From: Christoph Hellwig <hch@lst.de> To: x86@kernel.org, Alexei Starovoitov <ast@kernel.org>, Daniel Borkmann <daniel@iogearbox.net>, Masami Hiramatsu <mhiramat@kernel.org>, Linus Torvalds <torvalds@linux-foundation.org>, Andrew Morton <akpm@linux-foundation.org> Cc: linux-parisc@vger.kernel.org, linux-um@lists.infradead.org, netdev@vger.kernel.org, bpf@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org Subject: [PATCH 14/18] maccess: allow architectures to provide kernel probing directly Date: Wed, 13 May 2020 18:00:34 +0200 [thread overview] Message-ID: <20200513160038.2482415-15-hch@lst.de> (raw) In-Reply-To: <20200513160038.2482415-1-hch@lst.de> Provide alternative versions of probe_kernel_read, probe_kernel_write and strncpy_from_kernel_unsafe that don't need set_fs magic, but instead use arch hooks that are modelled after unsafe_{get,put}_user to access kernel memory in an exception safe way. Signed-off-by: Christoph Hellwig <hch@lst.de> --- mm/maccess.c | 76 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 76 insertions(+) diff --git a/mm/maccess.c b/mm/maccess.c index 9773e2253b495..e9efe2f98e34a 100644 --- a/mm/maccess.c +++ b/mm/maccess.c @@ -12,6 +12,81 @@ bool __weak probe_kernel_read_allowed(void *dst, const void *unsafe_src, return true; } +#ifdef HAVE_ARCH_PROBE_KERNEL + +#define probe_kernel_read_loop(dst, src, len, type, err_label) \ + while (len >= sizeof(type)) { \ + arch_kernel_read(dst, src, type, err_label); \ + dst += sizeof(type); \ + src += sizeof(type); \ + len -= sizeof(type); \ + } + +long probe_kernel_read(void *dst, const void *src, size_t size) +{ + if (!probe_kernel_read_allowed(dst, src, size)) + return -EFAULT; + + pagefault_disable(); + probe_kernel_read_loop(dst, src, size, u64, Efault); + probe_kernel_read_loop(dst, src, size, u32, Efault); + probe_kernel_read_loop(dst, src, size, u16, Efault); + probe_kernel_read_loop(dst, src, size, u8, Efault); + pagefault_enable(); + return 0; +Efault: + pagefault_enable(); + return -EFAULT; +} +EXPORT_SYMBOL_GPL(probe_kernel_read); + +#define probe_kernel_write_loop(dst, src, len, type, err_label) \ + while (len >= sizeof(type)) { \ + arch_kernel_write(dst, src, type, err_label); \ + dst += sizeof(type); \ + src += sizeof(type); \ + len -= sizeof(type); \ + } + +long probe_kernel_write(void *dst, const void *src, size_t size) +{ + pagefault_disable(); + probe_kernel_write_loop(dst, src, size, u64, Efault); + probe_kernel_write_loop(dst, src, size, u32, Efault); + probe_kernel_write_loop(dst, src, size, u16, Efault); + probe_kernel_write_loop(dst, src, size, u8, Efault); + pagefault_enable(); + return 0; +Efault: + pagefault_enable(); + return -EFAULT; +} + +long strncpy_from_kernel_unsafe(char *dst, const void *unsafe_addr, long count) +{ + const void *src = unsafe_addr; + + if (unlikely(count <= 0)) + return 0; + if (!probe_kernel_read_allowed(dst, unsafe_addr, count)) + return -EFAULT; + + pagefault_disable(); + do { + arch_kernel_read(dst, src, u8, Efault); + dst++; + src++; + } while (dst[-1] && src - unsafe_addr < count); + pagefault_enable(); + + dst[-1] = '\0'; + return src - unsafe_addr; +Efault: + pagefault_enable(); + dst[-1] = '\0'; + return -EFAULT; +} +#else /* HAVE_ARCH_PROBE_KERNEL */ /** * probe_kernel_read(): safely attempt to read from kernel-space * @dst: pointer to the buffer that shall take the data @@ -114,6 +189,7 @@ long strncpy_from_kernel_nofault(char *dst, const void *unsafe_addr, long count) return ret ? -EFAULT : src - unsafe_addr; } +#endif /* HAVE_ARCH_PROBE_KERNEL */ /** * probe_user_read(): safely attempt to read from a user-space location -- 2.26.2
