* [PATCH 1/9] x86, fault: Use TASK_SIZE_MAX in is_prefetch
2015-03-19 1:33 [PATCH 0/9] user_mode_vm removal and associated cleanups Andy Lutomirski
@ 2015-03-19 1:33 ` Andy Lutomirski
2015-03-23 12:20 ` [tip:x86/asm] x86/mm/fault: Use TASK_SIZE_MAX in is_prefetch() tip-bot for Andy Lutomirski
2015-03-19 1:33 ` [PATCH 2/9] x86, perf: Fix incorrect TIF_IA32 check in code_segment_base Andy Lutomirski
` (8 subsequent siblings)
9 siblings, 1 reply; 31+ messages in thread
From: Andy Lutomirski @ 2015-03-19 1:33 UTC (permalink / raw)
To: x86, linux-kernel; +Cc: Brad Spengler, Denys Vlasenko, Andy Lutomirski
This is slightly shorter and slightly faster. It's also more
correct: the split between user and kernel addresses is
TASK_SIZE_MAX regardless of ti->flags.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
---
arch/x86/mm/fault.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c
index ede025fb46f1..ae340d3761ca 100644
--- a/arch/x86/mm/fault.c
+++ b/arch/x86/mm/fault.c
@@ -148,7 +148,7 @@ is_prefetch(struct pt_regs *regs, unsigned long error_code, unsigned long addr)
instr = (void *)convert_ip_to_linear(current, regs);
max_instr = instr + 15;
- if (user_mode(regs) && instr >= (unsigned char *)TASK_SIZE)
+ if (user_mode(regs) && instr >= (unsigned char *)TASK_SIZE_MAX)
return 0;
while (instr < max_instr) {
--
2.3.0
^ permalink raw reply related [flat|nested] 31+ messages in thread
* [tip:x86/asm] x86/mm/fault: Use TASK_SIZE_MAX in is_prefetch()
2015-03-19 1:33 ` [PATCH 1/9] x86, fault: Use TASK_SIZE_MAX in is_prefetch Andy Lutomirski
@ 2015-03-23 12:20 ` tip-bot for Andy Lutomirski
0 siblings, 0 replies; 31+ messages in thread
From: tip-bot for Andy Lutomirski @ 2015-03-23 12:20 UTC (permalink / raw)
To: linux-tip-commits
Cc: tglx, dvlasenk, bp, spender, mingo, linux-kernel, hpa, torvalds, luto
Commit-ID: d31bf07f71a5568b48c5ed448e4299050469f615
Gitweb: http://git.kernel.org/tip/d31bf07f71a5568b48c5ed448e4299050469f615
Author: Andy Lutomirski <luto@kernel.org>
AuthorDate: Wed, 18 Mar 2015 18:33:27 -0700
Committer: Ingo Molnar <mingo@kernel.org>
CommitDate: Mon, 23 Mar 2015 10:08:20 +0100
x86/mm/fault: Use TASK_SIZE_MAX in is_prefetch()
This is slightly shorter and slightly faster. It's also more
correct: the split between user and kernel addresses is
TASK_SIZE_MAX, regardless of ti->flags.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brad Spengler <spender@grsecurity.net>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/09156b63bad90a327827003c9e53faa82ef4c56e.1426728647.git.luto@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
arch/x86/mm/fault.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c
index ede025f..ae340d3 100644
--- a/arch/x86/mm/fault.c
+++ b/arch/x86/mm/fault.c
@@ -148,7 +148,7 @@ is_prefetch(struct pt_regs *regs, unsigned long error_code, unsigned long addr)
instr = (void *)convert_ip_to_linear(current, regs);
max_instr = instr + 15;
- if (user_mode(regs) && instr >= (unsigned char *)TASK_SIZE)
+ if (user_mode(regs) && instr >= (unsigned char *)TASK_SIZE_MAX)
return 0;
while (instr < max_instr) {
^ permalink raw reply related [flat|nested] 31+ messages in thread
* [PATCH 2/9] x86, perf: Fix incorrect TIF_IA32 check in code_segment_base
2015-03-19 1:33 [PATCH 0/9] user_mode_vm removal and associated cleanups Andy Lutomirski
2015-03-19 1:33 ` [PATCH 1/9] x86, fault: Use TASK_SIZE_MAX in is_prefetch Andy Lutomirski
@ 2015-03-19 1:33 ` Andy Lutomirski
2015-03-23 12:20 ` [tip:x86/asm] x86/asm/entry, perf: Fix incorrect TIF_IA32 check in code_segment_base() tip-bot for Andy Lutomirski
2015-03-19 1:33 ` [PATCH 3/9] x86: Add user_mode_ignore_vm86 Andy Lutomirski
` (7 subsequent siblings)
9 siblings, 1 reply; 31+ messages in thread
From: Andy Lutomirski @ 2015-03-19 1:33 UTC (permalink / raw)
To: x86, linux-kernel; +Cc: Brad Spengler, Denys Vlasenko, Andy Lutomirski
We're want to check whether user code is in 32-bit mode, not whether
the task is nominally 32-bit.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
---
arch/x86/kernel/cpu/perf_event.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/arch/x86/kernel/cpu/perf_event.c b/arch/x86/kernel/cpu/perf_event.c
index b71a7f86d68a..979963bb3977 100644
--- a/arch/x86/kernel/cpu/perf_event.c
+++ b/arch/x86/kernel/cpu/perf_event.c
@@ -2161,10 +2161,9 @@ static unsigned long code_segment_base(struct pt_regs *regs)
if (user_mode(regs) && regs->cs != __USER_CS)
return get_segment_base(regs->cs);
#else
- if (test_thread_flag(TIF_IA32)) {
- if (user_mode(regs) && regs->cs != __USER32_CS)
- return get_segment_base(regs->cs);
- }
+ if (user_mode(regs) && !user_64bit_mode(regs) &&
+ regs->cs != __USER32_CS)
+ return get_segment_base(regs->cs);
#endif
return 0;
}
--
2.3.0
^ permalink raw reply related [flat|nested] 31+ messages in thread
* [tip:x86/asm] x86/asm/entry, perf: Fix incorrect TIF_IA32 check in code_segment_base()
2015-03-19 1:33 ` [PATCH 2/9] x86, perf: Fix incorrect TIF_IA32 check in code_segment_base Andy Lutomirski
@ 2015-03-23 12:20 ` tip-bot for Andy Lutomirski
0 siblings, 0 replies; 31+ messages in thread
From: tip-bot for Andy Lutomirski @ 2015-03-23 12:20 UTC (permalink / raw)
To: linux-tip-commits
Cc: hpa, mingo, luto, linux-kernel, tglx, bp, torvalds, spender, dvlasenk
Commit-ID: c56716af8d27ca8dd6e45445ae1c0a05fd9753a6
Gitweb: http://git.kernel.org/tip/c56716af8d27ca8dd6e45445ae1c0a05fd9753a6
Author: Andy Lutomirski <luto@kernel.org>
AuthorDate: Wed, 18 Mar 2015 18:33:28 -0700
Committer: Ingo Molnar <mingo@kernel.org>
CommitDate: Mon, 23 Mar 2015 10:08:21 +0100
x86/asm/entry, perf: Fix incorrect TIF_IA32 check in code_segment_base()
We want to check whether user code is in 32-bit mode, not
whether the task is nominally 32-bit.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brad Spengler <spender@grsecurity.net>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/33e5107085ce347a8303560302b15c2cadd62c4c.1426728647.git.luto@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
arch/x86/kernel/cpu/perf_event.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/arch/x86/kernel/cpu/perf_event.c b/arch/x86/kernel/cpu/perf_event.c
index b71a7f8..979963b 100644
--- a/arch/x86/kernel/cpu/perf_event.c
+++ b/arch/x86/kernel/cpu/perf_event.c
@@ -2161,10 +2161,9 @@ static unsigned long code_segment_base(struct pt_regs *regs)
if (user_mode(regs) && regs->cs != __USER_CS)
return get_segment_base(regs->cs);
#else
- if (test_thread_flag(TIF_IA32)) {
- if (user_mode(regs) && regs->cs != __USER32_CS)
- return get_segment_base(regs->cs);
- }
+ if (user_mode(regs) && !user_64bit_mode(regs) &&
+ regs->cs != __USER32_CS)
+ return get_segment_base(regs->cs);
#endif
return 0;
}
^ permalink raw reply related [flat|nested] 31+ messages in thread
* [PATCH 3/9] x86: Add user_mode_ignore_vm86
2015-03-19 1:33 [PATCH 0/9] user_mode_vm removal and associated cleanups Andy Lutomirski
2015-03-19 1:33 ` [PATCH 1/9] x86, fault: Use TASK_SIZE_MAX in is_prefetch Andy Lutomirski
2015-03-19 1:33 ` [PATCH 2/9] x86, perf: Fix incorrect TIF_IA32 check in code_segment_base Andy Lutomirski
@ 2015-03-19 1:33 ` Andy Lutomirski
2015-03-23 12:26 ` [tip:x86/asm] x86/asm/entry: Add user_mode_ignore_vm86() tip-bot for Andy Lutomirski
2015-03-19 1:33 ` [PATCH 4/9] x86, perf: Explicitly optimize vm86 handling in code_segment_base Andy Lutomirski
` (6 subsequent siblings)
9 siblings, 1 reply; 31+ messages in thread
From: Andy Lutomirski @ 2015-03-19 1:33 UTC (permalink / raw)
To: x86, linux-kernel; +Cc: Brad Spengler, Denys Vlasenko, Andy Lutomirski
user_mode is dangerous and user_mode_vm has a confusing name. Add
user_mode_ignore_vm86 (equivalent to current user_mode). We'll
change the small number of legitimate users of user_mode to
user_mode_ignore_vm86.
Inspired by grsec, although this works rather differently.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
---
arch/x86/include/asm/ptrace.h | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/arch/x86/include/asm/ptrace.h b/arch/x86/include/asm/ptrace.h
index 74bb2e0f3030..a60c59e977cc 100644
--- a/arch/x86/include/asm/ptrace.h
+++ b/arch/x86/include/asm/ptrace.h
@@ -121,6 +121,23 @@ static inline int user_mode_vm(struct pt_regs *regs)
#endif
}
+/*
+ * This is the fastest way to check whether regs come from user space.
+ * It is unsafe if regs might come from vm86 mode, though -- in vm86
+ * mode, all bits of CS and SS are completely under the user's control.
+ * The CPU considers vm86 mode to be CPL 3 regardless of CS and SS.
+ *
+ * Do NOT use this function unless you have already ruled out the
+ * possibility that regs came from vm86 mode.
+ *
+ * We check for RPL != 0 instead of RPL == 3 because we don't use rings
+ * 1 or 2 and this is more efficient.
+ */
+static inline int user_mode_ignore_vm86(struct pt_regs *regs)
+{
+ return (regs->cs & SEGMENT_RPL_MASK) != 0;
+}
+
static inline int v8086_mode(struct pt_regs *regs)
{
#ifdef CONFIG_X86_32
--
2.3.0
^ permalink raw reply related [flat|nested] 31+ messages in thread
* [tip:x86/asm] x86/asm/entry: Add user_mode_ignore_vm86()
2015-03-19 1:33 ` [PATCH 3/9] x86: Add user_mode_ignore_vm86 Andy Lutomirski
@ 2015-03-23 12:26 ` tip-bot for Andy Lutomirski
2015-03-23 19:38 ` Andy Lutomirski
0 siblings, 1 reply; 31+ messages in thread
From: tip-bot for Andy Lutomirski @ 2015-03-23 12:26 UTC (permalink / raw)
To: linux-tip-commits
Cc: torvalds, mingo, hpa, spender, linux-kernel, luto, dvlasenk, tglx, bp
Commit-ID: a67e7277d01ccfd39b0db5a198c2643cc19dd79c
Gitweb: http://git.kernel.org/tip/a67e7277d01ccfd39b0db5a198c2643cc19dd79c
Author: Andy Lutomirski <luto@kernel.org>
AuthorDate: Wed, 18 Mar 2015 18:33:29 -0700
Committer: Ingo Molnar <mingo@kernel.org>
CommitDate: Mon, 23 Mar 2015 11:13:36 +0100
x86/asm/entry: Add user_mode_ignore_vm86()
user_mode() is dangerous and user_mode_vm() has a confusing name.
Add user_mode_ignore_vm86() (equivalent to current user_mode()).
We'll change the small number of legitimate users of user_mode()
to user_mode_ignore_vm86().
Inspired by grsec, although this works rather differently.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brad Spengler <spender@grsecurity.net>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/202c56ca63823c338af8e2e54948dbe222da6343.1426728647.git.luto@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
arch/x86/include/asm/ptrace.h | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/arch/x86/include/asm/ptrace.h b/arch/x86/include/asm/ptrace.h
index 83b874d..4a040f0 100644
--- a/arch/x86/include/asm/ptrace.h
+++ b/arch/x86/include/asm/ptrace.h
@@ -121,6 +121,23 @@ static inline int user_mode_vm(struct pt_regs *regs)
#endif
}
+/*
+ * This is the fastest way to check whether regs come from user space.
+ * It is unsafe if regs might come from vm86 mode, though -- in vm86
+ * mode, all bits of CS and SS are completely under the user's control.
+ * The CPU considers vm86 mode to be CPL 3 regardless of CS and SS.
+ *
+ * Do NOT use this function unless you have already ruled out the
+ * possibility that regs came from vm86 mode.
+ *
+ * We check for RPL != 0 instead of RPL == 3 because we don't use rings
+ * 1 or 2 and this is more efficient.
