From: Peter Zijlstra <peterz@infradead.org>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Thomas Gleixner <tglx@linutronix.de>, Peter Anvin <hpa@zytor.com>,
Julien Thierry <julien.thierry@arm.com>,
Will Deacon <will.deacon@arm.com>,
Andy Lutomirski <luto@amacapital.net>,
Ingo Molnar <mingo@kernel.org>,
Catalin Marinas <catalin.marinas@arm.com>,
James Morse <james.morse@arm.com>,
valentin.schneider@arm.com, Brian Gerst <brgerst@gmail.com>,
Josh Poimboeuf <jpoimboe@redhat.com>,
Andrew Lutomirski <luto@kernel.org>,
Borislav Petkov <bp@alien8.de>,
Denys Vlasenko <dvlasenk@redhat.com>,
Linux List Kernel Mailing <linux-kernel@vger.kernel.org>,
Chris Wilson <chris@chris-wilson.co.uk>
Subject: Re: [PATCH 6/8] i915,uaccess: Fix redundant CLAC
Date: Fri, 1 Mar 2019 13:57:18 +0100 [thread overview]
Message-ID: <20190301125718.GS32534@hirez.programming.kicks-ass.net> (raw)
In-Reply-To: <20190301122745.GR32534@hirez.programming.kicks-ass.net>
On Fri, Mar 01, 2019 at 01:27:45PM +0100, Peter Zijlstra wrote:
> arch/x86/lib/usercopy_64.o: warning: objtool: .altinstr_replacement+0x30: redundant UACCESS disable
> The usercopy one is difficult, that's copy_user_handle_tail(), it is
> buggered though, because that lacks notrace and thus has a __fentry__
> call in.
>
> Also, afaict all exception jumps into copy_user_handle_tail() will have
> AC=1, but the __{get,put}_user_nocheck() things do STAC/CLAC all over
> again.
>
> So what do we do? Annotate that we start with AC=1 and then immediately
> do the clac, and then let __{get,put}_user_nocheck() do their own thing?
> or make it use the unsafe stuff?
Or.. we move the thing to assembly. Of course, I suck at (writing) asm,
so the below is probably broken in various ways.
--- a/arch/x86/include/asm/uaccess_64.h
+++ b/arch/x86/include/asm/uaccess_64.h
@@ -208,9 +208,6 @@ __copy_from_user_flushcache(void *dst, c
}
unsigned long
-copy_user_handle_tail(char *to, char *from, unsigned len);
-
-unsigned long
mcsafe_handle_tail(char *to, char *from, unsigned len);
#endif /* _ASM_X86_UACCESS_64_H */
--- a/arch/x86/lib/copy_user_64.S
+++ b/arch/x86/lib/copy_user_64.S
@@ -194,6 +194,29 @@ ENDPROC(copy_user_enhanced_fast_string)
EXPORT_SYMBOL(copy_user_enhanced_fast_string)
/*
+ * Try to copy last bytes and clear the rest if needed.
+ * Since protection fault in copy_from/to_user is not a normal situation,
+ * it is not necessary to optimize tail handling.
+ *
+ * Input:
+ * rdi destination
+ * rsi source
+ * rdx count
+ *
+ * Output:
+ * eax uncopied bytes or 0 if successful.
+ */
+ENTRY(copy_user_handle_tail)
+ movl %edx,%ecx
+1: rep movsb
+2: mov %ecx,%eax
+ ASM_CLAC
+ ret
+
+ _ASM_EXTABLE_UA(1b, 2b)
+END(copy_user_handle_tail)
+
+/*
* copy_user_nocache - Uncached memory copy with exception handling
* This will force destination out of cache for more performance.
*
--- a/arch/x86/lib/usercopy_64.c
+++ b/arch/x86/lib/usercopy_64.c
@@ -55,26 +55,6 @@ unsigned long clear_user(void __user *to
EXPORT_SYMBOL(clear_user);
/*
- * Try to copy last bytes and clear the rest if needed.
- * Since protection fault in copy_from/to_user is not a normal situation,
- * it is not necessary to optimize tail handling.
