Received: by 2002:a05:6359:c8b:b0:c7:702f:21d4 with SMTP id go11csp804600rwb; Tue, 4 Oct 2022 10:50:00 -0700 (PDT) X-Google-Smtp-Source: AMsMyM5kkZN3s+m3DYvlWQDMY7AI6H/yZ0dwGZtcMBuoEK7nzIKHswtPh8jIFha/6UTBQhK72ogC X-Received: by 2002:a17:906:ee88:b0:78d:1a9a:b2db with SMTP id wt8-20020a170906ee8800b0078d1a9ab2dbmr3021275ejb.225.1664905799950; Tue, 04 Oct 2022 10:49:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1664905799; cv=none; d=google.com; s=arc-20160816; b=gxxoLalSNRAzuGeDwn5q+U1ML1u+h4WcXkWz6nPRpuU028tF0Jlsx+n3WC1UFYbss4 cJK9rf2ITtrF+dAnoySwAdIyPGrIlG2zebJY3clmkDxGbeDVk3BXwkTkrtppj+8bxEkQ GOEe0yin1TKqbNp6zahFXX8YkFkbLwK8GkAGfRbJWc7ZZfabcIWe5jKSyBn464v/qf42 pjUR+eLYA2qxtnnx+36gKF+BZtuVuJ5ccZmitWjddNCEMDp636KeOphdcDPIqDD38zBb kmt+7192+7NP3PCW34ZK1hf2BNY9mVOcSt+MSLX6wErSokPKab0sLfrE+pK3gySRewjo iK6w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:subject:cc:to:from:date:references:in-reply-to :message-id:mime-version:user-agent:feedback-id:dkim-signature; bh=nxFDpEw4Xs+0RDw9dncUzDjbv54aMc5jQeXiDQjY1DM=; b=OJwQndvO9jb3B5+GEON3zYCf7Lk503ltxdCbiS/puzIk+OxikroS5+cZlgRolYFdyc uw7YHO5ckQ/0m4s9gepl7/ylbaXEABZr1Lv6w0pq3jcJShkKYY7KhhPVY8bRZVExwIyF SfTlHxkllWrSM84nTQE4xpnLFOT0D0zPbR6y8yKI/z+XknI0FImTQj4VPDKkTVbn+sH7 Kouo+C6TDcITPKTUVq2ZMKXDRv8xJU3KVoIhntLXzVQNuNG2R22hb4XImZk9n01S8HyE e7E8hFWXvYCBitPsMZTq+sIpKHlXBd0np75V9xOTVoHlGLet7YKzyOFao3z6q6sC1e/s bm+w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="q/fB4trp"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id b7-20020a056402084700b00453b6f7f184si13330894edz.216.2022.10.04.10.49.32; Tue, 04 Oct 2022 10:49:59 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="q/fB4trp"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229938AbiJDRi2 (ORCPT + 99 others); Tue, 4 Oct 2022 13:38:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56470 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229747AbiJDRiL (ORCPT ); Tue, 4 Oct 2022 13:38:11 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5D4DB24964; Tue, 4 Oct 2022 10:37:04 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 4CF9660EC7; Tue, 4 Oct 2022 17:37:03 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 9CB7CC433C1; Tue, 4 Oct 2022 17:37:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1664905022; bh=rtWTTcYorADYGq6pdo3E4C1gL/XjJH4Ahw8UABoFkfI=; h=In-Reply-To:References:Date:From:To:Cc:Subject:From; b=q/fB4trp7ZFaQqGDvhwNiLs10i9rgMUsg2QfJx0IC3phF7cBEBrAXHwN+WwWbzUp1 RzdYGahFQPJxNoC2y4YFHeZPPOWV1eDkTEXc91zewcA3ElzzHXvVUp4voK+SHKmuIg hUq7qR4cBJrCAwZyAaLKAuynY9Vzw1Xkl5ATop5TcdTimzbUbgLTWrjrxTG/hgIY3Z 2wAApQGGjyC/uRr9tJ95x1Pk87mglecvzYF6r8OQu5fmfwbNzgSn0/tLIiPfoLtvZF euWd7QHEMUE2FWyE7I6bh0MZmdGxfLKd9PD/pHFancFU9k0WtyCdbr1A0znUfQ4GT4 7gNYsvcPqU6Vg== Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailauth.nyi.internal (Postfix) with ESMTP id 8272F27C0054; Tue, 4 Oct 2022 13:37:00 -0400 (EDT) Received: from imap48 ([10.202.2.98]) by compute2.internal (MEProxy); Tue, 04 Oct 2022 13:37:00 -0400 X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrfeeiuddguddugecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefofgggkfgjfhffhffvvefutgesthdtredtreertdenucfhrhhomhepfdet nhguhicunfhuthhomhhirhhskhhifdcuoehluhhtoheskhgvrhhnvghlrdhorhhgqeenuc ggtffrrghtthgvrhhnpedvhfeuvddthfdufffhkeekffetgffhledtleegffetheeugeej ffduhefgteeihfenucevlhhushhtvghrufhiiigvpedvnecurfgrrhgrmhepmhgrihhlfh hrohhmpegrnhguhidomhgvshhmthhprghuthhhphgvrhhsohhnrghlihhthidqudduiedu