+ */
+static inline int user_mode_ignore_vm86(struct pt_regs *regs)
+{
+ return (regs->cs & SEGMENT_RPL_MASK) != 0;
+}
+
static inline int v8086_mode(struct pt_regs *regs)
{
#ifdef CONFIG_X86_32
^ permalink raw reply related [flat|nested] 31+ messages in thread
* Re: [tip:x86/asm] x86/asm/entry: Add user_mode_ignore_vm86()
2015-03-23 12:26 ` [tip:x86/asm] x86/asm/entry: Add user_mode_ignore_vm86() tip-bot for Andy Lutomirski
@ 2015-03-23 19:38 ` Andy Lutomirski
2015-03-24 19:44 ` Ingo Molnar
0 siblings, 1 reply; 31+ messages in thread
From: Andy Lutomirski @ 2015-03-23 19:38 UTC (permalink / raw)
To: H. Peter Anvin, Brad Spengler, Linus Torvalds, Ingo Molnar,
Borislav Petkov, linux-kernel, Thomas Gleixner,
Andrew Lutomirski, Denys Vlasenko
Cc: linux-tip-commits
On Mon, Mar 23, 2015 at 5:26 AM, tip-bot for Andy Lutomirski
<tipbot@zytor.com> wrote:
> Commit-ID: a67e7277d01ccfd39b0db5a198c2643cc19dd79c
> Gitweb: http://git.kernel.org/tip/a67e7277d01ccfd39b0db5a198c2643cc19dd79c
> Author: Andy Lutomirski <luto@kernel.org>
> AuthorDate: Wed, 18 Mar 2015 18:33:29 -0700
> Committer: Ingo Molnar <mingo@kernel.org>
> CommitDate: Mon, 23 Mar 2015 11:13:36 +0100
>
> x86/asm/entry: Add user_mode_ignore_vm86()
>
> user_mode() is dangerous and user_mode_vm() has a confusing name.
>
> Add user_mode_ignore_vm86() (equivalent to current user_mode()).
> We'll change the small number of legitimate users of user_mode()
> to user_mode_ignore_vm86().
>
> Inspired by grsec, although this works rather differently.
Ingo, does this mean that you changed your mind or do you still want a
patch to delete user_mode_ignore_vm86 and just use user_mode
everywhere instead?
--Andy
^ permalink raw reply [flat|nested] 31+ messages in thread
* Re: [tip:x86/asm] x86/asm/entry: Add user_mode_ignore_vm86()
2015-03-23 19:38 ` Andy Lutomirski
@ 2015-03-24 19:44 ` Ingo Molnar
2015-03-24 19:46 ` Andy Lutomirski
0 siblings, 1 reply; 31+ messages in thread
From: Ingo Molnar @ 2015-03-24 19:44 UTC (permalink / raw)
To: Andy Lutomirski
Cc: H. Peter Anvin, Brad Spengler, Linus Torvalds, Borislav Petkov,
linux-kernel, Thomas Gleixner, Andrew Lutomirski, Denys Vlasenko,
linux-tip-commits
* Andy Lutomirski <luto@amacapital.net> wrote:
> On Mon, Mar 23, 2015 at 5:26 AM, tip-bot for Andy Lutomirski
> <tipbot@zytor.com> wrote:
> > Commit-ID: a67e7277d01ccfd39b0db5a198c2643cc19dd79c
> > Gitweb: http://git.kernel.org/tip/a67e7277d01ccfd39b0db5a198c2643cc19dd79c
> > Author: Andy Lutomirski <luto@kernel.org>
> > AuthorDate: Wed, 18 Mar 2015 18:33:29 -0700
> > Committer: Ingo Molnar <mingo@kernel.org>
> > CommitDate: Mon, 23 Mar 2015 11:13:36 +0100
> >
> > x86/asm/entry: Add user_mode_ignore_vm86()
> >
> > user_mode() is dangerous and user_mode_vm() has a confusing name.
> >
> > Add user_mode_ignore_vm86() (equivalent to current user_mode()).
> > We'll change the small number of legitimate users of user_mode()
> > to user_mode_ignore_vm86().
> >
> > Inspired by grsec, although this works rather differently.
>
> Ingo, does this mean that you changed your mind or do you still want
> a patch to delete user_mode_ignore_vm86 and just use user_mode
> everywhere instead?
Would be still nice to have it as an add on patch, if you agree with
my arguments.
I picked up your series as-is because it's correct and because it
already improves things a lot in this area.
Thanks,
Ingo
^ permalink raw reply [flat|nested] 31+ messages in thread
* Re: [tip:x86/asm] x86/asm/entry: Add user_mode_ignore_vm86()
2015-03-24 19:44 ` Ingo Molnar
@ 2015-03-24 19:46 ` Andy Lutomirski
2015-03-27 13:48 ` Denys Vlasenko
0 siblings, 1 reply; 31+ messages in thread
From: Andy Lutomirski @ 2015-03-24 19:46 UTC (permalink / raw)
To: Ingo Molnar
Cc: H. Peter Anvin, Brad Spengler, Linus Torvalds, Borislav Petkov,
linux-kernel, Thomas Gleixner, Andrew Lutomirski, Denys Vlasenko,
linux-tip-commits
On Tue, Mar 24, 2015 at 12:44 PM, Ingo Molnar <mingo@kernel.org> wrote:
>
> * Andy Lutomirski <luto@amacapital.net> wrote:
>
>> On Mon, Mar 23, 2015 at 5:26 AM, tip-bot for Andy Lutomirski
>> <tipbot@zytor.com> wrote:
>> > Commit-ID: a67e7277d01ccfd39b0db5a198c2643cc19dd79c
>> > Gitweb: http://git.kernel.org/tip/a67e7277d01ccfd39b0db5a198c2643cc19dd79c
>> > Author: Andy Lutomirski <luto@kernel.org>
>> > AuthorDate: Wed, 18 Mar 2015 18:33:29 -0700
>> > Committer: Ingo Molnar <mingo@kernel.org>
>> > CommitDate: Mon, 23 Mar 2015 11:13:36 +0100
>> >
>> > x86/asm/entry: Add user_mode_ignore_vm86()
>> >
>> > user_mode() is dangerous and user_mode_vm() has a confusing name.
>> >
>> > Add user_mode_ignore_vm86() (equivalent to current user_mode()).
>> > We'll change the small number of legitimate users of user_mode()
>> > to user_mode_ignore_vm86().
>> >
>> > Inspired by grsec, although this works rather differently.
>>
>> Ingo, does this mean that you changed your mind or do you still want
>> a patch to delete user_mode_ignore_vm86 and just use user_mode
>> everywhere instead?
>
> Would be still nice to have it as an add on patch, if you agree with
> my arguments.
Given that there are only a very small number of callers left and
they're all Obviously Correct (tm), I'm not too worried about it.
Maybe if we kill off __copy_to_user, I'll be inspired to kill off
user_mode_ignore_vm86 as well :)
--Andy
>
> I picked up your series as-is because it's correct and because it
> already improves things a lot in this area.
>
> Thanks,
>
> Ingo
--
Andy Lutomirski
AMA Capital Management, LLC
^ permalink raw reply [flat|nested] 31+ messages in thread
* Re: [tip:x86/asm] x86/asm/entry: Add user_mode_ignore_vm86()
2015-03-24 19:46 ` Andy Lutomirski
@ 2015-03-27 13:48 ` Denys Vlasenko
2015-03-29 7:08 ` Ingo Molnar
0 siblings, 1 reply; 31+ messages in thread
From: Denys Vlasenko @ 2015-03-27 13:48 UTC (permalink / raw)
To: Andy Lutomirski, Ingo Molnar
Cc: H. Peter Anvin, Brad Spengler, Linus Torvalds, Borislav Petkov,
linux-kernel, Thomas Gleixner, Andrew Lutomirski,
linux-tip-commits
On 03/24/2015 08:46 PM, Andy Lutomirski wrote:
> On Tue, Mar 24, 2015 at 12:44 PM, Ingo Molnar <mingo@kernel.org> wrote:
>>
>> * Andy Lutomirski <luto@amacapital.net> wrote:
>>
>>> On Mon, Mar 23, 2015 at 5:26 AM, tip-bot for Andy Lutomirski
>>> <tipbot@zytor.com> wrote:
>>>> Commit-ID: a67e7277d01ccfd39b0db5a198c2643cc19dd79c
>>>> Gitweb: http://git.kernel.org/tip/a67e7277d01ccfd39b0db5a198c2643cc19dd79c
>>>> Author: Andy Lutomirski <luto@kernel.org>
>>>> AuthorDate: Wed, 18 Mar 2015 18:33:29 -0700
>>>> Committer: Ingo Molnar <mingo@kernel.org>
>>>> CommitDate: Mon, 23 Mar 2015 11:13:36 +0100
>>>>
>>>> x86/asm/entry: Add user_mode_ignore_vm86()
>>>>
>>>> user_mode() is dangerous and user_mode_vm() has a confusing name.
>>>>
>>>> Add user_mode_ignore_vm86() (equivalent to current user_mode()).
>>>> We'll change the small number of legitimate users of user_mode()
>>>> to user_mode_ignore_vm86().
>>>>
>>>> Inspired by grsec, although this works rather differently.
>>>
>>> Ingo, does this mean that you changed your mind or do you still want
>>> a patch to delete user_mode_ignore_vm86 and just use user_mode
>>> everywhere instead?
>>
>> Would be still nice to have it as an add on patch, if you agree with
>> my arguments.
>
> Given that there are only a very small number of callers left and
> they're all Obviously Correct (tm), I'm not too worried about it.
> Maybe if we kill off __copy_to_user, I'll be inspired to kill off
> user_mode_ignore_vm86 as well :)
I was looking at the code involving this function and it looks
like a much better name for user_mode_ignore_vm86() would be
user_mode_cs().
Every time we use it, we check vm8086 mode just before it:
perf_event.c
if (regs->flags & X86_VM_MASK)
return 0x10 * regs->cs;
if (user_mode_ignore_vm86(regs) && regs->cs != __USER_CS)
return get_segment_base(regs->cs);
traps.c (three similar instances):
if (v8086_mode(regs)) {
...
goto exit;
}
if (user_mode_ignore_vm86(regs))...
"_ignore_vm86" part doesn't quite work as an explanation.
user_mode_cs() would immediately tell me "do we have a user's cs?"
^ permalink raw reply [flat|nested] 31+ messages in thread
* Re: [tip:x86/asm] x86/asm/entry: Add user_mode_ignore_vm86()
2015-03-27 13:48 ` Denys Vlasenko
@ 2015-03-29 7:08 ` Ingo Molnar
2015-03-29 9:02 ` [PATCH] x86/asm/entry: Remove user_mode_ignore_vm86() Ingo Molnar
` (2 more replies)
0 siblings, 3 replies; 31+ messages in thread
From: Ingo Molnar @ 2015-03-29 7:08 UTC (permalink / raw)
To: Denys Vlasenko
Cc: Andy Lutomirski, H. Peter Anvin, Brad Spengler, Linus Torvalds,
Borislav Petkov, linux-kernel, Thomas Gleixner,
Andrew Lutomirski, linux-tip-commits
* Denys Vlasenko <dvlasenk@redhat.com> wrote:
> On 03/24/2015 08:46 PM, Andy Lutomirski wrote:
> > On Tue, Mar 24, 2015 at 12:44 PM, Ingo Molnar <mingo@kernel.org> wrote:
> >>
> >> * Andy Lutomirski <luto@amacapital.net> wrote:
> >>
> >>> On Mon, Mar 23, 2015 at 5:26 AM, tip-bot for Andy Lutomirski
> >>> <tipbot@zytor.com> wrote:
> >>>> Commit-ID: a67e7277d01ccfd39b0db5a198c2643cc19dd79c
> >>>> Gitweb: http://git.kernel.org/tip/a67e7277d01ccfd39b0db5a198c2643cc19dd79c
> >>>> Author: Andy Lutomirski <luto@kernel.org>
> >>>> AuthorDate: Wed, 18 Mar 2015 18:33:29 -0700
> >>>> Committer: Ingo Molnar <mingo@kernel.org>
> >>>> CommitDate: Mon, 23 Mar 2015 11:13:36 +0100
> >>>>
> >>>> x86/asm/entry: Add user_mode_ignore_vm86()
> >>>>
> >>>> user_mode() is dangerous and user_mode_vm() has a confusing name.
> >>>>
> >>>> Add user_mode_ignore_vm86() (equivalent to current user_mode()).
> >>>> We'll change the small number of legitimate users of user_mode()
> >>>> to user_mode_ignore_vm86().
> >>>>
> >>>> Inspired by grsec, although this works rather differently.
> >>>
> >>> Ingo, does this mean that you changed your mind or do you still want
> >>> a patch to delete user_mode_ignore_vm86 and just use user_mode
> >>> everywhere instead?
> >>
> >> Would be still nice to have it as an add on patch, if you agree with
> >> my arguments.
> >
> > Given that there are only a very small number of callers left and
> > they're all Obviously Correct (tm), I'm not too worried about it.
> > Maybe if we kill off __copy_to_user, I'll be inspired to kill off
> > user_mode_ignore_vm86 as well :)
>
>
> I was looking at the code involving this function and it looks
> like a much better name for user_mode_ignore_vm86() would be
> user_mode_cs().
>
> Every time we use it, we check vm8086 mode just before it:
>
> perf_event.c
>
> if (regs->flags & X86_VM_MASK)
> return 0x10 * regs->cs;
>
> if (user_mode_ignore_vm86(regs) && regs->cs != __USER_CS)
> return get_segment_base(regs->cs);
>
>
> traps.c (three similar instances):
>
> if (v8086_mode(regs)) {
> ...
> goto exit;
> }
> if (user_mode_ignore_vm86(regs))...
>
>
> "_ignore_vm86" part doesn't quite work as an explanation.
> user_mode_cs() would immediately tell me "do we have a user's cs?"
So what the function name wanted to express is something like this:
if (user_mode_vm86_mode_already_checked_so_this_is_marginally_faster_but_dont_use_it_otherwise_because_that_would_be_a_roothole())
{
...
}
but that name was considered somewhat long.
