Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp471625pxf; Wed, 10 Mar 2021 09:51:48 -0800 (PST) X-Google-Smtp-Source: ABdhPJxW1tNPkXNZ3XOs/VkiKrLhw5sRwgBmqK3hZCGw1EwWqqYddDCRG7GpCqNIKpr9Equ8V3Ta X-Received: by 2002:a17:906:3883:: with SMTP id q3mr4901155ejd.160.1615398708655; Wed, 10 Mar 2021 09:51:48 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1615398708; cv=none; d=google.com; s=arc-20160816; b=Jck//7AWCx5QBRta6uKHFk35v+jpDFZba1q/lPE6bRprB80FnDBeezZJHz5MYuSv5m GbQ1R49pR5gj1v8kciAiY276oZIRn2z/FtHwt5yUjQUj4le8FPZMIqtc6Whp6R1a77AF 4RZenNFLajQd6zPDhuJ1noBE0COpUmsNpXrAJ9wmmHIzZImhhskO690KYLGxiAi7oCoP nnq2yGkVMjq0kiE+eTr654jA4qVwLYZgrCB6H33GPa+ZUmbhaAwlP8Zit7pgQl3L9WJf D3z8nI7CVVB08Y5Ie9zTyUT2dolIj/0VSOBORgnJ3BDuO1A1JLXFAJiR5wEPDzuWPs6I 2+0Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:date:cc:to:subject:from:references:in-reply-to :message-id; bh=WZKk1N3M3/hGebjwgpinHrPAmcmiUwjEIe2AZ91YoEI=; b=BldjgEfVpHsLeshSl0mZ8v4ZIETWrZumm8+aNa3wd1jF6XoLojsaFxtqSakR/YojE+ Ox2U6x6ryQifkJAGwiCOV+cz5EjIVU8wZ6namCozSJxqNORfCuS5XdS6zCUN3YkJzfAR 5/QWqyMIodUSeXli9OpZDriWecwn/Ku+AZWEYIsdDNFcdJeNKmFYaQGFNNwA42pe40kc 61T2rhEXvBNS6F10+XiaE2qRnnSWTyT605acziZQJAItThY8N8VNZCzKvKsTp5gwt4S5 3nKvQBA8AUSBj/aVKKKATpimKoX06gtg8sooKUlmPI705h7pWi8WkstEU1VpSB+mqydE YRww== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id a21si94637edn.317.2021.03.10.09.51.25; Wed, 10 Mar 2021 09:51:48 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233802AbhCJRrV (ORCPT + 99 others); Wed, 10 Mar 2021 12:47:21 -0500 Received: from pegase1.c-s.fr ([93.17.236.30]:25865 "EHLO pegase1.c-s.fr" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233534AbhCJRqo (ORCPT ); Wed, 10 Mar 2021 12:46:44 -0500 Received: from localhost (mailhub1-int [192.168.12.234]) by localhost (Postfix) with ESMTP id 4Dwfds3zNXz9tytR; Wed, 10 Mar 2021 18:46:41 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at c-s.fr Received: from pegase1.c-s.fr ([192.168.12.234]) by localhost (pegase1.c-s.fr [192.168.12.234]) (amavisd-new, port 10024) with ESMTP id gFftkTX1eK-3; Wed, 10 Mar 2021 18:46:41 +0100 (CET) Received: from messagerie.si.c-s.fr (messagerie.si.c-s.fr [192.168.25.192]) by pegase1.c-s.fr (Postfix) with ESMTP id 4Dwfds1SGMz9tytQ; Wed, 10 Mar 2021 18:46:41 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by messagerie.si.c-s.fr (Postfix) with ESMTP id E19FC8B78D; Wed, 10 Mar 2021 18:46:42 +0100 (CET) X-Virus-Scanned: amavisd-new at c-s.fr Received: from messagerie.si.c-s.fr ([127.0.0.1]) by localhost (messagerie.si.c-s.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id We2PYwZuqqpA; Wed, 10 Mar 2021 18:46:42 +0100 (CET) Received: from po16121vm.idsi0.si.c-s.fr (unknown [192.168.4.90]) by messagerie.si.c-s.fr (Postfix) with ESMTP id A3B3D8B77E; Wed, 10 Mar 2021 18:46:42 +0100 (CET) Received: by po16121vm.idsi0.si.c-s.fr (Postfix, from userid 0) id 81C8B67568; Wed, 10 Mar 2021 17:46:42 +0000 (UTC) Message-Id: <0ad4629c2d222019e82fcdfccc70d372beb4adf9.1615398265.git.christophe.leroy@csgroup.eu> In-Reply-To: References: From: Christophe Leroy Subject: [PATCH v2 03/15] powerpc/align: Convert emulate_spe() to user_access_begin To: Benjamin Herrenschmidt , Paul Mackerras , Michael Ellerman Cc: linux-kernel@vger.kernel.org, linuxppc-dev@lists.ozlabs.org Date: Wed, 10 Mar 2021 17:46:42 +0000 (UTC) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This patch converts emulate_spe() to using user_access_being logic. Since commit 662bbcb2747c ("mm, sched: Allow uaccess in atomic with pagefault_disable()"), might_fault() doesn't fire when called from sections where pagefaults are disabled, which must be the case when using _inatomic variants of __get_user and __put_user. So the might_fault() in user_access_begin() is not a problem. There was a verification of user_mode() together with the access_ok(), but the function returns in case !user_mode() immediately after the access_ok() verification, so removing that test has no effect. Signed-off-by: Christophe Leroy --- arch/powerpc/kernel/align.c | 61 ++++++++++++++++++++----------------- 1 file changed, 33 insertions(+), 28 deletions(-) diff --git a/arch/powerpc/kernel/align.c b/arch/powerpc/kernel/align.c index c7797eb958c7..c4d7b445b459 100644 --- a/arch/powerpc/kernel/align.c +++ b/arch/powerpc/kernel/align.c @@ -107,7 +107,6 @@ static struct aligninfo spe_aligninfo[32] = { static int emulate_spe(struct pt_regs *regs, unsigned int reg, struct ppc_inst ppc_instr) { - int ret; union { u64 ll; u32 w[2]; @@ -127,11 +126,6 @@ static int emulate_spe(struct pt_regs *regs, unsigned int reg, nb = spe_aligninfo[instr].len; flags = spe_aligninfo[instr].flags; - /* Verify the address of the operand */ - if (unlikely(user_mode(regs) && - !access_ok(addr, nb))) - return -EFAULT; - /* userland only */ if (unlikely(!user_mode(regs))) return 0; @@ -169,26 +163,27 @@ static int emulate_spe(struct pt_regs *regs, unsigned int reg, } } else { temp.ll = data.ll = 0; - ret = 0; p = addr; + if (!user_read_access_begin(addr, nb)) + return -EFAULT; + switch (nb) { case 8: - ret |= __get_user_inatomic(temp.v[0], p++); - ret |= __get_user_inatomic(temp.v[1], p++); - ret |= __get_user_inatomic(temp.v[2], p++); - ret |= __get_user_inatomic(temp.v[3], p++); + unsafe_get_user(temp.v[0], p++, Efault_read); + unsafe_get_user(temp.v[1], p++, Efault_read); + unsafe_get_user(temp.v[2], p++, Efault_read); + unsafe_get_user(temp.v[3], p++, Efault_read); fallthrough; case 4: - ret |= __get_user_inatomic(temp.v[4], p++); - ret |= __get_user_inatomic(temp.v[5], p++); + unsafe_get_user(temp.v[4], p++, Efault_read); + unsafe_get_user(temp.v[5], p++, Efault_read); fallthrough; case 2: - ret |= __get_user_inatomic(temp.v[6], p++); - ret |= __get_user_inatomic(temp.v[7], p++); - if (unlikely(ret)) - return -EFAULT; + unsafe_get_user(temp.v[6], p++, Efault_read); + unsafe_get_user(temp.v[7], p++, Efault_read); } + user_read_access_end(); switch (instr) { case EVLDD: @@ -255,31 +250,41 @@ static int emulate_spe(struct pt_regs *regs, unsigned int reg, /* Store result to memory or update registers */ if (flags & ST) { - ret = 0; p = addr; + + if (!user_read_access_begin(addr, nb)) + return -EFAULT; + switch (nb) { case 8: - ret |= __put_user_inatomic(data.v[0], p++); - ret |= __put_user_inatomic(data.v[1], p++); - ret |= __put_user_inatomic(data.v[2], p++); - ret |= __put_user_inatomic(data.v[3], p++); + unsafe_put_user(data.v[0], p++, Efault_write); + unsafe_put_user(data.v[1], p++, Efault_write); + unsafe_put_user(data.v[2], p++, Efault_write); + unsafe_put_user(data.v[3], p++, Efault_write); fallthrough; case 4: - ret |= __put_user_inatomic(data.v[4], p++); - ret |= __put_user_inatomic(data.v[5], p++); + unsafe_put_user(data.v[4], p++, Efault_write); + unsafe_put_user(data.v[5], p++, Efault_write); fallthrough; case 2: - ret |= __put_user_inatomic(data.v[6], p++); - ret |= __put_user_inatomic(data.v[7], p++); + unsafe_put_user(data.v[6], p++, Efault_write); + unsafe_put_user(data.v[7], p++, Efault_write); } - if (unlikely(ret)) - return -EFAULT; + user_write_access_end(); } else { *evr = data.w[0]; regs->gpr[reg] = data.w[1]; } return 1; + +Efault_read: + user_read_access_end(); + return -EFAULT; + +Efault_write: + user_write_access_end(); + return -EFAULT; } #endif /* CONFIG_SPE */ -- 2.25.0