On 12.05.21 10:04, David Laight wrote: > From: Joerg >> Sent: 12 May 2021 08:55 >> >> From: Joerg Roedel >> >> The put_user() and get_user() functions do checks on the address which is >> passed to them. They check whether the address is actually a user-space >> address and whether its fine to access it. They also call might_fault() >> to indicate that they could fault and possibly sleep. >> >> All of these checks are neither wanted nor required in the #VC exception >> handler, which can be invoked from almost any context and also for MMIO >> instructions from kernel space on kernel memory. All the #VC handler >> wants to know is whether a fault happened when the access was tried. >> >> This is provided by __put_user()/__get_user(), which just do the access >> no matter what. > > That can't be right at all. > __put/get_user() are only valid on user addresses and will try to > fault in a missing page - so can sleep. > > At best this is abused the calls. You want something like xen_safe_[read|write]_ulong(). Juergen