Thanks,
Ingo
^ permalink raw reply [flat|nested] 31+ messages in thread
* [PATCH] x86/asm/entry: Remove user_mode_ignore_vm86()
2015-03-29 7:08 ` Ingo Molnar
@ 2015-03-29 9:02 ` Ingo Molnar
2015-03-29 12:13 ` Borislav Petkov
2015-03-31 12:39 ` [tip:x86/asm] " tip-bot for Ingo Molnar
2015-03-29 11:55 ` [tip:x86/asm] x86/asm/entry: Add user_mode_ignore_vm86() Borislav Petkov
2015-03-29 20:51 ` Denys Vlasenko
2 siblings, 2 replies; 31+ messages in thread
From: Ingo Molnar @ 2015-03-29 9:02 UTC (permalink / raw)
To: Denys Vlasenko
Cc: Andy Lutomirski, H. Peter Anvin, Brad Spengler, Linus Torvalds,
Borislav Petkov, linux-kernel, Thomas Gleixner,
Andrew Lutomirski, linux-tip-commits
* Ingo Molnar <mingo@kernel.org> wrote:
> So what the function name wanted to express is something like this:
>
> if (user_mode_vm86_mode_already_checked_so_this_is_marginally_faster_but_dont_use_it_otherwise_because_that_would_be_a_roothole())
> {
> ...
> }
>
> but that name was considered somewhat long.
So how about doing the patch below?
Thanks,
Ingo
===================================>
>From 6677d6f073cfda7f1036eb06d13faaad5c6742cc Mon Sep 17 00:00:00 2001
From: Ingo Molnar <mingo@kernel.org>
Date: Sun, 29 Mar 2015 09:10:08 +0200
Subject: [PATCH] x86/asm/entry: Remove user_mode_ignore_vm86()
user_mode_ignore_vm86() can be used instead of user_mode(), in
places where we have already done a v8086_mode() security
check of ptregs.
But doing this check in the wrong place would be a bug that could
result in security problems, and also the naming still isn't very clear.
Furthermore, it only affects 32-bit kernels, while most development
happens on 64-bit kernels.
If we replace them with user_mode() checks then the cost is only a
very minor increase in various slowpaths:
text data bss dec hex filename
10573391 703562 1753042 13029995 c6d26b vmlinux.o.before
10573423 703562 1753042 13030027 c6d28b vmlinux.o.after
So lets get rid of this distinction once and for all.
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
arch/x86/include/asm/ptrace.h | 17 -----------------
arch/x86/kernel/cpu/perf_event.c | 2 +-
arch/x86/kernel/traps.c | 6 +++---
3 files changed, 4 insertions(+), 21 deletions(-)
diff --git a/arch/x86/include/asm/ptrace.h b/arch/x86/include/asm/ptrace.h
index d20bae298852..19507ffa5d28 100644
--- a/arch/x86/include/asm/ptrace.h
+++ b/arch/x86/include/asm/ptrace.h
@@ -113,23 +113,6 @@ static inline int user_mode(struct pt_regs *regs)
#endif
}
-/*
- * This is the fastest way to check whether regs come from user space.
- * It is unsafe if regs might come from vm86 mode, though -- in vm86
- * mode, all bits of CS and SS are completely under the user's control.
- * The CPU considers vm86 mode to be CPL 3 regardless of CS and SS.
- *
- * Do NOT use this function unless you have already ruled out the
- * possibility that regs came from vm86 mode.
- *
- * We check for RPL != 0 instead of RPL == 3 because we don't use rings
- * 1 or 2 and this is more efficient.
- */
-static inline int user_mode_ignore_vm86(struct pt_regs *regs)
-{
- return (regs->cs & SEGMENT_RPL_MASK) != 0;
-}
-
static inline int v8086_mode(struct pt_regs *regs)
{
#ifdef CONFIG_X86_32
diff --git a/arch/x86/kernel/cpu/perf_event.c b/arch/x86/kernel/cpu/perf_event.c
index 56f7e60ad732..e2888a3ad1e3 100644
--- a/arch/x86/kernel/cpu/perf_event.c
+++ b/arch/x86/kernel/cpu/perf_event.c
@@ -2159,7 +2159,7 @@ static unsigned long code_segment_base(struct pt_regs *regs)
if (regs->flags & X86_VM_MASK)
return 0x10 * regs->cs;
- if (user_mode_ignore_vm86(regs) && regs->cs != __USER_CS)
+ if (user_mode(regs) && regs->cs != __USER_CS)
return get_segment_base(regs->cs);
#else
if (user_mode(regs) && !user_64bit_mode(regs) &&
diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c
index c8eb469a94a4..6751c5c58eec 100644
--- a/arch/x86/kernel/traps.c
+++ b/arch/x86/kernel/traps.c
@@ -207,7 +207,7 @@ do_trap_no_signal(struct task_struct *tsk, int trapnr, char *str,
return -1;
}
- if (!user_mode_ignore_vm86(regs)) {
+ if (!user_mode(regs)) {
if (!fixup_exception(regs)) {
tsk->thread.error_code = error_code;
tsk->thread.trap_nr = trapnr;
@@ -468,7 +468,7 @@ do_general_protection(struct pt_regs *regs, long error_code)
}
tsk = current;
- if (!user_mode_ignore_vm86(regs)) {
+ if (!user_mode(regs)) {
if (fixup_exception(regs))
goto exit;
@@ -685,7 +685,7 @@ dotraplinkage void do_debug(struct pt_regs *regs, long error_code)
* We already checked v86 mode above, so we can check for kernel mode
* by just checking the CPL of CS.
*/
- if ((dr6 & DR_STEP) && !user_mode_ignore_vm86(regs)) {
+ if ((dr6 & DR_STEP) && !user_mode(regs)) {
tsk->thread.debugreg6 &= ~DR_STEP;
set_tsk_thread_flag(tsk, TIF_SINGLESTEP);
regs->flags &= ~X86_EFLAGS_TF;
^ permalink raw reply related [flat|nested] 31+ messages in thread
* Re: [PATCH] x86/asm/entry: Remove user_mode_ignore_vm86()
2015-03-29 9:02 ` [PATCH] x86/asm/entry: Remove user_mode_ignore_vm86() Ingo Molnar
@ 2015-03-29 12:13 ` Borislav Petkov
2015-03-29 13:24 ` Andy Lutomirski
2015-03-31 12:39 ` [tip:x86/asm] " tip-bot for Ingo Molnar
1 sibling, 1 reply; 31+ messages in thread
From: Borislav Petkov @ 2015-03-29 12:13 UTC (permalink / raw)
To: Ingo Molnar
Cc: Denys Vlasenko, Andy Lutomirski, H. Peter Anvin, Brad Spengler,
Linus Torvalds, linux-kernel, Thomas Gleixner, Andrew Lutomirski,
linux-tip-commits
On Sun, Mar 29, 2015 at 11:02:34AM +0200, Ingo Molnar wrote:
> So how about doing the patch below?
>
> Thanks,
>
> Ingo
>
> ===================================>
> From 6677d6f073cfda7f1036eb06d13faaad5c6742cc Mon Sep 17 00:00:00 2001
> From: Ingo Molnar <mingo@kernel.org>
> Date: Sun, 29 Mar 2015 09:10:08 +0200
> Subject: [PATCH] x86/asm/entry: Remove user_mode_ignore_vm86()
>
> user_mode_ignore_vm86() can be used instead of user_mode(), in
> places where we have already done a v8086_mode() security
> check of ptregs.
>
> But doing this check in the wrong place would be a bug that could
> result in security problems, and also the naming still isn't very clear.
>
> Furthermore, it only affects 32-bit kernels, while most development
> happens on 64-bit kernels.
>
> If we replace them with user_mode() checks then the cost is only a
> very minor increase in various slowpaths:
>
> text data bss dec hex filename
> 10573391 703562 1753042 13029995 c6d26b vmlinux.o.before
> 10573423 703562 1753042 13030027 c6d28b vmlinux.o.after
>
> So lets get rid of this distinction once and for all.
>
> Cc: Andy Lutomirski <luto@amacapital.net>
> Cc: Borislav Petkov <bp@alien8.de>
> Cc: Denys Vlasenko <dvlasenk@redhat.com>
> Cc: H. Peter Anvin <hpa@zytor.com>
> Cc: Linus Torvalds <torvalds@linux-foundation.org>
> Cc: Oleg Nesterov <oleg@redhat.com>
> Cc: Thomas Gleixner <tglx@linutronix.de>
> Signed-off-by: Ingo Molnar <mingo@kernel.org>
> ---
> arch/x86/include/asm/ptrace.h | 17 -----------------
> arch/x86/kernel/cpu/perf_event.c | 2 +-
> arch/x86/kernel/traps.c | 6 +++---
> 3 files changed, 4 insertions(+), 21 deletions(-)
I had some doubts about people using user_mode_ignore_vm86() in the
wrong way and thus introducing sec. bugs.
Since this is only on the slow path, simplifying the code makes sense to
me.
Acked-by: Borislav Petkov <bp@suse.de>
--
Regards/Gruss,
Boris.
ECO tip #101: Trim your mails when you reply.
--
^ permalink raw reply [flat|nested] 31+ messages in thread
* Re: [PATCH] x86/asm/entry: Remove user_mode_ignore_vm86()
2015-03-29 12:13 ` Borislav Petkov
@ 2015-03-29 13:24 ` Andy Lutomirski
0 siblings, 0 replies; 31+ messages in thread
From: Andy Lutomirski @ 2015-03-29 13:24 UTC (permalink / raw)
To: Borislav Petkov
Cc: Ingo Molnar, Denys Vlasenko, H. Peter Anvin, Brad Spengler,
Linus Torvalds, linux-kernel, Thomas Gleixner, Andrew Lutomirski,
linux-tip-commits
On Sun, Mar 29, 2015 at 5:13 AM, Borislav Petkov <bp@alien8.de> wrote:
> On Sun, Mar 29, 2015 at 11:02:34AM +0200, Ingo Molnar wrote:
>> So how about doing the patch below?
>>
>> Thanks,
>>
>> Ingo
>>
>> ===================================>
>> From 6677d6f073cfda7f1036eb06d13faaad5c6742cc Mon Sep 17 00:00:00 2001
>> From: Ingo Molnar <mingo@kernel.org>
>> Date: Sun, 29 Mar 2015 09:10:08 +0200
>> Subject: [PATCH] x86/asm/entry: Remove user_mode_ignore_vm86()
>>
>> user_mode_ignore_vm86() can be used instead of user_mode(), in
>> places where we have already done a v8086_mode() security
>> check of ptregs.
>>
>> But doing this check in the wrong place would be a bug that could
>> result in security problems, and also the naming still isn't very clear.
>>
>> Furthermore, it only affects 32-bit kernels, while most development
>> happens on 64-bit kernels.
>>
>> If we replace them with user_mode() checks then the cost is only a
>> very minor increase in various slowpaths:
>>
>> text data bss dec hex filename
>> 10573391 703562 1753042 13029995 c6d26b vmlinux.o.before
>> 10573423 703562 1753042 13030027 c6d28b vmlinux.o.after
>>
>> So lets get rid of this distinction once and for all.
>>
>> Cc: Andy Lutomirski <luto@amacapital.net>
>> Cc: Borislav Petkov <bp@alien8.de>
>> Cc: Denys Vlasenko <dvlasenk@redhat.com>
>> Cc: H. Peter Anvin <hpa@zytor.com>
>> Cc: Linus Torvalds <torvalds@linux-foundation.org>
>> Cc: Oleg Nesterov <oleg@redhat.com>
>> Cc: Thomas Gleixner <tglx@linutronix.de>
>> Signed-off-by: Ingo Molnar <mingo@kernel.org>
>> ---
>> arch/x86/include/asm/ptrace.h | 17 -----------------
>> arch/x86/kernel/cpu/perf_event.c | 2 +-
>> arch/x86/kernel/traps.c | 6 +++---
>> 3 files changed, 4 insertions(+), 21 deletions(-)
>
> I had some doubts about people using user_mode_ignore_vm86() in the
> wrong way and thus introducing sec. bugs.
>
> Since this is only on the slow path, simplifying the code makes sense to
> me.
>
> Acked-by: Borislav Petkov <bp@suse.de>
>
Ditto.
Acked-by: Andy Lutomirski <luto@kernel.org>
> --
> Regards/Gruss,
> Boris.
>
> ECO tip #101: Trim your mails when you reply.
> --
--
Andy Lutomirski
AMA Capital Management, LLC
^ permalink raw reply [flat|nested] 31+ messages in thread
* [tip:x86/asm] x86/asm/entry: Remove user_mode_ignore_vm86()
2015-03-29 9:02 ` [PATCH] x86/asm/entry: Remove user_mode_ignore_vm86() Ingo Molnar
2015-03-29 12:13 ` Borislav Petkov
@ 2015-03-31 12:39 ` tip-bot for Ingo Molnar
1 sibling, 0 replies; 31+ messages in thread
From: tip-bot for Ingo Molnar @ 2015-03-31 12:39 UTC (permalink / raw)
To: linux-tip-commits
Cc: bp, torvalds, mingo, oleg, hpa, dvlasenk, tglx, linux-kernel,
luto, spender, luto, bp
Commit-ID: 55474c48b4726fd3914c1ec47fced0f931729979
Gitweb: http://git.kernel.org/tip/55474c48b4726fd3914c1ec47fced0f931729979
Author: Ingo Molnar <mingo@kernel.org>
AuthorDate: Sun, 29 Mar 2015 11:02:34 +0200
Committer: Ingo Molnar <mingo@kernel.org>
CommitDate: Tue, 31 Mar 2015 11:45:19 +0200
x86/asm/entry: Remove user_mode_ignore_vm86()
user_mode_ignore_vm86() can be used instead of user_mode(), in
places where we have already done a v8086_mode() security
check of ptregs.
But doing this check in the wrong place would be a bug that
could result in security problems, and also the naming still
isn't very clear.
Furthermore, it only affects 32-bit kernels, while most
development happens on 64-bit kernels.
If we replace them with user_mode() checks then the cost is only
a very minor increase in various slowpaths:
text data bss dec hex filename
10573391 703562 1753042 13029995 c6d26b vmlinux.o.before
10573423 703562 1753042 13030027 c6d28b vmlinux.o.after
So lets get rid of this distinction once and for all.