- */
-__visible unsigned long
-copy_user_handle_tail(char *to, char *from, unsigned len)
-{
- for (; len; --len, to++) {
- char c;
-
- if (__get_user_nocheck(c, from++, sizeof(char)))
- break;
- if (__put_user_nocheck(c, to, sizeof(char)))
- break;
- }
- clac();
- return len;
-}
-
-/*
* Similar to copy_user_handle_tail, probe for the write fault point,
* but reuse __memcpy_mcsafe in case a new read error is encountered.
* clac() is handled in _copy_to_iter_mcsafe().
next prev parent reply other threads:[~2019-03-01 12:57 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-28 14:54 [PATCH 0/8] objtool: UACCESS validation v2 Peter Zijlstra
2019-02-28 14:54 ` [PATCH 1/8] kasan,x86: Frob kasan_report() in an exception Peter Zijlstra
2019-02-28 15:22 ` Dmitry Vyukov
2019-02-28 15:45 ` Peter Zijlstra
2019-02-28 15:52 ` Dmitry Vyukov
2019-02-28 16:01 ` Andrey Ryabinin
2019-02-28 16:03 ` Dmitry Vyukov
2019-02-28 17:46 ` Peter Zijlstra
2019-02-28 18:18 ` Dmitry Vyukov
2019-03-01 14:45 ` Peter Zijlstra
2019-03-01 15:06 ` Dmitry Vyukov
2019-03-01 15:23 ` Peter Zijlstra
2019-03-06 13:13 ` Peter Zijlstra
2019-03-06 13:39 ` Dmitry Vyukov
2019-03-06 13:57 ` Peter Zijlstra
2019-03-06 14:01 ` Dmitry Vyukov
2019-03-06 14:12 ` Peter Zijlstra
2019-03-06 14:34 ` Peter Zijlstra
2019-03-06 14:40 ` Dmitry Vyukov
2019-03-06 14:41 ` Dmitry Vyukov
2019-03-06 14:55 ` Peter Zijlstra
2019-03-06 15:01 ` Dmitry Vyukov
2019-03-06 17:14 ` Peter Zijlstra
2019-03-06 17:27 ` Linus Torvalds
2019-03-06 17:37 ` Peter Zijlstra
2019-03-06 17:59 ` Linus Torvalds
2019-03-07 13:49 ` Peter Zijlstra
2019-02-28 14:54 ` [PATCH 2/8] x86/ia32: Fix ia32_restore_sigcontext AC leak Peter Zijlstra
2019-02-28 14:54 ` [PATCH 3/8] objtool: Set insn->func for alternatives Peter Zijlstra
2019-02-28 14:54 ` [PATCH 4/8] objtool: Hande function aliases Peter Zijlstra
2019-02-28 14:54 ` [PATCH 5/8] objtool: Rewrite add_ignores() Peter Zijlstra
2019-02-28 14:54 ` [PATCH 6/8] i915,uaccess: Fix redundant CLAC Peter Zijlstra
2019-02-28 15:10 ` Chris Wilson
2019-02-28 15:24 ` Peter Zijlstra
2019-02-28 16:49 ` Linus Torvalds
2019-02-28 17:51 ` Peter Zijlstra
2019-02-28 18:01 ` Peter Zijlstra
2019-02-28 18:29 ` Linus Torvalds
2019-02-28 19:01 ` Peter Zijlstra
2019-03-01 10:34 ` Peter Zijlstra
2019-03-01 12:27 ` Peter Zijlstra
2019-03-01 12:57 ` Peter Zijlstra [this message]
2019-03-01 14:38 ` Peter Zijlstra
2019-03-01 15:27 ` Andy Lutomirski
2019-03-01 16:15 ` Linus Torvalds
2019-03-01 16:17 ` Linus Torvalds
2019-02-28 14:54 ` [PATCH 7/8] objtool: Add UACCESS validation Peter Zijlstra
2019-02-28 14:54 ` [PATCH 8/8] objtool: Add Direction Flag validation Peter Zijlstra
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190301125718.GS32534@hirez.programming.kicks-ass.net \
--to=peterz@infradead.org \
--cc=bp@alien8.de \
--cc=brgerst@gmail.com \
--cc=catalin.marinas@arm.com \
--cc=chris@chris-wilson.co.uk \
--cc=dvlasenk@redhat.com \
--cc=hpa@zytor.com \
--cc=james.morse@arm.com \
--cc=jpoimboe@redhat.com \
--cc=julien.thierry@arm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=luto@kernel.org \
--cc=mingo@kernel.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=valentin.schneider@arm.com \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).