { > + allow_write_to_user(to, n); > + n = memcpy_mcsafe((void *)to, from, n); > + prevent_write_to_user(to, n); > + } > + } > + > + return n; > +} This looks OK to me. It would be nice though if copy_to_user_mcsafe() followed the pattern of the other copy_to_user() etc. routines where the arch code is only responsible for the actual arch details, and all the checks are done in the generic code. That would be a good cleanup to do after this has gone in, as the 2nd implementation of the API. cheers