Acked-by: Borislav Petkov <bp@suse.de>
Acked-by: Andy Lutomirski <luto@kernel.org>
Cc: Andrew Lutomirski <luto@kernel.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brad Spengler <spender@grsecurity.net>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/20150329090233.GA1963@gmail.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
arch/x86/include/asm/ptrace.h | 17 -----------------
arch/x86/kernel/cpu/perf_event.c | 2 +-
arch/x86/kernel/traps.c | 6 +++---
3 files changed, 4 insertions(+), 21 deletions(-)
diff --git a/arch/x86/include/asm/ptrace.h b/arch/x86/include/asm/ptrace.h
index d20bae2..19507ff 100644
--- a/arch/x86/include/asm/ptrace.h
+++ b/arch/x86/include/asm/ptrace.h
@@ -113,23 +113,6 @@ static inline int user_mode(struct pt_regs *regs)
#endif
}
-/*
- * This is the fastest way to check whether regs come from user space.
- * It is unsafe if regs might come from vm86 mode, though -- in vm86
- * mode, all bits of CS and SS are completely under the user's control.
- * The CPU considers vm86 mode to be CPL 3 regardless of CS and SS.
- *
- * Do NOT use this function unless you have already ruled out the
- * possibility that regs came from vm86 mode.
- *
- * We check for RPL != 0 instead of RPL == 3 because we don't use rings
- * 1 or 2 and this is more efficient.
- */
-static inline int user_mode_ignore_vm86(struct pt_regs *regs)
-{
- return (regs->cs & SEGMENT_RPL_MASK) != 0;
-}
-
static inline int v8086_mode(struct pt_regs *regs)
{
#ifdef CONFIG_X86_32
diff --git a/arch/x86/kernel/cpu/perf_event.c b/arch/x86/kernel/cpu/perf_event.c
index 56f7e60..e2888a3 100644
--- a/arch/x86/kernel/cpu/perf_event.c
+++ b/arch/x86/kernel/cpu/perf_event.c
@@ -2159,7 +2159,7 @@ static unsigned long code_segment_base(struct pt_regs *regs)
if (regs->flags & X86_VM_MASK)
return 0x10 * regs->cs;
- if (user_mode_ignore_vm86(regs) && regs->cs != __USER_CS)
+ if (user_mode(regs) && regs->cs != __USER_CS)
return get_segment_base(regs->cs);
#else
if (user_mode(regs) && !user_64bit_mode(regs) &&
diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c
index c8eb469..6751c5c 100644
--- a/arch/x86/kernel/traps.c
+++ b/arch/x86/kernel/traps.c
@@ -207,7 +207,7 @@ do_trap_no_signal(struct task_struct *tsk, int trapnr, char *str,
return -1;
}
- if (!user_mode_ignore_vm86(regs)) {
+ if (!user_mode(regs)) {
if (!fixup_exception(regs)) {
tsk->thread.error_code = error_code;
tsk->thread.trap_nr = trapnr;
@@ -468,7 +468,7 @@ do_general_protection(struct pt_regs *regs, long error_code)
}
tsk = current;
- if (!user_mode_ignore_vm86(regs)) {
+ if (!user_mode(regs)) {
if (fixup_exception(regs))
goto exit;
@@ -685,7 +685,7 @@ dotraplinkage void do_debug(struct pt_regs *regs, long error_code)
* We already checked v86 mode above, so we can check for kernel mode
* by just checking the CPL of CS.
*/
- if ((dr6 & DR_STEP) && !user_mode_ignore_vm86(regs)) {
+ if ((dr6 & DR_STEP) && !user_mode(regs)) {
tsk->thread.debugreg6 &= ~DR_STEP;
set_tsk_thread_flag(tsk, TIF_SINGLESTEP);
regs->flags &= ~X86_EFLAGS_TF;
^ permalink raw reply related [flat|nested] 31+ messages in thread
* Re: [tip:x86/asm] x86/asm/entry: Add user_mode_ignore_vm86()
2015-03-29 7:08 ` Ingo Molnar
2015-03-29 9:02 ` [PATCH] x86/asm/entry: Remove user_mode_ignore_vm86() Ingo Molnar
@ 2015-03-29 11:55 ` Borislav Petkov
2015-03-29 20:51 ` Denys Vlasenko
2 siblings, 0 replies; 31+ messages in thread
From: Borislav Petkov @ 2015-03-29 11:55 UTC (permalink / raw)
To: Ingo Molnar
Cc: Denys Vlasenko, Andy Lutomirski, H. Peter Anvin, Brad Spengler,
Linus Torvalds, linux-kernel, Thomas Gleixner, Andrew Lutomirski,
linux-tip-commits
On Sun, Mar 29, 2015 at 09:08:16AM +0200, Ingo Molnar wrote:
> So what the function name wanted to express is something like this:
>
> if (user_mode_vm86_mode_already_checked_so_this_is_marginally_faster_but_dont_use_it_otherwise_because_that_would_be_a_roothole())
LOL.
This wins the categories Longest Function Name of the Year and Most
Descriptive Function Name of the Year!
--
Regards/Gruss,
Boris.
ECO tip #101: Trim your mails when you reply.
--
^ permalink raw reply [flat|nested] 31+ messages in thread
* Re: [tip:x86/asm] x86/asm/entry: Add user_mode_ignore_vm86()
2015-03-29 7:08 ` Ingo Molnar
2015-03-29 9:02 ` [PATCH] x86/asm/entry: Remove user_mode_ignore_vm86() Ingo Molnar
2015-03-29 11:55 ` [tip:x86/asm] x86/asm/entry: Add user_mode_ignore_vm86() Borislav Petkov
@ 2015-03-29 20:51 ` Denys Vlasenko
2 siblings, 0 replies; 31+ messages in thread
From: Denys Vlasenko @ 2015-03-29 20:51 UTC (permalink / raw)
To: Ingo Molnar
Cc: Denys Vlasenko, Andy Lutomirski, H. Peter Anvin, Brad Spengler,
Linus Torvalds, Borislav Petkov, linux-kernel, Thomas Gleixner,
Andrew Lutomirski, linux-tip-commits
On Sun, Mar 29, 2015 at 9:08 AM, Ingo Molnar <mingo@kernel.org> wrote:
>> >> Would be still nice to have it as an add on patch, if you agree with
>> >> my arguments.
>> >
>> > Given that there are only a very small number of callers left and
>> > they're all Obviously Correct (tm), I'm not too worried about it.
>> > Maybe if we kill off __copy_to_user, I'll be inspired to kill off
>> > user_mode_ignore_vm86 as well :)
>>
>>
>> I was looking at the code involving this function and it looks
>> like a much better name for user_mode_ignore_vm86() would be
>> user_mode_cs().
>>
>> Every time we use it, we check vm8086 mode just before it:
>>
>> perf_event.c
>>
>> if (regs->flags & X86_VM_MASK)
>> return 0x10 * regs->cs;
>>
>> if (user_mode_ignore_vm86(regs) && regs->cs != __USER_CS)
>> return get_segment_base(regs->cs);
>>
>>
>> traps.c (three similar instances):
>>
>> if (v8086_mode(regs)) {
>> ...
>> goto exit;
>> }
>> if (user_mode_ignore_vm86(regs))...
>>
>>
>> "_ignore_vm86" part doesn't quite work as an explanation.
>> user_mode_cs() would immediately tell me "do we have a user's cs?"
>
> So what the function name wanted to express is something like this:
>
> if (user_mode_vm86_mode_already_checked_so_this_is_marginally_faster_but_dont_use_it_otherwise_because_that_would_be_a_roothole())
> {
> ...
> }
>
> but that name was considered somewhat long.
LOL :D
Seriously, though. I do think that user_mode_cs(regs) is a good name.
It's short.
It describes what it in fact checks.
"(is it) user mode cs" reads as a valid English phrase, whereas
"(is it) user mode ignore vm86" does not.
^ permalink raw reply [flat|nested] 31+ messages in thread
* [PATCH 4/9] x86, perf: Explicitly optimize vm86 handling in code_segment_base
2015-03-19 1:33 [PATCH 0/9] user_mode_vm removal and associated cleanups Andy Lutomirski
` (2 preceding siblings ...)
2015-03-19 1:33 ` [PATCH 3/9] x86: Add user_mode_ignore_vm86 Andy Lutomirski
@ 2015-03-19 1:33 ` Andy Lutomirski
2015-03-23 12:26 ` [tip:x86/asm] x86/asm/entry, perf: Explicitly optimize vm86 handling in code_segment_base() tip-bot for Andy Lutomirski
2015-03-19 1:33 ` [PATCH 5/9] x86, traps: Use user_mode_ignore_vm86 where appropriate Andy Lutomirski
` (5 subsequent siblings)
9 siblings, 1 reply; 31+ messages in thread
From: Andy Lutomirski @ 2015-03-19 1:33 UTC (permalink / raw)
To: x86, linux-kernel
Cc: Brad Spengler, Denys Vlasenko, Andy Lutomirski, Peter Zijlstra
There's no point in checking the VM bit on 64-bit, and, since we're
explicitly checking it, we can use user_mode_ignore_vm86 after the
check.
While we're at it, rearrange the ifdef slightly to make the code
flow a bit clearer.
Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
Signed-off-by: Andy Lutomirski <luto@kernel.org>
---
arch/x86/kernel/cpu/perf_event.c | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/arch/x86/kernel/cpu/perf_event.c b/arch/x86/kernel/cpu/perf_event.c
index 979963bb3977..56f7e60ad732 100644
--- a/arch/x86/kernel/cpu/perf_event.c
+++ b/arch/x86/kernel/cpu/perf_event.c
@@ -2147,18 +2147,19 @@ perf_callchain_user(struct perf_callchain_entry *entry, struct pt_regs *regs)
static unsigned long code_segment_base(struct pt_regs *regs)
{
/*
+ * For IA32 we look at the GDT/LDT segment base to convert the
+ * effective IP to a linear address.
+ */
+
+#ifdef CONFIG_X86_32
+ /*
* If we are in VM86 mode, add the segment offset to convert to a
* linear address.
*/
if (regs->flags & X86_VM_MASK)
return 0x10 * regs->cs;
- /*
- * For IA32 we look at the GDT/LDT segment base to convert the
- * effective IP to a linear address.
- */
-#ifdef CONFIG_X86_32
- if (user_mode(regs) && regs->cs != __USER_CS)
+ if (user_mode_ignore_vm86(regs) && regs->cs != __USER_CS)
return get_segment_base(regs->cs);
#else
if (user_mode(regs) && !user_64bit_mode(regs) &&
--
2.3.0
^ permalink raw reply related [flat|nested] 31+ messages in thread
* [tip:x86/asm] x86/asm/entry, perf: Explicitly optimize vm86 handling in code_segment_base()
2015-03-19 1:33 ` [PATCH 4/9] x86, perf: Explicitly optimize vm86 handling in code_segment_base Andy Lutomirski
@ 2015-03-23 12:26 ` tip-bot for Andy Lutomirski
0 siblings, 0 replies; 31+ messages in thread
From: tip-bot for Andy Lutomirski @ 2015-03-23 12:26 UTC (permalink / raw)
To: linux-tip-commits
Cc: linux-kernel, tglx, a.p.zijlstra, hpa, luto, spender, dvlasenk,
torvalds, mingo, bp
Commit-ID: 383f3af3f88aadafe1fcf1948987ad538683fb8c
Gitweb: http://git.kernel.org/tip/383f3af3f88aadafe1fcf1948987ad538683fb8c
Author: Andy Lutomirski <luto@kernel.org>
AuthorDate: Wed, 18 Mar 2015 18:33:30 -0700
Committer: Ingo Molnar <mingo@kernel.org>
CommitDate: Mon, 23 Mar 2015 11:13:41 +0100
x86/asm/entry, perf: Explicitly optimize vm86 handling in code_segment_base()
There's no point in checking the VM bit on 64-bit, and, since
we're explicitly checking it, we can use user_mode_ignore_vm86()
after the check.
While we're at it, rearrange the #ifdef slightly to make the code
flow a bit clearer.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brad Spengler <spender@grsecurity.net>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/dc1457a734feccd03a19bb3538a7648582f57cdd.1426728647.git.luto@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
arch/x86/kernel/cpu/perf_event.c | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/arch/x86/kernel/cpu/perf_event.c b/arch/x86/kernel/cpu/perf_event.c
index 979963b..56f7e60 100644
--- a/arch/x86/kernel/cpu/perf_event.c
+++ b/arch/x86/kernel/cpu/perf_event.c
@@ -2147,18 +2147,19 @@ perf_callchain_user(struct perf_callchain_entry *entry, struct pt_regs *regs)
static unsigned long code_segment_base(struct pt_regs *regs)
{
/*
+ * For IA32 we look at the GDT/LDT segment base to convert the
+ * effective IP to a linear address.
+ */
+
+#ifdef CONFIG_X86_32
+ /*
* If we are in VM86 mode, add the segment offset to convert to a
* linear address.
*/
if (regs->flags & X86_VM_MASK)
return 0x10 * regs->cs;
- /*
- * For IA32 we look at the GDT/LDT segment base to convert the
- * effective IP to a linear address.
- */
-#ifdef CONFIG_X86_32
- if (user_mode(regs) && regs->cs != __USER_CS)
+ if (user_mode_ignore_vm86(regs) && regs->cs != __USER_CS)
return get_segment_base(regs->cs);
#else
if (user_mode(regs) && !user_64bit_mode(regs) &&
^ permalink raw reply related [flat|nested] 31+ messages in thread
* [PATCH 5/9] x86, traps: Use user_mode_ignore_vm86 where appropriate
2015-03-19 1:33 [PATCH 0/9] user_mode_vm removal and associated cleanups Andy Lutomirski
` (3 preceding siblings ...)