WARNING: multiple messages have this Message-ID (diff)
From: Christoph Hellwig <hch@lst.de> To: x86@kernel.org, Alexei Starovoitov <ast@kernel.org>, Daniel Borkmann <daniel@iogearbox.net>, Masami Hiramatsu <mhiramat@kernel.org>, Linus Torvalds <torvalds@linux-foundation.org>, Andrew Morton <akpm@linux-foundation.org> Cc: linux-parisc@vger.kernel.org, netdev@vger.kernel.org, linux-um@lists.infradead.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, bpf@vger.kernel.org Subject: [PATCH 14/18] maccess: allow architectures to provide kernel probing directly Date: Wed, 13 May 2020 18:00:34 +0200 [thread overview] Message-ID: <20200513160038.2482415-15-hch@lst.de> (raw) In-Reply-To: <20200513160038.2482415-1-hch@lst.de> Provide alternative versions of probe_kernel_read, probe_kernel_write and strncpy_from_kernel_unsafe that don't need set_fs magic, but instead use arch hooks that are modelled after unsafe_{get,put}_user to access kernel memory in an exception safe way. Signed-off-by: Christoph Hellwig <hch@lst.de> --- mm/maccess.c | 76 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 76 insertions(+) diff --git a/mm/maccess.c b/mm/maccess.c index 9773e2253b495..e9efe2f98e34a 100644 --- a/mm/maccess.c +++ b/mm/maccess.c @@ -12,6 +12,81 @@ bool __weak probe_kernel_read_allowed(void *dst, const void *unsafe_src, return true; } +#ifdef HAVE_ARCH_PROBE_KERNEL + +#define probe_kernel_read_loop(dst, src, len, type, err_label) \ + while (len >= sizeof(type)) { \ + arch_kernel_read(dst, src, type, err_label); \ + dst += sizeof(type); \ + src += sizeof(type); \ + len -= sizeof(type); \ + } + +long probe_kernel_read(void *dst, const void *src, size_t size) +{ + if (!probe_kernel_read_allowed(dst, src, size)) + return -EFAULT; + + pagefault_disable(); + probe_kernel_read_loop(dst, src, size, u64, Efault); + probe_kernel_read_loop(dst, src, size, u32, Efault); + probe_kernel_read_loop(dst, src, size, u16, Efault); + probe_kernel_read_loop(dst, src, size, u8, Efault); + pagefault_enable(); + return 0; +Efault: + pagefault_enable(); + return -EFAULT; +} +EXPORT_SYMBOL_GPL(probe_kernel_read); + +#define probe_kernel_write_loop(dst, src, len, type, err_label) \ + while (len >= sizeof(type)) { \ + arch_kernel_write(dst, src, type, err_label); \ + dst += sizeof(type); \ + src += sizeof(type); \ + len -= sizeof(type); \ + } + +long probe_kernel_write(void *dst, const void *src, size_t size) +{ + pagefault_disable(); + probe_kernel_write_loop(dst, src, size, u64, Efault); + probe_kernel_write_loop(dst, src, size, u32, Efault); + probe_kernel_write_loop(dst, src, size, u16, Efault); + probe_kernel_write_loop(dst, src, size, u8, Efault); + pagefault_enable(); + return 0; +Efault: + pagefault_enable(); + return -EFAULT; +} + +long strncpy_from_kernel_unsafe(char *dst, const void *unsafe_addr, long count) +{ + const void *src = unsafe_addr; + + if (unlikely(count <= 0)) + return 0; + if (!probe_kernel_read_allowed(dst, unsafe_addr, count)) + return -EFAULT; + + pagefault_disable(); + do { + arch_kernel_read(dst, src, u8, Efault); + dst++; + src++; + } while (dst[-1] && src - unsafe_addr < count); + pagefault_enable(); + + dst[-1] = '\0'; + return src - unsafe_addr; +Efault: + pagefault_enable(); + dst[-1] = '\0'; + return -EFAULT; +} +#else /* HAVE_ARCH_PROBE_KERNEL */ /** * probe_kernel_read(): safely attempt to read from kernel-space * @dst: pointer to the buffer that shall take the data @@ -114,6 +189,7 @@ long strncpy_from_kernel_nofault(char *dst, const void *unsafe_addr, long count) return ret ? -EFAULT : src - unsafe_addr; } +#endif /* HAVE_ARCH_PROBE_KERNEL */ /** * probe_user_read(): safely attempt to read from a user-space location -- 2.26.2 _______________________________________________ linux-um mailing list linux-um@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-um
next prev parent reply other threads:[~2020-05-13 16:01 UTC|newest] Thread overview: 100+ messages / expand[flat|nested] mbox.gz Atom feed top 2020-05-13 16:00 clean up and streamline probe_kernel_* and friends v2 Christoph Hellwig 2020-05-13 16:00 ` Christoph Hellwig 2020-05-13 16:00 ` [PATCH 01/18] maccess: unexport probe_kernel_write and probe_user_write Christoph Hellwig 2020-05-13 16:00 ` Christoph Hellwig 2020-05-13 16:00 ` [PATCH 02/18] maccess: remove various unused weak aliases Christoph Hellwig 2020-05-13 16:00 ` Christoph Hellwig 2020-05-13 16:00 ` [PATCH 03/18] maccess: remove duplicate kerneldoc comments Christoph Hellwig 2020-05-13 16:00 ` Christoph Hellwig 2020-05-13 16:00 ` [PATCH 04/18] maccess: clarify " Christoph Hellwig 2020-05-13 16:00 ` Christoph Hellwig 2020-05-13 16:00 ` [PATCH 05/18] maccess: update the top of file comment Christoph Hellwig 2020-05-13 16:00 ` Christoph Hellwig 2020-05-13 16:00 ` [PATCH 06/18] maccess: rename strncpy_from_unsafe_user to strncpy_from_user_nofault Christoph Hellwig 2020-05-13 16:00 ` Christoph Hellwig 2020-05-13 16:00 ` [PATCH 07/18] maccess: rename strncpy_from_unsafe_strict to strncpy_from_kernel_nofault Christoph Hellwig 2020-05-13 16:00 ` Christoph Hellwig 2020-05-13 16:00 ` [PATCH 08/18] maccess: rename strnlen_unsafe_user to strnlen_user_nofault Christoph Hellwig 2020-05-13 16:00 ` Christoph Hellwig 2020-05-13 16:00 ` [PATCH 09/18] maccess: remove probe_read_common and probe_write_common Christoph Hellwig 2020-05-13 16:00 ` Christoph Hellwig 2020-05-13 16:00 ` [PATCH 10/18] maccess: unify the probe kernel arch hooks Christoph Hellwig 2020-05-13 16:00 ` Christoph Hellwig 2020-05-14 1:13 ` Masami Hiramatsu 2020-05-14 1:13 ` Masami Hiramatsu 2020-05-19 5:46 ` Christoph Hellwig 2020-05-19 5:46 ` Christoph Hellwig 2020-05-13 16:00 ` [PATCH 11/18] maccess: remove strncpy_from_unsafe Christoph Hellwig 2020-05-13 16:00 ` Christoph Hellwig 2020-05-13 19:11 ` Linus Torvalds 2020-05-13 19:11 ` Linus Torvalds 2020-05-13 19:11 ` Linus Torvalds 2020-05-13 19:28 ` Christoph Hellwig 2020-05-13 19:28 ` Christoph Hellwig 2020-05-13 22:36 ` Daniel Borkmann 2020-05-13 22:36 ` Daniel Borkmann 2020-05-13 23:03 ` Linus Torvalds 2020-05-13 23:03 ` Linus Torvalds 2020-05-13 23:03 ` Linus Torvalds 2020-05-13 23:24 ` Daniel Borkmann 2020-05-13 23:24 ` Daniel Borkmann 2020-05-13 23:20 ` Masami Hiramatsu 2020-05-13 23:20 ` Masami Hiramatsu 2020-05-13 