From: Kevin Brodsky <kevin.brodsky@arm.com>
To: Andrey Konovalov <andreyknvl@google.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will.deacon@arm.com>,
Mark Rutland <mark.rutland@arm.com>,
Robin Murphy <robin.murphy@arm.com>,
Kees Cook <keescook@chromium.org>,
Kate Stewart <kstewart@linuxfoundation.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Andrew Morton <akpm@linux-foundation.org>,
Ingo Molnar <mingo@kernel.org>,
"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
Shuah Khan <shuah@kernel.org>,
Vincenzo Frascino <vincenzo.frascino@arm.com>,
Eric Dumazet <edumazet@google.com>,
"David S. Miller" <davem@davemloft.net>,
Alexei Starovoitov <ast@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
Steven Rostedt <rostedt@goodmis.org>,
Ingo Molnar <mingo@redhat.com>,
Peter Zijlstra <peterz@infradead.org>,
Arnaldo Carvalho de Melo <acme@kernel.org>,
linux-arm-kernel@lists.infradead.orglin
Cc: Chintan Pandya <cpandya@codeaurora.org>,
Jacob Bramley <Jacob.Bramley@arm.com>,
Ruben Ayrapetyan <Ruben.Ayrapetyan@arm.com>,
Szabolcs Nagy <Szabolcs.Nagy@arm.com>,
Lee Smith <Lee.Smith@arm.com>, Kostya Serebryany <kcc@google.com>,
Dmitry Vyukov <dvyukov@google.com>,
Ramana Radhakrishnan <Ramana.Radhakrishnan@arm.com>,
Luc Van Oostenryck <luc.vanoostenryck@gmail.com>,
Dave Martin <Dave.Martin@arm.com>,
Evgeniy Stepanov <eugenis@google.com>
Subject: Re: [PATCH v11 03/14] lib, arm64: untag user pointers in strn*_user
Date: Mon, 18 Mar 2019 11:33:14 +0000 [thread overview]
Message-ID: <5de82e7d-6091-e694-8397-fbcfd59f9d0b__29180.413430889$1552908887$gmane$org@arm.com> (raw)
In-Reply-To: <f7fa36ec55ed4b45f61d841f9b726772a04cc0a5.1552679409.git.andreyknvl@google.com>
On 15/03/2019 19:51, Andrey Konovalov wrote:
> This patch is a part of a series that extends arm64 kernel ABI to allow to
> pass tagged user pointers (with the top byte set to something else other
> than 0x00) as syscall arguments.
>
> strncpy_from_user and strnlen_user accept user addresses as arguments, and
> do not go through the same path as copy_from_user and others, so here we
> need to handle the case of tagged user addresses separately.
>
> Untag user pointers passed to these functions.
>
> Note, that this patch only temporarily untags the pointers to perform
> validity checks, but then uses them as is to perform user memory accesses.
Thank you for this new version, looks good to me.
To give a bit of context to the readers, I asked Andrey to make this change, because
it makes a difference with hardware memory tagging. Indeed, in that situation, it is
always preferable to access the memory using the user-provided tag, so that tag
checking can take place; if there is a mismatch, a tag fault will occur (which is
handled in a way similar to a page fault). It is also preferable not to assume that
an untagged user pointer (tag 0x0) bypasses tag checks.
Kevin
>
> Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
> ---
> lib/strncpy_from_user.c | 3 ++-
> lib/strnlen_user.c | 3 ++-
> 2 files changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/lib/strncpy_from_user.c b/lib/strncpy_from_user.c
> index 58eacd41526c..6209bb9507c7 100644
> --- a/lib/strncpy_from_user.c
> +++ b/lib/strncpy_from_user.c
> @@ -6,6 +6,7 @@
> #include <linux/uaccess.h>
> #include <linux/kernel.h>
> #include <linux/errno.h>
> +#include <linux/mm.h>
>
> #include <asm/byteorder.h>
> #include <asm/word-at-a-time.h>
> @@ -107,7 +108,7 @@ long strncpy_from_user(char *dst, const char __user *src, long count)
> return 0;
>
> max_addr = user_addr_max();
> - src_addr = (unsigned long)src;
> + src_addr = (unsigned long)untagged_addr(src);
> if (likely(src_addr < max_addr)) {
> unsigned long max = max_addr - src_addr;
> long retval;
> diff --git a/lib/strnlen_user.c b/lib/strnlen_user.c
> index 1c1a1b0e38a5..8ca3d2ac32ec 100644
> --- a/lib/strnlen_user.c
> +++ b/lib/strnlen_user.c
> @@ -2,6 +2,7 @@
> #include <linux/kernel.h>
> #include <linux/export.h>
> #include <linux/uaccess.h>
> +#include <linux/mm.h>
>
> #include <asm/word-at-a-time.h>
>
> @@ -109,7 +110,7 @@ long strnlen_user(const char __user *str, long count)
> return 0;
>
> max_addr = user_addr_max();
> - src_addr = (unsigned long)str;
> + src_addr = (unsigned long)untagged_addr(str);
> if (likely(src_addr < max_addr)) {