2015-03-19 1:33 ` [PATCH 4/9] x86, perf: Explicitly optimize vm86 handling in code_segment_base Andy Lutomirski
@ 2015-03-19 1:33 ` Andy Lutomirski
2015-03-23 12:27 ` [tip:x86/asm] x86/asm/entry: Use user_mode_ignore_vm86() " tip-bot for Andy Lutomirski
2015-03-19 1:33 ` [PATCH 6/9] x86: Make user_mode work correctly if regs came from vm86 mode Andy Lutomirski
` (4 subsequent siblings)
9 siblings, 1 reply; 31+ messages in thread
From: Andy Lutomirski @ 2015-03-19 1:33 UTC (permalink / raw)
To: x86, linux-kernel; +Cc: Brad Spengler, Denys Vlasenko, Andy Lutomirski
A few of the user_mode checks in traps.c are immediately after
explicit checks for vm86 mode. Change them to
user_mode_ignore_vm86.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
---
arch/x86/kernel/traps.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c
index 081252c44cde..376fc1562bd1 100644
--- a/arch/x86/kernel/traps.c
+++ b/arch/x86/kernel/traps.c
@@ -208,7 +208,7 @@ do_trap_no_signal(struct task_struct *tsk, int trapnr, char *str,
return -1;
}
#endif
- if (!user_mode(regs)) {
+ if (!user_mode_ignore_vm86(regs)) {
if (!fixup_exception(regs)) {
tsk->thread.error_code = error_code;
tsk->thread.trap_nr = trapnr;
@@ -471,7 +471,7 @@ do_general_protection(struct pt_regs *regs, long error_code)
#endif
tsk = current;
- if (!user_mode(regs)) {
+ if (!user_mode_ignore_vm86(regs)) {
if (fixup_exception(regs))
goto exit;
@@ -688,7 +688,7 @@ dotraplinkage void do_debug(struct pt_regs *regs, long error_code)
* We already checked v86 mode above, so we can check for kernel mode
* by just checking the CPL of CS.
*/
- if ((dr6 & DR_STEP) && !user_mode(regs)) {
+ if ((dr6 & DR_STEP) && !user_mode_ignore_vm86(regs)) {
tsk->thread.debugreg6 &= ~DR_STEP;
set_tsk_thread_flag(tsk, TIF_SINGLESTEP);
regs->flags &= ~X86_EFLAGS_TF;
--
2.3.0
^ permalink raw reply related [flat|nested] 31+ messages in thread
* [tip:x86/asm] x86/asm/entry: Use user_mode_ignore_vm86() where appropriate
2015-03-19 1:33 ` [PATCH 5/9] x86, traps: Use user_mode_ignore_vm86 where appropriate Andy Lutomirski
@ 2015-03-23 12:27 ` tip-bot for Andy Lutomirski
0 siblings, 0 replies; 31+ messages in thread
From: tip-bot for Andy Lutomirski @ 2015-03-23 12:27 UTC (permalink / raw)
To: linux-tip-commits
Cc: bp, tglx, spender, luto, dvlasenk, hpa, torvalds, linux-kernel, mingo
Commit-ID: ae60f0710ae6b33092267ef8ac853c498f6d3e5d
Gitweb: http://git.kernel.org/tip/ae60f0710ae6b33092267ef8ac853c498f6d3e5d
Author: Andy Lutomirski <luto@kernel.org>
AuthorDate: Wed, 18 Mar 2015 18:33:31 -0700
Committer: Ingo Molnar <mingo@kernel.org>
CommitDate: Mon, 23 Mar 2015 11:13:46 +0100
x86/asm/entry: Use user_mode_ignore_vm86() where appropriate
A few of the user_mode() checks in traps.c are immediately after
explicit checks for vm86 mode. Change them to user_mode_ignore_vm86().
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brad Spengler <spender@grsecurity.net>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/0b324d5b75c3402be07f8d3c6245ed7f4995029e.1426728647.git.luto@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
arch/x86/kernel/traps.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c
index 2773411..1136961 100644
--- a/arch/x86/kernel/traps.c
+++ b/arch/x86/kernel/traps.c
@@ -208,7 +208,7 @@ do_trap_no_signal(struct task_struct *tsk, int trapnr, char *str,
return -1;
}
#endif
- if (!user_mode(regs)) {
+ if (!user_mode_ignore_vm86(regs)) {
if (!fixup_exception(regs)) {
tsk->thread.error_code = error_code;
tsk->thread.trap_nr = trapnr;
@@ -471,7 +471,7 @@ do_general_protection(struct pt_regs *regs, long error_code)
#endif
tsk = current;
- if (!user_mode(regs)) {
+ if (!user_mode_ignore_vm86(regs)) {
if (fixup_exception(regs))
goto exit;
@@ -688,7 +688,7 @@ dotraplinkage void do_debug(struct pt_regs *regs, long error_code)
* We already checked v86 mode above, so we can check for kernel mode
* by just checking the CPL of CS.
*/
- if ((dr6 & DR_STEP) && !user_mode(regs)) {
+ if ((dr6 & DR_STEP) && !user_mode_ignore_vm86(regs)) {
tsk->thread.debugreg6 &= ~DR_STEP;
set_tsk_thread_flag(tsk, TIF_SINGLESTEP);
regs->flags &= ~X86_EFLAGS_TF;
^ permalink raw reply related [flat|nested] 31+ messages in thread
* [PATCH 6/9] x86: Make user_mode work correctly if regs came from vm86 mode
2015-03-19 1:33 [PATCH 0/9] user_mode_vm removal and associated cleanups Andy Lutomirski
` (4 preceding siblings ...)
2015-03-19 1:33 ` [PATCH 5/9] x86, traps: Use user_mode_ignore_vm86 where appropriate Andy Lutomirski
@ 2015-03-19 1:33 ` Andy Lutomirski
2015-03-23 12:27 ` [tip:x86/asm] x86/asm/entry: Make user_mode() work correctly if regs came from VM86 mode tip-bot for Andy Lutomirski
2015-03-19 1:33 ` [PATCH 7/9] x86, treewide: s/user_mode_vm/user_mode/g Andy Lutomirski
` (3 subsequent siblings)
9 siblings, 1 reply; 31+ messages in thread
From: Andy Lutomirski @ 2015-03-19 1:33 UTC (permalink / raw)
To: x86, linux-kernel; +Cc: Brad Spengler, Denys Vlasenko, Andy Lutomirski
user_mode is now identical to user_mode_vm. Subsequent patches will
change all callers of user_mode_vm to user_mode and then delete
user_mode_vm.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
---
arch/x86/include/asm/ptrace.h | 17 +++++++----------
1 file changed, 7 insertions(+), 10 deletions(-)
diff --git a/arch/x86/include/asm/ptrace.h b/arch/x86/include/asm/ptrace.h
index a60c59e977cc..6483525bb559 100644
--- a/arch/x86/include/asm/ptrace.h
+++ b/arch/x86/include/asm/ptrace.h
@@ -96,11 +96,13 @@ static inline unsigned long regs_return_value(struct pt_regs *regs)
}
/*
- * user_mode_vm(regs) determines whether a register set came from user mode.
- * This is true if V8086 mode was enabled OR if the register set was from
- * protected mode with RPL-3 CS value. This tricky test checks that with
- * one comparison. Many places in the kernel can bypass this full check
- * if they have already ruled out V8086 mode, so user_mode(regs) can be used.
+ * user_mode(regs) determines whether a register set came from user
+ * mode. On x86_32, this is true if V8086 mode was enabled OR if the
+ * register set was from protected mode with RPL-3 CS value. This
+ * tricky test checks that with one comparison.
+ *
+ * On x86_64, vm86 mode is mercifully nonexistent, and we don't need
+ * the extra check.
*/
static inline int user_mode(struct pt_regs *regs)
{
@@ -113,12 +115,7 @@ static inline int user_mode(struct pt_regs *regs)
static inline int user_mode_vm(struct pt_regs *regs)
{
-#ifdef CONFIG_X86_32
- return ((regs->cs & SEGMENT_RPL_MASK) | (regs->flags & X86_VM_MASK)) >=
- USER_RPL;
-#else
return user_mode(regs);
-#endif
}
/*
--
2.3.0
^ permalink raw reply related [flat|nested] 31+ messages in thread
* [tip:x86/asm] x86/asm/entry: Make user_mode() work correctly if regs came from VM86 mode
2015-03-19 1:33 ` [PATCH 6/9] x86: Make user_mode work correctly if regs came from vm86 mode Andy Lutomirski
@ 2015-03-23 12:27 ` tip-bot for Andy Lutomirski
0 siblings, 0 replies; 31+ messages in thread
From: tip-bot for Andy Lutomirski @ 2015-03-23 12:27 UTC (permalink / raw)
To: linux-tip-commits
Cc: linux-kernel, hpa, luto, mingo, spender, dvlasenk, torvalds, bp, tglx
Commit-ID: efa704510342b81ae58d7b8a0c7f676a4289b603
Gitweb: http://git.kernel.org/tip/efa704510342b81ae58d7b8a0c7f676a4289b603
Author: Andy Lutomirski <luto@kernel.org>
AuthorDate: Wed, 18 Mar 2015 18:33:32 -0700
Committer: Ingo Molnar <mingo@kernel.org>
CommitDate: Mon, 23 Mar 2015 11:13:51 +0100
x86/asm/entry: Make user_mode() work correctly if regs came from VM86 mode
user_mode() is now identical to user_mode_vm(). Subsequent patches
will change all callers of user_mode_vm() to user_mode() and then
delete user_mode_vm().
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brad Spengler <spender@grsecurity.net>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/0dd03eacb5f0a2b5ba0240de25347a31b493c289.1426728647.git.luto@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
arch/x86/include/asm/ptrace.h | 17 +++++++----------
1 file changed, 7 insertions(+), 10 deletions(-)
diff --git a/arch/x86/include/asm/ptrace.h b/arch/x86/include/asm/ptrace.h
index 4a040f0..70c439f 100644
--- a/arch/x86/include/asm/ptrace.h
+++ b/arch/x86/include/asm/ptrace.h
@@ -96,11 +96,13 @@ static inline unsigned long regs_return_value(struct pt_regs *regs)
}
/*
- * user_mode_vm(regs) determines whether a register set came from user mode.
- * This is true if V8086 mode was enabled OR if the register set was from
- * protected mode with RPL-3 CS value. This tricky test checks that with
- * one comparison. Many places in the kernel can bypass this full check
- * if they have already ruled out V8086 mode, so user_mode(regs) can be used.
+ * user_mode(regs) determines whether a register set came from user
+ * mode. On x86_32, this is true if V8086 mode was enabled OR if the
+ * register set was from protected mode with RPL-3 CS value. This
+ * tricky test checks that with one comparison.
+ *
+ * On x86_64, vm86 mode is mercifully nonexistent, and we don't need
+ * the extra check.
*/
static inline int user_mode(struct pt_regs *regs)
{
@@ -113,12 +115,7 @@ static inline int user_mode(struct pt_regs *regs)
static inline int user_mode_vm(struct pt_regs *regs)
{
-#ifdef CONFIG_X86_32
- return ((regs->cs & SEGMENT_RPL_MASK) | (regs->flags & X86_VM_MASK)) >=
- USER_RPL;
-#else
return user_mode(regs);
-#endif
}
/*
^ permalink raw reply related [flat|nested] 31+ messages in thread
* [PATCH 7/9] x86, treewide: s/user_mode_vm/user_mode/g
2015-03-19 1:33 [PATCH 0/9] user_mode_vm removal and associated cleanups Andy Lutomirski
` (5 preceding siblings ...)
2015-03-19 1:33 ` [PATCH 6/9] x86: Make user_mode work correctly if regs came from vm86 mode Andy Lutomirski
@ 2015-03-19 1:33 ` Andy Lutomirski
2015-03-23 12:27 ` [tip:x86/asm] x86/asm/entry: Change all 'user_mode_vm()' calls to 'user_mode()' tip-bot for Andy Lutomirski
2015-03-19 1:33 ` [PATCH 8/9] x86: Remove user_mode_vm Andy Lutomirski
` (2 subsequent siblings)
9 siblings, 1 reply; 31+ messages in thread
From: Andy Lutomirski @ 2015-03-19 1:33 UTC (permalink / raw)
To: x86, linux-kernel; +Cc: Brad Spengler, Denys Vlasenko, Andy Lutomirski
user_mode_vm and user_mode are now the same. Change all callers of
user_mode_vm to user_mode.
The next patch will remove the definition of user_mode_vm.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
---
arch/x86/kernel/alternative.c | 2 +-
arch/x86/kernel/crash.c | 2 +-
arch/x86/kernel/dumpstack.c | 4 ++--
arch/x86/kernel/dumpstack_32.c | 4 ++--
arch/x86/kernel/i387.c | 2 +-
arch/x86/kernel/irq_32.c | 2 +-
arch/x86/kernel/irq_64.c | 2 +-
arch/x86/kernel/kgdb.c | 4 ++--
arch/x86/kernel/kprobes/core.c | 4 ++--
arch/x86/kernel/process_32.c | 2 +-
arch/x86/kernel/ptrace.c | 2 +-
arch/x86/kernel/time.c | 2 +-
arch/x86/kernel/traps.c | 12 ++++++------
arch/x86/kernel/uprobes.c | 2 +-
arch/x86/mm/fault.c | 6 +++---
arch/x86/oprofile/backtrace.c | 2 +-
drivers/misc/sgi-xp/xpc_main.c | 2 +-
17 files changed, 28 insertions(+), 28 deletions(-)
diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c
index af397cc98d05..5c993c94255e 100644
--- a/arch/x86/kernel/alternative.c
+++ b/arch/x86/kernel/alternative.c
@@ -715,7 +715,7 @@ int poke_int3_handler(struct pt_regs *regs)
if (likely(!bp_patching_in_progress))
return 0;
- if (user_mode_vm(regs) || regs->ip != (unsigned long)bp_int3_addr)
+ if (user_mode(regs) || regs->ip != (unsigned long)bp_int3_addr)
return 0;
/* set up the specified breakpoint handler */
diff --git a/arch/x86/kernel/crash.c b/arch/x86/kernel/crash.c
index aceb2f90c716..c76d3e37c6e1 100644
--- a/arch/x86/kernel/crash.c
+++ b/arch/x86/kernel/crash.c
@@ -105,7 +105,7 @@ static void kdump_nmi_callback(int cpu, struct pt_regs *regs)
#ifdef CONFIG_X86_32
struct pt_regs fixed_regs;
- if (!user_mode_vm(regs)) {
+ if (!user_mode(regs)) {
crash_fixup_ss_esp(&fixed_regs, regs);
regs = &fixed_regs;
}
diff --git a/arch/x86/kernel/dumpstack.c b/arch/x86/kernel/dumpstack.c
index cf3df1d8d039..ab3b65639a3e 100644
--- a/arch/x86/kernel/dumpstack.c
+++ b/arch/x86/kernel/dumpstack.c
@@ -278,7 +278,7 @@ int __die(const char *str, struct pt_regs *regs, long err)
print_modules();
show_regs(regs);
#ifdef CONFIG_X86_32
- if (user_mode_vm(regs)) {
+ if (user_mode(regs)) {
sp = regs->sp;
ss = regs->ss & 0xffff;
} else {
@@ -307,7 +307,7 @@ void die(const char *str, struct pt_regs *regs, long err)
unsigned long flags = oops_begin();
int sig = SIGSEGV;
- if (!user_mode_vm(regs))
+ if (!user_mode(regs))
report_bug(regs->ip, regs);
if (__die(str, regs, err))
diff --git a/arch/x86/kernel/dumpstack_32.c b/arch/x86/kernel/dumpstack_32.c
index 5abd4cd4230c..39891ff50d03 100644
--- a/arch/x86/kernel/dumpstack_32.c
+++ b/arch/x86/kernel/dumpstack_32.c
@@ -123,13 +123,13 @@ void show_regs(struct pt_regs *regs)
int i;
show_regs_print_info(KERN_EMERG);
- __show_regs(regs, !user_mode_vm(regs));
+ __show_regs(regs, !user_mode(regs));
/*
* When in-kernel, we also print out the stack and code at the
* time of the fault..