23:59 ` Linus Torvalds 2020-05-13 23:59 ` Linus Torvalds 2020-05-13 23:59 ` Linus Torvalds 2020-05-14 1:00 ` Masami Hiramatsu 2020-05-14 1:00 ` Masami Hiramatsu 2020-05-14 2:43 ` Linus Torvalds 2020-05-14 2:43 ` Linus Torvalds 2020-05-14 2:43 ` Linus Torvalds 2020-05-14 9:44 ` Masami Hiramatsu 2020-05-14 9:44 ` Masami Hiramatsu 2020-05-14 10:27 ` Daniel Borkmann 2020-05-14 10:27 ` Daniel Borkmann 2020-05-13 23:28 ` Al Viro 2020-05-13 23:28 ` Al Viro 2020-05-13 23:58 ` Daniel Borkmann 2020-05-13 23:58 ` Daniel Borkmann 2020-05-14 10:01 ` David Laight 2020-05-14 10:01 ` David Laight 2020-05-14 10:21 ` Daniel Borkmann 2020-05-14 10:21 ` Daniel Borkmann 2020-05-13 16:00 ` [PATCH 12/18] maccess: always use strict semantics for probe_kernel_read Christoph Hellwig 2020-05-13 16:00 ` Christoph Hellwig 2020-05-13 16:00 ` [PATCH 13/18] maccess: move user access routines together Christoph Hellwig 2020-05-13 16:00 ` Christoph Hellwig 2020-05-13 16:00 ` Christoph Hellwig [this message] 2020-05-13 16:00 ` [PATCH 14/18] maccess: allow architectures to provide kernel probing directly Christoph Hellwig 2020-05-13 19:36 ` Linus Torvalds 2020-05-13 19:36 ` Linus Torvalds 2020-05-13 19:36 ` Linus Torvalds 2020-05-13 19:40 ` Christoph Hellwig 2020-05-13 19:40 ` Christoph Hellwig 2020-05-13 19:48 ` Linus Torvalds 2020-05-13 19:48 ` Linus Torvalds 2020-05-13 19:48 ` Linus Torvalds 2020-05-13 19:54 ` Christoph Hellwig 2020-05-13 19:54 ` Christoph Hellwig 2020-05-16 3:42 ` Masami Hiramatsu 2020-05-16 3:42 ` Masami Hiramatsu 2020-05-18 15:09 ` Christoph Hellwig 2020-05-18 15:09 ` Christoph Hellwig 2020-05-13 16:00 ` [PATCH 15/18] x86: use non-set_fs based maccess routines Christoph Hellwig 2020-05-13 16:00 ` Christoph Hellwig 2020-05-13 16:00 ` [PATCH 16/18] maccess: rename probe_kernel_{read,write} to copy_{from,to}_kernel_nofault Christoph Hellwig 2020-05-13 16:00 ` [PATCH 16/18] maccess: rename probe_kernel_{read, write} to copy_{from, to}_kernel_nofault Christoph Hellwig 2020-05-13 16:00 ` [PATCH 17/18] maccess: rename probe_user_{read,write} to copy_{from,to}_user_nofault Christoph Hellwig 2020-05-13 16:00 ` [PATCH 17/18] maccess: rename probe_user_{read, write} to copy_{from, to}_user_nofault Christoph Hellwig 2020-05-13 16:00 ` [PATCH 18/18] maccess: rename probe_kernel_address to get_kernel_nofault Christoph Hellwig 2020-05-13 16:00 ` Christoph Hellwig 2020-05-13 19:37 ` clean up and streamline probe_kernel_* and friends v2 Linus Torvalds 2020-05-13 19:37 ` Linus Torvalds 2020-05-13 19:37 ` Linus Torvalds 2020-05-13 23:04 ` Daniel Borkmann 2020-05-13 23:04 ` Daniel Borkmann 2020-05-13 23:20 ` Linus Torvalds 2020-05-13 23:20 ` Linus Torvalds 2020-05-13 23:20 ` Linus Torvalds 2020-05-19 5:50 ` Christoph Hellwig 2020-05-19 5:50 ` Christoph Hellwig
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20200513160038.2482415-15-hch@lst.de \ --to=hch@lst.de \ --cc=akpm@linux-foundation.org \ --cc=ast@kernel.org \ --cc=bpf@vger.kernel.org \ --cc=daniel@iogearbox.net \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-mm@kvack.org \ --cc=linux-parisc@vger.kernel.org \ --cc=linux-um@lists.infradead.org \ --cc=mhiramat@kernel.org \ --cc=netdev@vger.kernel.org \ --cc=torvalds@linux-foundation.org \ --cc=x86@kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.