keehieefvddqvdeifeduieeitdekqdhluhhtoheppehkvghrnhgvlhdrohhrgheslhhinh hugidrlhhuthhordhush X-ME-Proxy: Feedback-ID: ieff94742:Fastmail Received: by mailuser.nyi.internal (Postfix, from userid 501) id DECA631A0062; Tue, 4 Oct 2022 13:36:59 -0400 (EDT) X-Mailer: MessagingEngine.com Webmail Interface User-Agent: Cyrus-JMAP/3.7.0-alpha0-1015-gaf7d526680-fm-20220929.001-gaf7d5266 Mime-Version: 1.0 Message-Id: In-Reply-To: <20221003222133.20948-6-aliraza@bu.edu> References: <20221003222133.20948-1-aliraza@bu.edu> <20221003222133.20948-6-aliraza@bu.edu> Date: Tue, 04 Oct 2022 10:36:38 -0700 From: "Andy Lutomirski" To: "Ali Raza" , "Linux Kernel Mailing List" Cc: "Jonathan Corbet" , masahiroy@kernel.org, michal.lkml@markovi.net, "Nick Desaulniers" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , "H. Peter Anvin" , "Eric W. Biederman" , "Kees Cook" , "Peter Zijlstra (Intel)" , "Al Viro" , "Arnd Bergmann" , juri.lelli@redhat.com, vincent.guittot@linaro.org, dietmar.eggemann@arm.com, "Steven Rostedt" , "Ben Segall" , mgorman@suse.de, bristot@redhat.com, vschneid@redhat.com, "Paolo Bonzini" , jpoimboe@kernel.org, linux-doc@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-arch@vger.kernel.org, "the arch/x86 maintainers" , rjones@redhat.com, munsoner@bu.edu, tommyu@bu.edu, drepper@redhat.com, lwoodman@redhat.com, mboydmcse@gmail.com, okrieg@bu.edu, rmancuso@bu.edu Subject: Re: [RFC UKL 05/10] x86/uaccess: Make access_ok UKL aware Content-Type: text/plain X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Oct 3, 2022, at 3:21 PM, Ali Raza wrote: > When configured for UKL, access_ok needs to account for the unified address > space that is used by the kernel and the process being run. To do this, > they need to check the task struct field added earlier to determine where > the execution that is making the check is running. For a zero value, the > normal boundary definitions apply, but non-zero value indicates a UKL > thread and a shared address space should be assumed. I think this is just wrong. Why should a UKL process be able to read() to kernel (high-half) memory? set_fs() is gone. Please keep it gone. > > Cc: Jonathan Corbet > Cc: Masahiro Yamada > Cc: Michal Marek > Cc: Nick Desaulniers > Cc: Thomas Gleixner > Cc: Ingo Molnar > Cc: Borislav Petkov > Cc: Dave Hansen > Cc: "H. Peter Anvin" > Cc: Andy Lutomirski > Cc: Eric Biederman > Cc: Kees Cook > Cc: Peter Zijlstra > Cc: Alexander Viro > Cc: Arnd Bergmann > Cc: Juri Lelli > Cc: Vincent Guittot > Cc: Dietmar Eggemann > Cc: Steven Rostedt > Cc: Ben Segall > Cc: Mel Gorman > Cc: Daniel Bristot de Oliveira > Cc: Valentin Schneider > Cc: Paolo Bonzini > Cc: Josh Poimboeuf > > Signed-off-by: Ali Raza > --- > arch/x86/include/asm/uaccess.h | 8 ++++++++ > 1 file changed, 8 insertions(+) > > diff --git a/arch/x86/include/asm/uaccess.h b/arch/x86/include/asm/uaccess.h > index 913e593a3b45..adef521b2e59 100644 > --- a/arch/x86/include/asm/uaccess.h > +++ b/arch/x86/include/asm/uaccess.h > @@ -37,11 +37,19 @@ static inline bool pagefault_disabled(void); > * Return: true (nonzero) if the memory block may be valid, false (zero) > * if it is definitely invalid. > */ > +#ifdef CONFIG_UNIKERNEL_LINUX > +#define access_ok(addr, size) \ > +({ \ > + WARN_ON_IN_IRQ(); \ > + (is_ukl_thread() ? 1 : likely(__access_ok(addr, size))); \ > +}) > +#else > #define access_ok(addr, size) \ > ({ \ > WARN_ON_IN_IRQ(); \ > likely(__access_ok(addr, size)); \ > }) > +#endif > > #include > > -- > 2.21.3