*/
- if (!user_mode_vm(regs)) {
+ if (!user_mode(regs)) {
unsigned int code_prologue = code_bytes * 43 / 64;
unsigned int code_len = code_bytes;
unsigned char c;
diff --git a/arch/x86/kernel/i387.c b/arch/x86/kernel/i387.c
index d5651fce0b71..29c740deafec 100644
--- a/arch/x86/kernel/i387.c
+++ b/arch/x86/kernel/i387.c
@@ -68,7 +68,7 @@ static inline bool interrupted_kernel_fpu_idle(void)
static inline bool interrupted_user_mode(void)
{
struct pt_regs *regs = get_irq_regs();
- return regs && user_mode_vm(regs);
+ return regs && user_mode(regs);
}
/*
diff --git a/arch/x86/kernel/irq_32.c b/arch/x86/kernel/irq_32.c
index 28d28f5eb8f4..f9fd86a7fcc7 100644
--- a/arch/x86/kernel/irq_32.c
+++ b/arch/x86/kernel/irq_32.c
@@ -165,7 +165,7 @@ bool handle_irq(unsigned irq, struct pt_regs *regs)
if (unlikely(!desc))
return false;
- if (user_mode_vm(regs) || !execute_on_irq_stack(overflow, desc, irq)) {
+ if (user_mode(regs) || !execute_on_irq_stack(overflow, desc, irq)) {
if (unlikely(overflow))
print_stack_overflow();
desc->handle_irq(irq, desc);
diff --git a/arch/x86/kernel/irq_64.c b/arch/x86/kernel/irq_64.c
index e4b503d5558c..394e643d7830 100644
--- a/arch/x86/kernel/irq_64.c
+++ b/arch/x86/kernel/irq_64.c
@@ -44,7 +44,7 @@ static inline void stack_overflow_check(struct pt_regs *regs)
u64 estack_top, estack_bottom;
u64 curbase = (u64)task_stack_page(current);
- if (user_mode_vm(regs))
+ if (user_mode(regs))
return;
if (regs->sp >= curbase + sizeof(struct thread_info) +
diff --git a/arch/x86/kernel/kgdb.c b/arch/x86/kernel/kgdb.c
index 7ec1d5f8d283..7fe3a9d377ea 100644
--- a/arch/x86/kernel/kgdb.c
+++ b/arch/x86/kernel/kgdb.c
@@ -126,11 +126,11 @@ char *dbg_get_reg(int regno, void *mem, struct pt_regs *regs)
#ifdef CONFIG_X86_32
switch (regno) {
case GDB_SS:
- if (!user_mode_vm(regs))
+ if (!user_mode(regs))
*(unsigned long *)mem = __KERNEL_DS;
break;
case GDB_SP:
- if (!user_mode_vm(regs))
+ if (!user_mode(regs))
*(unsigned long *)mem = kernel_stack_pointer(regs);
break;
case GDB_GS:
diff --git a/arch/x86/kernel/kprobes/core.c b/arch/x86/kernel/kprobes/core.c
index 4e3d5a9621fe..24d079604fd5 100644
--- a/arch/x86/kernel/kprobes/core.c
+++ b/arch/x86/kernel/kprobes/core.c
@@ -602,7 +602,7 @@ int kprobe_int3_handler(struct pt_regs *regs)
struct kprobe *p;
struct kprobe_ctlblk *kcb;
- if (user_mode_vm(regs))
+ if (user_mode(regs))
return 0;
addr = (kprobe_opcode_t *)(regs->ip - sizeof(kprobe_opcode_t));
@@ -1007,7 +1007,7 @@ int kprobe_exceptions_notify(struct notifier_block *self, unsigned long val,
struct die_args *args = data;
int ret = NOTIFY_DONE;
- if (args->regs && user_mode_vm(args->regs))
+ if (args->regs && user_mode(args->regs))
return ret;
if (val == DIE_GPF) {
diff --git a/arch/x86/kernel/process_32.c b/arch/x86/kernel/process_32.c
index 1b9963faf4eb..0973aada656f 100644
--- a/arch/x86/kernel/process_32.c
+++ b/arch/x86/kernel/process_32.c
@@ -73,7 +73,7 @@ void __show_regs(struct pt_regs *regs, int all)
unsigned long sp;
unsigned short ss, gs;
- if (user_mode_vm(regs)) {
+ if (user_mode(regs)) {
sp = regs->sp;
ss = regs->ss & 0xffff;
gs = get_user_gs(regs);
diff --git a/arch/x86/kernel/ptrace.c b/arch/x86/kernel/ptrace.c
index 1e125817cf9f..a7bc79480719 100644
--- a/arch/x86/kernel/ptrace.c
+++ b/arch/x86/kernel/ptrace.c
@@ -1415,7 +1415,7 @@ static void fill_sigtrap_info(struct task_struct *tsk,
memset(info, 0, sizeof(*info));
info->si_signo = SIGTRAP;
info->si_code = si_code;
- info->si_addr = user_mode_vm(regs) ? (void __user *)regs->ip : NULL;
+ info->si_addr = user_mode(regs) ? (void __user *)regs->ip : NULL;
}
void user_single_step_siginfo(struct task_struct *tsk,
diff --git a/arch/x86/kernel/time.c b/arch/x86/kernel/time.c
index 25adc0e16eaa..d39c09119db6 100644
--- a/arch/x86/kernel/time.c
+++ b/arch/x86/kernel/time.c
@@ -30,7 +30,7 @@ unsigned long profile_pc(struct pt_regs *regs)
{
unsigned long pc = instruction_pointer(regs);
- if (!user_mode_vm(regs) && in_lock_functions(pc)) {
+ if (!user_mode(regs) && in_lock_functions(pc)) {
#ifdef CONFIG_FRAME_POINTER
return *(unsigned long *)(regs->bp + sizeof(long));
#else
diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c
index 376fc1562bd1..d4e265952102 100644
--- a/arch/x86/kernel/traps.c
+++ b/arch/x86/kernel/traps.c
@@ -112,7 +112,7 @@ enum ctx_state ist_enter(struct pt_regs *regs)
{
enum ctx_state prev_state;
- if (user_mode_vm(regs)) {
+ if (user_mode(regs)) {
/* Other than that, we're just an exception. */
prev_state = exception_enter();
} else {
@@ -146,7 +146,7 @@ void ist_exit(struct pt_regs *regs, enum ctx_state prev_state)
/* Must be before exception_exit. */
preempt_count_sub(HARDIRQ_OFFSET);
- if (user_mode_vm(regs))
+ if (user_mode(regs))
return exception_exit(prev_state);
else
rcu_nmi_exit();
@@ -158,7 +158,7 @@ void ist_exit(struct pt_regs *regs, enum ctx_state prev_state)
*
* IST exception handlers normally cannot schedule. As a special
* exception, if the exception interrupted userspace code (i.e.
- * user_mode_vm(regs) would return true) and the exception was not
+ * user_mode(regs) would return true) and the exception was not
* a double fault, it can be safe to schedule. ist_begin_non_atomic()
* begins a non-atomic section within an ist_enter()/ist_exit() region.
* Callers are responsible for enabling interrupts themselves inside
@@ -167,7 +167,7 @@ void ist_exit(struct pt_regs *regs, enum ctx_state prev_state)
*/
void ist_begin_non_atomic(struct pt_regs *regs)
{
- BUG_ON(!user_mode_vm(regs));
+ BUG_ON(!user_mode(regs));
/*
* Sanity check: we need to be on the normal thread stack. This
@@ -587,7 +587,7 @@ struct bad_iret_stack *fixup_bad_iret(struct bad_iret_stack *s)
/* Copy the remainder of the stack from the current stack. */
memmove(new_stack, s, offsetof(struct bad_iret_stack, regs.ip));
- BUG_ON(!user_mode_vm(&new_stack->regs));
+ BUG_ON(!user_mode(&new_stack->regs));
return new_stack;
}
NOKPROBE_SYMBOL(fixup_bad_iret);
@@ -721,7 +721,7 @@ static void math_error(struct pt_regs *regs, int error_code, int trapnr)
return;
conditional_sti(regs);
- if (!user_mode_vm(regs))
+ if (!user_mode(regs))
{
if (!fixup_exception(regs)) {
task->thread.error_code = error_code;
diff --git a/arch/x86/kernel/uprobes.c b/arch/x86/kernel/uprobes.c
index 81f8adb0679e..0b81ad67da07 100644
--- a/arch/x86/kernel/uprobes.c
+++ b/arch/x86/kernel/uprobes.c
@@ -912,7 +912,7 @@ int arch_uprobe_exception_notify(struct notifier_block *self, unsigned long val,
int ret = NOTIFY_DONE;
/* We are only interested in userspace traps */
- if (regs && !user_mode_vm(regs))
+ if (regs && !user_mode(regs))
return NOTIFY_DONE;
switch (val) {
diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c
index ae340d3761ca..181c53bac3a7 100644
--- a/arch/x86/mm/fault.c
+++ b/arch/x86/mm/fault.c
@@ -59,7 +59,7 @@ static nokprobe_inline int kprobes_fault(struct pt_regs *regs)
int ret = 0;
/* kprobe_running() needs smp_processor_id() */
- if (kprobes_built_in() && !user_mode_vm(regs)) {
+ if (kprobes_built_in() && !user_mode(regs)) {
preempt_disable();
if (kprobe_running() && kprobe_fault_handler(regs, 14))
ret = 1;
@@ -1035,7 +1035,7 @@ static inline bool smap_violation(int error_code, struct pt_regs *regs)
if (error_code & PF_USER)
return false;
- if (!user_mode_vm(regs) && (regs->flags & X86_EFLAGS_AC))
+ if (!user_mode(regs) && (regs->flags & X86_EFLAGS_AC))
return false;
return true;
@@ -1140,7 +1140,7 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code,
* User-mode registers count as a user access even for any
* potential system fault or CPU buglet:
*/
- if (user_mode_vm(regs)) {
+ if (user_mode(regs)) {
local_irq_enable();
error_code |= PF_USER;
flags |= FAULT_FLAG_USER;
diff --git a/arch/x86/oprofile/backtrace.c b/arch/x86/oprofile/backtrace.c
index 5d04be5efb64..4e664bdb535a 100644
--- a/arch/x86/oprofile/backtrace.c
+++ b/arch/x86/oprofile/backtrace.c
@@ -111,7 +111,7 @@ x86_backtrace(struct pt_regs * const regs, unsigned int depth)
{
struct stack_frame *head = (struct stack_frame *)frame_pointer(regs);
- if (!user_mode_vm(regs)) {
+ if (!user_mode(regs)) {
unsigned long stack = kernel_stack_pointer(regs);
if (depth)
dump_trace(NULL, regs, (unsigned long *)stack, 0,
diff --git a/drivers/misc/sgi-xp/xpc_main.c b/drivers/misc/sgi-xp/xpc_main.c
index 82dc5748f873..7f327121e6d7 100644
--- a/drivers/misc/sgi-xp/xpc_main.c
+++ b/drivers/misc/sgi-xp/xpc_main.c
@@ -1210,7 +1210,7 @@ xpc_system_die(struct notifier_block *nb, unsigned long event, void *_die_args)
if (((die_args->trapnr == X86_TRAP_MF) ||
(die_args->trapnr == X86_TRAP_XF)) &&
- !user_mode_vm(die_args->regs))
+ !user_mode(die_args->regs))
xpc_die_deactivate();
break;
--
2.3.0
^ permalink raw reply related [flat|nested] 31+ messages in thread
* [tip:x86/asm] x86/asm/entry: Change all 'user_mode_vm()' calls to 'user_mode()'
2015-03-19 1:33 ` [PATCH 7/9] x86, treewide: s/user_mode_vm/user_mode/g Andy Lutomirski
@ 2015-03-23 12:27 ` tip-bot for Andy Lutomirski
0 siblings, 0 replies; 31+ messages in thread
From: tip-bot for Andy Lutomirski @ 2015-03-23 12:27 UTC (permalink / raw)
To: linux-tip-commits
Cc: mingo, linux-kernel, spender, luto, torvalds, dvlasenk, tglx, hpa, bp
Commit-ID: f39b6f0ef855a38ea17329a4e621ff97750dfcc2
Gitweb: http://git.kernel.org/tip/f39b6f0ef855a38ea17329a4e621ff97750dfcc2
Author: Andy Lutomirski <luto@kernel.org>
AuthorDate: Wed, 18 Mar 2015 18:33:33 -0700
Committer: Ingo Molnar <mingo@kernel.org>
CommitDate: Mon, 23 Mar 2015 11:14:17 +0100
x86/asm/entry: Change all 'user_mode_vm()' calls to 'user_mode()'
user_mode_vm() and user_mode() are now the same. Change all callers
of user_mode_vm() to user_mode().
