Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp4003406ybb;
        Mon, 23 Mar 2020 11:38:37 -0700 (PDT)
X-Google-Smtp-Source: ADFU+vuQrzfPPYWky+81+bWm2TCh3tdmwnXgbreAvlHk9rtydxKesieFfXrQAjpDxsxZ4eIzJhxZ
X-Received: by 2002:a4a:e38c:: with SMTP id l12mr803748oov.7.1584988716913;
        Mon, 23 Mar 2020 11:38:36 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1584988716; cv=none;
        d=google.com; s=arc-20160816;
        b=DpUR6MUOTUx98bgtnLFBdRTmH3R+cPjSkNw9WbuIvdId0NjHptIknopkMaWZ44dHF5
         o7Fc6y/WPyM9Vqiv/2CdENR+E6xQjs9f14G+ZYkdJj7pesly+LBCEd7GlNYOtRiMKZbh
         cOMnAyo3nnrV24OVm9b7cNLlNn8PX+dYQIvy52YD/5ceWyreIGojZ+CvYM9F5Gq2I+O+
         J553avq+cO7ZR8q4muS8u3ovLbt4QyE8xIvi4wEoptNwUtm+5yQi3sazbGWtSJI3nwMc
         XDahwHRGhlbSLfsgHcw02BrDzcAbG1B7mCKhlL+x1ZO3urwVfDodvab8bcpmfUD3X0p8
         nfSQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-disposition:mime-version
         :message-id:subject:cc:to:from:date;
        bh=7LpWW6JxzGB5OGoS+MGJjcbwEbve4Xvscs9ZaZEAdc0=;
        b=xJUg21RrvbCC7WwMP6jRQbmzzBIBkmf1XsUt+XQaXTUdBa06/Rsu8NejR+/FsS0HN7
         55lb9wtqkbrFGA6LJY3q7PYIBPtNgaJq+TZFToaxr3qCFbUllpj60CAz04RgpA/4Bcay
         dzar39OvqXlWPUOen0957sdF1NvXAoXCnMWSX9O5Dw4xmAbot6cESd6BQE/R4YRmAD/2
         /jYwUEj9CdltFRPa7GiIwHQ6usBow+rrrDqAzo2lIT6TlMKZnRku/0x1ZmUl4bVduEOw
         UfdpZx63BbtZRF9B3YtdLI6U+/xzaZP8QnxW21foskZClYLCZyBFCvV4NuiAALWBVV8q
         RakA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id y29si9835551ote.208.2020.03.23.11.38.22;
        Mon, 23 Mar 2020 11:38:36 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727257AbgCWSgf (ORCPT <rfc822;lunatang2017@gmail.com>
        + 99 others); Mon, 23 Mar 2020 14:36:35 -0400
Received: from zeniv.linux.org.uk ([195.92.253.2]:46590 "EHLO
        ZenIV.linux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726643AbgCWSgf (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 23 Mar 2020 14:36:35 -0400
Received: from viro by ZenIV.linux.org.uk with local (Exim 4.92.3 #3 (Red Hat Linux))
        id 1jGRvw-0012xt-N1; Mon, 23 Mar 2020 18:36:20 +0000
Date:   Mon, 23 Mar 2020 18:36:20 +0000
From:   Al Viro <viro@zeniv.linux.org.uk>
To:     Linus Torvalds <torvalds@linux-foundation.org>
Cc:     Thomas Gleixner <tglx@linutronix.de>, x86@kernel.org,
        linux-kernel@vger.kernel.org
Subject: [RFC][PATCHSET] x86 uaccess cleanups
Message-ID: <20200323183620.GD23230@ZenIV.linux.org.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

