Received: by 2002:a5b:505:0:0:0:0:0 with SMTP id o5csp2448035ybp; Thu, 10 Oct 2019 07:33:22 -0700 (PDT) X-Google-Smtp-Source: APXvYqxMil3rV0YUXH4bcKYymYSsXz1haRouy4XNwAa/wP5hLOmawTAVXkAn9bK/S83ecG4prdM+ X-Received: by 2002:a50:fc86:: with SMTP id f6mr8486173edq.233.1570718002218; Thu, 10 Oct 2019 07:33:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1570718002; cv=none; d=google.com; s=arc-20160816; b=fT+zVfYEIxtOnAhaXoUpZD1mJtOp5QAvegKKDxVt542AH8jxu+r/TCmttBGzJWbo6u CpwkmgD2TEiZXXSFS0JlEAG7C0e1zDb2yA63L8Z+KgtaYFAG/uxe07jcqquKLeqBDvSr ABqiHgUHSt+AWuSvBgiBsRg5cnN+9CRLugIHwRyrC/VZDiRVdHGZnc0oXuj70ril3qgW VzhS1kHkueQXU2Pp9JPwjDag1OHVqEn/3FeHcoY4VJ0kPMIm2YT+O4IX5iuSSFSfqPcN MxVWZ8O6JpI7vdgnlR/LFcjUOnQg5dEzVOj1XXibgB3o8tBWzXGmT97BKB83fSqNnRpT 1zNA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=4RKjpa/7tEncx97pJ4j9LHayvt6VfCwjRC6qzGd9L7Q=; b=r/NOIRZjWZo2iPXNyiv548dhlvlrM3lFEUv7Y1JDiGjogkVz4a4oXNCvnelNcqOMFi 6D43BUpbwP19QR6j5ki879cGmBryqeomdr3GK/BuDYI93Jr0f6wvrQAAjSoBF9pj3/L5 u33k7vA+F2ghZ5S4aIpnnwAvaSuzYERU2Yq7uaVeO7d/AZsVljAuEIVxyMAAfNGv8nDq 5G7GXjBFbTBkAAIEyRriZFRSnNiS5CtWliAASuLjqbYayBikuvfg4modd2Pju3esiYXW S/w2z5hMcqwfsH3e4Ci19s80/9qyNgFBagfclcPh/jHK9bo3evdIFQbbYztUDn3uGPSv /YkQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e14si3948698eda.104.2019.10.10.07.32.56; Thu, 10 Oct 2019 07:33:22 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726436AbfJJO37 (ORCPT + 99 others); Thu, 10 Oct 2019 10:29:59 -0400 Received: from zeniv.linux.org.uk ([195.92.253.2]:36478 "EHLO ZenIV.linux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726007AbfJJO36 (ORCPT ); Thu, 10 Oct 2019 10:29:58 -0400 Received: from viro by ZenIV.linux.org.uk with local (Exim 4.92.2 #3 (Red Hat Linux)) id 1iIZS0-0004JV-6u; Thu, 10 Oct 2019 14:29:56 +0000 Date: Thu, 10 Oct 2019 15:29:56 +0100 From: Al Viro To: Max Filippov Cc: "open list:TENSILICA XTENSA PORT (xtensa)" , LKML Subject: Re: [PATCH] xtensa: fix {get,put}_user() for 64bit values Message-ID: <20191010142956.GG26530@ZenIV.linux.org.uk> References: <20191009192105.GC26530@ZenIV.linux.org.uk> <20191010015606.GD26530@ZenIV.linux.org.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.12.1 (2019-06-15) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Oct 09, 2019 at 07:11:40PM -0700, Max Filippov wrote: > > I don't have > > xtensa cross-toolchain at the moment, so I can't check it easily; > > what does =r constraint generate in such case? > > Lower register of the register pair. OK... > > Another thing is, you want to zero it on failure, to avoid an uninitialized > > value ending up someplace interesting.... > > Ok, this? > #define __get_user_nocheck(x, ptr, size) \ > ({ \ > - long __gu_err, __gu_val; \ > + long __gu_err; \ > + __typeof__(*(ptr) + 0) __gu_val = 0; \ > __get_user_size(__gu_val, (ptr), (size), __gu_err); \ > (x) = (__force __typeof__(*(ptr)))__gu_val; \ > __gu_err; \ > @@ -180,7 +181,8 @@ __asm__ __volatile__( > \ > > #define __get_user_check(x, ptr, size) \ > ({ \ > - long __gu_err = -EFAULT, __gu_val = 0; \ > + long __gu_err = -EFAULT; \ > + __typeof__(*(ptr) + 0) __gu_val = 0; \ > const __typeof__(*(ptr)) *__gu_addr = (ptr); \ > if (access_ok(__gu_addr, size)) \ > __get_user_size(__gu_val, __gu_addr, (size), __gu_err); \ > @@ -198,7 +200,7 @@ do { > \ > case 1: __get_user_asm(x, ptr, retval, 1, "l8ui", __cb); break;\ > case 2: __get_user_asm(x, ptr, retval, 2, "l16ui", __cb); break;\ > case 4: __get_user_asm(x, ptr, retval, 4, "l32i", __cb); break;\ > - case 8: retval = __copy_from_user(&x, ptr, 8); break; \ > + case 8: retval = __copy_from_user(&x, ptr, 8) ? -EFAULT : 0; > break; \ > default: (x) = __get_user_bad(); \ > } \ > } while (0) Hmm... Looking at __get_user_size(), we have retval = 0; very early in it. So I wonder if it should simply be #define __get_user_size(x, ptr, size, retval) \ do { \ int __cb; \ retval = 0; \ switch (size) { \ case 1: __get_user_asm(x, ptr, retval, 1, "l8ui", __cb); break;\ case 2: __get_user_asm(x, ptr, retval, 2, "l16ui", __cb); break;\ case 4: __get_user_asm(x, ptr, retval, 4, "l32i", __cb); break;\ case 8: if (unlikely(__copy_from_user(&x, ptr, 8)) { \ retval = -EFAULT; \ x = 0; \ } \ break; \ default: (x) = __get_user_bad(); \ } \ } while (0) so that 64bit case is closer to the others in that respect (i.e. zeroing done on failure and out of line). No?