The next patch will remove the definition of user_mode_vm.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brad Spengler <spender@grsecurity.net>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/43b1f57f3df70df5a08b0925897c660725015554.1426728647.git.luto@kernel.org
[ Merged to a more recent kernel. ]
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
arch/x86/kernel/alternative.c | 2 +-
arch/x86/kernel/crash.c | 2 +-
arch/x86/kernel/dumpstack.c | 4 ++--
arch/x86/kernel/dumpstack_32.c | 4 ++--
arch/x86/kernel/i387.c | 2 +-
arch/x86/kernel/irq_32.c | 2 +-
arch/x86/kernel/irq_64.c | 2 +-
arch/x86/kernel/kgdb.c | 4 ++--
arch/x86/kernel/kprobes/core.c | 4 ++--
arch/x86/kernel/process_32.c | 2 +-
arch/x86/kernel/ptrace.c | 2 +-
arch/x86/kernel/time.c | 2 +-
arch/x86/kernel/traps.c | 16 ++++++++--------
arch/x86/kernel/uprobes.c | 2 +-
arch/x86/mm/fault.c | 6 +++---
arch/x86/oprofile/backtrace.c | 2 +-
drivers/misc/sgi-xp/xpc_main.c | 2 +-
17 files changed, 30 insertions(+), 30 deletions(-)
diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c
index af397cc..5c993c9 100644
--- a/arch/x86/kernel/alternative.c
+++ b/arch/x86/kernel/alternative.c
@@ -715,7 +715,7 @@ int poke_int3_handler(struct pt_regs *regs)
if (likely(!bp_patching_in_progress))
return 0;
- if (user_mode_vm(regs) || regs->ip != (unsigned long)bp_int3_addr)
+ if (user_mode(regs) || regs->ip != (unsigned long)bp_int3_addr)
return 0;
/* set up the specified breakpoint handler */
diff --git a/arch/x86/kernel/crash.c b/arch/x86/kernel/crash.c
index aceb2f9..c76d3e3 100644
--- a/arch/x86/kernel/crash.c
+++ b/arch/x86/kernel/crash.c
@@ -105,7 +105,7 @@ static void kdump_nmi_callback(int cpu, struct pt_regs *regs)
#ifdef CONFIG_X86_32
struct pt_regs fixed_regs;
- if (!user_mode_vm(regs)) {
+ if (!user_mode(regs)) {
crash_fixup_ss_esp(&fixed_regs, regs);
regs = &fixed_regs;
}
diff --git a/arch/x86/kernel/dumpstack.c b/arch/x86/kernel/dumpstack.c
index cf3df1d..ab3b656 100644
--- a/arch/x86/kernel/dumpstack.c
+++ b/arch/x86/kernel/dumpstack.c
@@ -278,7 +278,7 @@ int __die(const char *str, struct pt_regs *regs, long err)
print_modules();
show_regs(regs);
#ifdef CONFIG_X86_32
- if (user_mode_vm(regs)) {
+ if (user_mode(regs)) {
sp = regs->sp;
ss = regs->ss & 0xffff;
} else {
@@ -307,7 +307,7 @@ void die(const char *str, struct pt_regs *regs, long err)
unsigned long flags = oops_begin();
int sig = SIGSEGV;
- if (!user_mode_vm(regs))
+ if (!user_mode(regs))
report_bug(regs->ip, regs);
if (__die(str, regs, err))
diff --git a/arch/x86/kernel/dumpstack_32.c b/arch/x86/kernel/dumpstack_32.c
index 5abd4cd..39891ff 100644
--- a/arch/x86/kernel/dumpstack_32.c
+++ b/arch/x86/kernel/dumpstack_32.c
@@ -123,13 +123,13 @@ void show_regs(struct pt_regs *regs)
int i;
show_regs_print_info(KERN_EMERG);
- __show_regs(regs, !user_mode_vm(regs));
+ __show_regs(regs, !user_mode(regs));
/*
* When in-kernel, we also print out the stack and code at the
* time of the fault..
*/
- if (!user_mode_vm(regs)) {
+ if (!user_mode(regs)) {
unsigned int code_prologue = code_bytes * 43 / 64;
unsigned int code_len = code_bytes;
unsigned char c;
diff --git a/arch/x86/kernel/i387.c b/arch/x86/kernel/i387.c
index d5651fc..29c740d 100644
--- a/arch/x86/kernel/i387.c
+++ b/arch/x86/kernel/i387.c
@@ -68,7 +68,7 @@ static inline bool interrupted_kernel_fpu_idle(void)
static inline bool interrupted_user_mode(void)
{
struct pt_regs *regs = get_irq_regs();
- return regs && user_mode_vm(regs);
+ return regs && user_mode(regs);
}
/*
diff --git a/arch/x86/kernel/irq_32.c b/arch/x86/kernel/irq_32.c
index 28d28f5..f9fd86a 100644
--- a/arch/x86/kernel/irq_32.c
+++ b/arch/x86/kernel/irq_32.c
@@ -165,7 +165,7 @@ bool handle_irq(unsigned irq, struct pt_regs *regs)
if (unlikely(!desc))
return false;
- if (user_mode_vm(regs) || !execute_on_irq_stack(overflow, desc, irq)) {
+ if (user_mode(regs) || !execute_on_irq_stack(overflow, desc, irq)) {
if (unlikely(overflow))
print_stack_overflow();
desc->handle_irq(irq, desc);
diff --git a/arch/x86/kernel/irq_64.c b/arch/x86/kernel/irq_64.c
index e4b503d..394e643 100644
--- a/arch/x86/kernel/irq_64.c
+++ b/arch/x86/kernel/irq_64.c
@@ -44,7 +44,7 @@ static inline void stack_overflow_check(struct pt_regs *regs)
u64 estack_top, estack_bottom;
u64 curbase = (u64)task_stack_page(current);
- if (user_mode_vm(regs))
+ if (user_mode(regs))
return;
if (regs->sp >= curbase + sizeof(struct thread_info) +
diff --git a/arch/x86/kernel/kgdb.c b/arch/x86/kernel/kgdb.c
index 7ec1d5f..7fe3a9d 100644
--- a/arch/x86/kernel/kgdb.c
+++ b/arch/x86/kernel/kgdb.c
@@ -126,11 +126,11 @@ char *dbg_get_reg(int regno, void *mem, struct pt_regs *regs)
#ifdef CONFIG_X86_32
switch (regno) {
case GDB_SS:
- if (!user_mode_vm(regs))
+ if (!user_mode(regs))
*(unsigned long *)mem = __KERNEL_DS;
break;
case GDB_SP:
- if (!user_mode_vm(regs))
+ if (!user_mode(regs))
*(unsigned long *)mem = kernel_stack_pointer(regs);
break;
case GDB_GS:
diff --git a/arch/x86/kernel/kprobes/core.c b/arch/x86/kernel/kprobes/core.c
index 4e3d5a9..24d0796 100644
--- a/arch/x86/kernel/kprobes/core.c
+++ b/arch/x86/kernel/kprobes/core.c
@@ -602,7 +602,7 @@ int kprobe_int3_handler(struct pt_regs *regs)
struct kprobe *p;
struct kprobe_ctlblk *kcb;
- if (user_mode_vm(regs))
+ if (user_mode(regs))
return 0;
addr = (kprobe_opcode_t *)(regs->ip - sizeof(kprobe_opcode_t));
@@ -1007,7 +1007,7 @@ int kprobe_exceptions_notify(struct notifier_block *self, unsigned long val,
struct die_args *args = data;
int ret = NOTIFY_DONE;
- if (args->regs && user_mode_vm(args->regs))
+ if (args->regs && user_mode(args->regs))
return ret;
if (val == DIE_GPF) {
diff --git a/arch/x86/kernel/process_32.c b/arch/x86/kernel/process_32.c
index 26c596d..c5e9870 100644
--- a/arch/x86/kernel/process_32.c
+++ b/arch/x86/kernel/process_32.c
@@ -73,7 +73,7 @@ void __show_regs(struct pt_regs *regs, int all)
unsigned long sp;
unsigned short ss, gs;
- if (user_mode_vm(regs)) {
+ if (user_mode(regs)) {
sp = regs->sp;
ss = regs->ss & 0xffff;
gs = get_user_gs(regs);
diff --git a/arch/x86/kernel/ptrace.c b/arch/x86/kernel/ptrace.c
index 1e12581..a7bc794 100644
--- a/arch/x86/kernel/ptrace.c
+++ b/arch/x86/kernel/ptrace.c
@@ -1415,7 +1415,7 @@ static void fill_sigtrap_info(struct task_struct *tsk,
memset(info, 0, sizeof(*info));
info->si_signo = SIGTRAP;
info->si_code = si_code;
- info->si_addr = user_mode_vm(regs) ? (void __user *)regs->ip : NULL;
+ info->si_addr = user_mode(regs) ? (void __user *)regs->ip : NULL;
}
void user_single_step_siginfo(struct task_struct *tsk,
diff --git a/arch/x86/kernel/time.c b/arch/x86/kernel/time.c
index 25adc0e..d39c091 100644
--- a/arch/x86/kernel/time.c
+++ b/arch/x86/kernel/time.c
@@ -30,7 +30,7 @@ unsigned long profile_pc(struct pt_regs *regs)
{
unsigned long pc = instruction_pointer(regs);
- if (!user_mode_vm(regs) && in_lock_functions(pc)) {
+ if (!user_mode(regs) && in_lock_functions(pc)) {
#ifdef CONFIG_FRAME_POINTER
return *(unsigned long *)(regs->bp + sizeof(long));
#else
diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c
index 1136961..d4e2659 100644
--- a/arch/x86/kernel/traps.c
+++ b/arch/x86/kernel/traps.c
@@ -112,7 +112,7 @@ enum ctx_state ist_enter(struct pt_regs *regs)
{
enum ctx_state prev_state;
- if (user_mode_vm(regs)) {
+ if (user_mode(regs)) {
/* Other than that, we're just an exception. */
prev_state = exception_enter();
} else {
@@ -146,7 +146,7 @@ void ist_exit(struct pt_regs *regs, enum ctx_state prev_state)
/* Must be before exception_exit. */
preempt_count_sub(HARDIRQ_OFFSET);
- if (user_mode_vm(regs))
+ if (user_mode(regs))
return exception_exit(prev_state);
else
rcu_nmi_exit();
@@ -158,7 +158,7 @@ void ist_exit(struct pt_regs *regs, enum ctx_state prev_state)
*
* IST exception handlers normally cannot schedule. As a special
* exception, if the exception interrupted userspace code (i.e.
- * user_mode_vm(regs) would return true) and the exception was not
+ * user_mode(regs) would return true) and the exception was not
* a double fault, it can be safe to schedule. ist_begin_non_atomic()
* begins a non-atomic section within an ist_enter()/ist_exit() region.
* Callers are responsible for enabling interrupts themselves inside
@@ -167,7 +167,7 @@ void ist_exit(struct pt_regs *regs, enum ctx_state prev_state)
*/
void ist_begin_non_atomic(struct pt_regs *regs)
{
- BUG_ON(!user_mode_vm(regs));
+ BUG_ON(!user_mode(regs));
/*
* Sanity check: we need to be on the normal thread stack. This
@@ -384,7 +384,7 @@ dotraplinkage void do_bounds(struct pt_regs *regs, long error_code)
goto exit;
conditional_sti(regs);
- if (!user_mode_vm(regs))
+ if (!user_mode(regs))
die("bounds", regs, error_code);
if (!cpu_feature_enabled(X86_FEATURE_MPX)) {
@@ -587,7 +587,7 @@ struct bad_iret_stack *fixup_bad_iret(struct bad_iret_stack *s)
/* Copy the remainder of the stack from the current stack. */
memmove(new_stack, s, offsetof(struct bad_iret_stack, regs.ip));
- BUG_ON(!user_mode_vm(&new_stack->regs));
+ BUG_ON(!user_mode(&new_stack->regs));
return new_stack;
}
NOKPROBE_SYMBOL(fixup_bad_iret);
@@ -637,7 +637,7 @@ dotraplinkage void do_debug(struct pt_regs *regs, long error_code)
* then it's very likely the result of an icebp/int01 trap.
* User wants a sigtrap for that.