        Beginning of uaccess series; there's more already linearized, but
I'll be posting that separately.  This stuff lives in
git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs.git #next.uaccess-2
Individual patches will be in followups.  Please, review.  It's 5.6-rc1-based;
diffstat is:
 Documentation/x86/exception-tables.rst |   6 -
 arch/x86/events/core.c                 |  27 +--
 arch/x86/ia32/ia32_signal.c            | 288 +++++++++++-------------
 arch/x86/include/asm/asm.h             |   6 -
 arch/x86/include/asm/processor.h       |   1 -
 arch/x86/include/asm/sigframe.h        |   6 +-
 arch/x86/include/asm/sighandling.h     |   3 -
 arch/x86/include/asm/uaccess.h         | 140 ------------
 arch/x86/include/asm/uaccess_32.h      |  27 ---
 arch/x86/include/asm/uaccess_64.h      | 108 +--------
 arch/x86/kernel/signal.c               | 394 +++++++++++++++------------------
 arch/x86/kernel/stacktrace.c           |   6 +-
 arch/x86/kernel/vm86_32.c              | 115 +++++-----
 arch/x86/kvm/mmu/paging_tmpl.h         |   2 +-
 arch/x86/mm/extable.c                  |  12 -
 include/linux/compat.h                 |   9 +-
 include/linux/signal.h                 |   8 +-
 17 files changed, 388 insertions(+), 770 deletions(-)

part 1: getting rid of constant size cases in raw_copy_{to,from}_user() (x86)

        raw_copy_{to,from}_user() recognizes some small constant sizes
and turns those into a sequence of __get_user()/__put_user().  Very few
call chains these days hit those - most are not getting the constant
sizes or get the size not among the recognized sets.  And out of the
few that do hit those cases, not all are hot enough to bother.
So let's convert those that are to explicit __get_user()/__put_user()
and drop that logics in raw_copy_{to,from}_user().  That gets rid of
quite a bit of complexity in there.
        Note: I'm not sure about one chain - vhost_scsi_do_evt_work()
copyout of 16byte struct virtio_scsi_event; if we see slowdowns there,
we probably ought to switch it to unsafe_put_user().

1/22	x86 user stack frame reads: switch to explicit __get_user()
2/22	x86 kvm page table walks: switch to explicit __get_user()
3/22	x86: switch sigframe sigset handling to explict __get_user()/__put_user()
4/22	x86: get rid of small constant size cases in raw_copy_{to,from}_user()

part 2: getting rid of get_user_ex/put_user_ex mess.

        copyin side is easy - we are on shallow stack in all cases,
and we can just do a bulk copyin instead.  copyout is more interesting.
In principle, it's all straightforward - those put_user_{try,catch}
blocks turn into user_access_{begin,end}() ones, with unsafe_put_user()
used instead of put_user_ex().  It does take some massage, though.
5/22	vm86: get rid of get_user_ex() use
6/22	x86: get rid of get_user_ex() in ia32_restore_sigcontext()
7/22	x86: get rid of get_user_ex() in restore_sigcontext()
8/22	x86: kill get_user_{try,catch,ex}
9/22	x86: switch save_v86_state() to unsafe_put_user()
10/22	x86: switch setup_sigcontext() to unsafe_put_user()
11/22	x86: switch ia32_setup_sigcontext() to unsafe_put_user()
12/22	x86: get rid of put_user_try in {ia32,x32}_setup_rt_frame()
13/22	x86: ia32_setup_sigcontext(): lift user_access_{begin,end}() into the callers
14/22	x86: ia32_setup_frame(): consolidate uaccess areas
15/22	x86: ia32_setup_rt_frame(): consolidate uaccess areas
16/22	x86: get rid of put_user_try in __setup_rt_frame() (both 32bit and 64bit)
17/22	x86: setup_sigcontext(): list user_access_{begin,end}() into callers
18/22	x86: __setup_frame(): consolidate uaccess areas
19/22	x86: __setup_rt_frame(): consolidate uaccess areas
20/22	x86: x32_setup_rt_frame(): consolidate uaccess areas
21/22	x86: unsafe_put_... macros for sigcontext and sigmask
22/22   kill uaccess_try()