*/
- if (!dr6 && user_mode_vm(regs))
+ if (!dr6 && user_mode(regs))
user_icebp = 1;
/* Catch kmemcheck conditions first of all! */
@@ -721,7 +721,7 @@ static void math_error(struct pt_regs *regs, int error_code, int trapnr)
return;
conditional_sti(regs);
- if (!user_mode_vm(regs))
+ if (!user_mode(regs))
{
if (!fixup_exception(regs)) {
task->thread.error_code = error_code;
diff --git a/arch/x86/kernel/uprobes.c b/arch/x86/kernel/uprobes.c
index 81f8adb0..0b81ad6 100644
--- a/arch/x86/kernel/uprobes.c
+++ b/arch/x86/kernel/uprobes.c
@@ -912,7 +912,7 @@ int arch_uprobe_exception_notify(struct notifier_block *self, unsigned long val,
int ret = NOTIFY_DONE;
/* We are only interested in userspace traps */
- if (regs && !user_mode_vm(regs))
+ if (regs && !user_mode(regs))
return NOTIFY_DONE;
switch (val) {
diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c
index ae340d3..181c53b 100644
--- a/arch/x86/mm/fault.c
+++ b/arch/x86/mm/fault.c
@@ -59,7 +59,7 @@ static nokprobe_inline int kprobes_fault(struct pt_regs *regs)
int ret = 0;
/* kprobe_running() needs smp_processor_id() */
- if (kprobes_built_in() && !user_mode_vm(regs)) {
+ if (kprobes_built_in() && !user_mode(regs)) {
preempt_disable();
if (kprobe_running() && kprobe_fault_handler(regs, 14))
ret = 1;
@@ -1035,7 +1035,7 @@ static inline bool smap_violation(int error_code, struct pt_regs *regs)
if (error_code & PF_USER)
return false;
- if (!user_mode_vm(regs) && (regs->flags & X86_EFLAGS_AC))
+ if (!user_mode(regs) && (regs->flags & X86_EFLAGS_AC))
return false;
return true;
@@ -1140,7 +1140,7 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code,
* User-mode registers count as a user access even for any
* potential system fault or CPU buglet:
*/
- if (user_mode_vm(regs)) {
+ if (user_mode(regs)) {
local_irq_enable();
error_code |= PF_USER;
flags |= FAULT_FLAG_USER;
diff --git a/arch/x86/oprofile/backtrace.c b/arch/x86/oprofile/backtrace.c
index 5d04be5..4e664bd 100644
--- a/arch/x86/oprofile/backtrace.c
+++ b/arch/x86/oprofile/backtrace.c
@@ -111,7 +111,7 @@ x86_backtrace(struct pt_regs * const regs, unsigned int depth)
{
struct stack_frame *head = (struct stack_frame *)frame_pointer(regs);
- if (!user_mode_vm(regs)) {
+ if (!user_mode(regs)) {
unsigned long stack = kernel_stack_pointer(regs);
if (depth)
dump_trace(NULL, regs, (unsigned long *)stack, 0,
diff --git a/drivers/misc/sgi-xp/xpc_main.c b/drivers/misc/sgi-xp/xpc_main.c
index 82dc574..7f32712 100644
--- a/drivers/misc/sgi-xp/xpc_main.c
+++ b/drivers/misc/sgi-xp/xpc_main.c
@@ -1210,7 +1210,7 @@ xpc_system_die(struct notifier_block *nb, unsigned long event, void *_die_args)
if (((die_args->trapnr == X86_TRAP_MF) ||
(die_args->trapnr == X86_TRAP_XF)) &&
- !user_mode_vm(die_args->regs))
+ !user_mode(die_args->regs))
xpc_die_deactivate();
break;
^ permalink raw reply related [flat|nested] 31+ messages in thread
* [PATCH 8/9] x86: Remove user_mode_vm
2015-03-19 1:33 [PATCH 0/9] user_mode_vm removal and associated cleanups Andy Lutomirski
` (6 preceding siblings ...)
2015-03-19 1:33 ` [PATCH 7/9] x86, treewide: s/user_mode_vm/user_mode/g Andy Lutomirski
@ 2015-03-19 1:33 ` Andy Lutomirski
2015-03-23 12:28 ` [tip:x86/asm] x86/asm/entry: Remove user_mode_vm() tip-bot for Andy Lutomirski
2015-03-19 1:33 ` [PATCH 9/9] x86, traps: Replace some open-coded vm86 checks with v8086_mode Andy Lutomirski
2015-03-19 6:33 ` [PATCH 0/9] user_mode_vm removal and associated cleanups Ingo Molnar
9 siblings, 1 reply; 31+ messages in thread
From: Andy Lutomirski @ 2015-03-19 1:33 UTC (permalink / raw)
To: x86, linux-kernel; +Cc: Brad Spengler, Denys Vlasenko, Andy Lutomirski
It has no callers any more.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
---
arch/x86/include/asm/ptrace.h | 5 -----
1 file changed, 5 deletions(-)
diff --git a/arch/x86/include/asm/ptrace.h b/arch/x86/include/asm/ptrace.h
index 6483525bb559..953675c247a3 100644
--- a/arch/x86/include/asm/ptrace.h
+++ b/arch/x86/include/asm/ptrace.h
@@ -113,11 +113,6 @@ static inline int user_mode(struct pt_regs *regs)
#endif
}
-static inline int user_mode_vm(struct pt_regs *regs)
-{
- return user_mode(regs);
-}
-
/*
* This is the fastest way to check whether regs come from user space.
* It is unsafe if regs might come from vm86 mode, though -- in vm86
--
2.3.0
^ permalink raw reply related [flat|nested] 31+ messages in thread
* [tip:x86/asm] x86/asm/entry: Remove user_mode_vm()
2015-03-19 1:33 ` [PATCH 8/9] x86: Remove user_mode_vm Andy Lutomirski
@ 2015-03-23 12:28 ` tip-bot for Andy Lutomirski
0 siblings, 0 replies; 31+ messages in thread
From: tip-bot for Andy Lutomirski @ 2015-03-23 12:28 UTC (permalink / raw)
To: linux-tip-commits
Cc: torvalds, linux-kernel, bp, spender, luto, tglx, hpa, dvlasenk, mingo
Commit-ID: 7a2806741e7327a6b20ccef42e8d56588cb2fef5
Gitweb: http://git.kernel.org/tip/7a2806741e7327a6b20ccef42e8d56588cb2fef5
Author: Andy Lutomirski <luto@kernel.org>
AuthorDate: Wed, 18 Mar 2015 18:33:34 -0700
Committer: Ingo Molnar <mingo@kernel.org>
CommitDate: Mon, 23 Mar 2015 11:14:33 +0100
x86/asm/entry: Remove user_mode_vm()
It has no callers anymore.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brad Spengler <spender@grsecurity.net>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/a594afd6a0bddb1311bd7c92a15201c87fbb8681.1426728647.git.luto@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
arch/x86/include/asm/ptrace.h | 5 -----
1 file changed, 5 deletions(-)
diff --git a/arch/x86/include/asm/ptrace.h b/arch/x86/include/asm/ptrace.h
index 70c439f..d20bae2 100644
--- a/arch/x86/include/asm/ptrace.h
+++ b/arch/x86/include/asm/ptrace.h
@@ -113,11 +113,6 @@ static inline int user_mode(struct pt_regs *regs)
#endif
}
-static inline int user_mode_vm(struct pt_regs *regs)
-{
- return user_mode(regs);
-}
-
/*
* This is the fastest way to check whether regs come from user space.
* It is unsafe if regs might come from vm86 mode, though -- in vm86
^ permalink raw reply related [flat|nested] 31+ messages in thread
* [PATCH 9/9] x86, traps: Replace some open-coded vm86 checks with v8086_mode
2015-03-19 1:33 [PATCH 0/9] user_mode_vm removal and associated cleanups Andy Lutomirski
` (7 preceding siblings ...)
2015-03-19 1:33 ` [PATCH 8/9] x86: Remove user_mode_vm Andy Lutomirski
@ 2015-03-19 1:33 ` Andy Lutomirski
2015-03-23 12:28 ` [tip:x86/asm] x86/asm/entry: Replace some open-coded VM86 checks with v8086_mode() checks tip-bot for Andy Lutomirski
2015-03-19 6:33 ` [PATCH 0/9] user_mode_vm removal and associated cleanups Ingo Molnar
9 siblings, 1 reply; 31+ messages in thread
From: Andy Lutomirski @ 2015-03-19 1:33 UTC (permalink / raw)
To: x86, linux-kernel; +Cc: Brad Spengler, Denys Vlasenko, Andy Lutomirski
This allows us to remove some unnecessary ifdefs. There should be
no change to the generated code.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
---
arch/x86/kernel/traps.c | 11 ++++-------
1 file changed, 4 insertions(+), 7 deletions(-)
diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c
index d4e265952102..c8eb469a94a4 100644
--- a/arch/x86/kernel/traps.c
+++ b/arch/x86/kernel/traps.c
@@ -194,8 +194,7 @@ static nokprobe_inline int
do_trap_no_signal(struct task_struct *tsk, int trapnr, char *str,
struct pt_regs *regs, long error_code)
{
-#ifdef CONFIG_X86_32
- if (regs->flags & X86_VM_MASK) {
+ if (v8086_mode(regs)) {
/*
* Traps 0, 1, 3, 4, and 5 should be forwarded to vm86.
* On nmi (interrupt 2), do_trap should not be called.
@@ -207,7 +206,7 @@ do_trap_no_signal(struct task_struct *tsk, int trapnr, char *str,
}
return -1;
}
-#endif
+
if (!user_mode_ignore_vm86(regs)) {
if (!fixup_exception(regs)) {
tsk->thread.error_code = error_code;
@@ -462,13 +461,11 @@ do_general_protection(struct pt_regs *regs, long error_code)
prev_state = exception_enter();
conditional_sti(regs);
-#ifdef CONFIG_X86_32
- if (regs->flags & X86_VM_MASK) {
+ if (v8086_mode(regs)) {
local_irq_enable();
handle_vm86_fault((struct kernel_vm86_regs *) regs, error_code);
goto exit;
}
-#endif
tsk = current;
if (!user_mode_ignore_vm86(regs)) {
@@ -673,7 +670,7 @@ dotraplinkage void do_debug(struct pt_regs *regs, long error_code)
/* It's safe to allow irq's after DR6 has been saved */
preempt_conditional_sti(regs);
- if (regs->flags & X86_VM_MASK) {
+ if (v8086_mode(regs)) {
handle_vm86_trap((struct kernel_vm86_regs *) regs, error_code,
X86_TRAP_DB);
preempt_conditional_cli(regs);
--
2.3.0
^ permalink raw reply related [flat|nested] 31+ messages in thread
* [tip:x86/asm] x86/asm/entry: Replace some open-coded VM86 checks with v8086_mode() checks
2015-03-19 1:33 ` [PATCH 9/9] x86, traps: Replace some open-coded vm86 checks with v8086_mode Andy Lutomirski
@ 2015-03-23 12:28 ` tip-bot for Andy Lutomirski
0 siblings, 0 replies; 31+ messages in thread
From: tip-bot for Andy Lutomirski @ 2015-03-23 12:28 UTC (permalink / raw)
To: linux-tip-commits
Cc: dvlasenk, linux-kernel, torvalds, hpa, mingo, bp, spender, tglx, luto
Commit-ID: d74ef1118a146ae1135c8b26fff2bfee980fd7a4
Gitweb: http://git.kernel.org/tip/d74ef1118a146ae1135c8b26fff2bfee980fd7a4
Author: Andy Lutomirski <luto@kernel.org>
AuthorDate: Wed, 18 Mar 2015 18:33:35 -0700
Committer: Ingo Molnar <mingo@kernel.org>
CommitDate: Mon, 23 Mar 2015 11:14:40 +0100
x86/asm/entry: Replace some open-coded VM86 checks with v8086_mode() checks
This allows us to remove some unnecessary ifdefs. There should
be no change to the generated code.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brad Spengler <spender@grsecurity.net>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/f7e00f0d668e253abf0bd8bf36491ac47bd761ff.1426728647.git.luto@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
arch/x86/kernel/traps.c | 11 ++++-------
1 file changed, 4 insertions(+), 7 deletions(-)
diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c
index d4e2659..c8eb469 100644
--- a/arch/x86/kernel/traps.c
+++ b/arch/x86/kernel/traps.c
@@ -194,8 +194,7 @@ static nokprobe_inline int
do_trap_no_signal(struct task_struct *tsk, int trapnr, char *str,
struct pt_regs *regs, long error_code)
{
-#ifdef CONFIG_X86_32
- if (regs->flags & X86_VM_MASK) {
+ if (v8086_mode(regs)) {
/*
* Traps 0, 1, 3, 4, and 5 should be forwarded to vm86.
* On nmi (interrupt 2), do_trap should not be called.
@@ -207,7 +206,7 @@ do_trap_no_signal(struct task_struct *tsk, int trapnr, char *str,
}
return -1;
}
-#endif
+
if (!user_mode_ignore_vm86(regs)) {
if (!fixup_exception(regs)) {
tsk->thread.error_code = error_code;
@@ -462,13 +461,11 @@ do_general_protection(struct pt_regs *regs, long error_code)
prev_state = exception_enter();
conditional_sti(regs);
-#ifdef CONFIG_X86_32
- if (regs->flags & X86_VM_MASK) {
+ if (v8086_mode(regs)) {
local_irq_enable();
handle_vm86_fault((struct kernel_vm86_regs *) regs, error_code);
goto exit;
}
-#endif
tsk = current;
if (!user_mode_ignore_vm86(regs)) {
@@ -673,7 +670,7 @@ dotraplinkage void do_debug(struct pt_regs *regs, long error_code)
/* It's safe to allow irq's after DR6 has been saved */
preempt_conditional_sti(regs);
- if (regs->flags & X86_VM_MASK) {
+ if (v8086_mode(regs)) {
handle_vm86_trap((struct kernel_vm86_regs *) regs, error_code,
X86_TRAP_DB);
preempt_conditional_cli(regs);
^ permalink raw reply related [flat|nested] 31+ messages in thread
* Re: [PATCH 0/9] user_mode_vm removal and associated cleanups
2015-03-19 1:33 [PATCH 0/9] user_mode_vm removal and associated cleanups Andy Lutomirski
` (8 preceding siblings ...)
2015-03-19 1:33 ` [PATCH 9/9] x86, traps: Replace some open-coded vm86 checks with v8086_mode Andy Lutomirski
@ 2015-03-19 6:33 ` Ingo Molnar
9 siblings, 0 replies; 31+ messages in thread
From: Ingo Molnar @ 2015-03-19 6:33 UTC (permalink / raw)
To: Andy Lutomirski
Cc: x86, linux-kernel, Brad Spengler, Denys Vlasenko, Linus Torvalds,
H. Peter Anvin, Thomas Gleixner, Borislav Petkov
* Andy Lutomirski <luto@kernel.org> wrote:
> Hi all-
>
> The user_mode vs user_mode_vm distinction scares me. Let's fix it.
> This series adds user_mode_ignore_vm86, makes user_mode reliable,
> and removes user_mode_vm. It also tidies up a couple warts I found
> along the way.
>
> This survives basic testing, but I haven't tried that hard to test it.
>
> Thoughts?
>
> Ingo, this may conflict a bit with the do_debug and do_bounds fixes.
I like it, in fact I'd suggest we remove user_mode_ignore_vm86()
altogether, as it's such a marginal optimization, it only affects
x86-32 kernels, and because we keep getting this wrong.
Keep a single, simple user_mode() definition.
Thanks,
Ingo
^ permalink raw reply [flat|nested] 31+ messages in thread