> unsigned long max = max_addr - src_addr;
> long retval;
next prev parent reply other threads:[~2019-03-18 11:33 UTC|newest]
Thread overview: 224+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-15 19:51 [PATCH v11 00/14] arm64: untag user pointers passed to the kernel Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` andreyknvl
2019-03-15 19:51 ` [PATCH v11 01/14] uaccess: add untagged_addr definition for other arches Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` andreyknvl
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` [PATCH v11 02/14] arm64: untag user pointers in access_ok and __uaccess_mask_ptr Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` andreyknvl
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` [PATCH v11 03/14] lib, arm64: untag user pointers in strn*_user Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` andreyknvl
2019-03-18 11:33 ` Kevin Brodsky
2019-03-18 11:33 ` Kevin Brodsky
2019-03-18 11:33 ` Kevin Brodsky
2019-03-18 11:33 ` kevin.brodsky
2019-03-18 11:33 ` Kevin Brodsky [this message]
2019-03-15 19:51 ` [PATCH v11 04/14] mm, arm64: untag user pointers passed to memory syscalls Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` andreyknvl
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` [PATCH v11 05/14] mm, arm64: untag user pointers in mm/gup.c Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` andreyknvl
2019-03-15 19:51 ` [PATCH v11 06/14] fs, arm64: untag user pointers in copy_mount_options Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` andreyknvl
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` [PATCH v11 07/14] fs, arm64: untag user pointers in fs/userfaultfd.c Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` andreyknvl
2019-03-15 19:51 ` [PATCH v11 08/14] net, arm64: untag user pointers in tcp_zerocopy_receive Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` andreyknvl
2019-03-15 20:03 ` Eric Dumazet
2019-03-15 20:03 ` Eric Dumazet
2019-03-15 20:03 ` Eric Dumazet
2019-03-15 20:03 ` eric.dumazet
2019-03-18 13:14 ` Andrey Konovalov
2019-03-18 13:14 ` Andrey Konovalov
2019-03-18 13:14 ` Andrey Konovalov
2019-03-18 13:14 ` Andrey Konovalov
2019-03-18 13:14 ` Andrey Konovalov
2019-03-18 13:14 ` Andrey Konovalov
2019-03-18 13:14 ` andreyknvl
2019-03-18 13:16 ` Andrey Konovalov
2019-03-18 13:16 ` Andrey Konovalov
2019-03-18 13:16 ` Andrey Konovalov
2019-03-18 13:16 ` Andrey Konovalov
2019-03-18 13:16 ` Andrey Konovalov
2019-03-18 13:16 ` Andrey Konovalov
2019-03-18 13:16 ` andreyknvl
2019-03-18 14:44 ` Eric Dumazet
2019-03-18 14:44 ` Eric Dumazet
2019-03-18 14:44 ` Eric Dumazet
2019-03-18 14:44 ` Eric Dumazet
2019-03-18 14:44 ` Eric Dumazet
2019-03-18 14:44 ` Eric Dumazet
2019-03-18 14:44 ` edumazet
2019-03-18 16:08 ` Andrey Konovalov
2019-03-18 16:08 ` Andrey Konovalov
2019-03-18 16:08 ` Andrey Konovalov
2019-03-18 16:08 ` Andrey Konovalov
2019-03-18 16:08 ` Andrey Konovalov
2019-03-18 16:08 ` Andrey Konovalov
2019-03-18 16:08 ` andreyknvl
2019-03-15 20:03 ` Eric Dumazet
2019-03-15 19:51 ` [PATCH v11 09/14] kernel, arm64: untag user pointers in prctl_set_mm* Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` andreyknvl
2019-03-16 19:31 ` kbuild test robot
2019-03-16 19:31 ` kbuild test robot
2019-03-16 19:31 ` kbuild test robot
2019-03-18 16:53 ` Andrey Konovalov
2019-03-18 16:53 ` Andrey Konovalov
2019-03-18 16:53 ` Andrey Konovalov
2019-03-18 16:53 ` Andrey Konovalov
2019-03-18 16:53 ` Andrey Konovalov
2019-03-18 16:53 ` Andrey Konovalov
2019-03-18 16:53 ` andreyknvl
2019-03-18 11:47 ` Kevin Brodsky
2019-03-18 11:47 ` Kevin Brodsky
2019-03-18 11:47 ` Kevin Brodsky
2019-03-18 11:47 ` kevin.brodsky
2019-03-18 16:53 ` Andrey Konovalov
2019-03-18 16:53 ` Andrey Konovalov
2019-03-18 16:53 ` Andrey Konovalov
2019-03-18 16:53 ` Andrey Konovalov
2019-03-18 16:53 ` Andrey Konovalov
2019-03-18 16:53 ` Andrey Konovalov
2019-03-18 16:53 ` andreyknvl
2019-03-18 11:47 ` Kevin Brodsky
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` [PATCH v11 10/14] tracing, arm64: untag user pointers in seq_print_user_ip Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` andreyknvl
2019-03-15 20:14 ` Steven Rostedt
2019-03-15 20:14 ` Steven Rostedt
2019-03-15 20:14 ` Steven Rostedt
2019-03-15 20:14 ` Steven Rostedt
2019-03-15 20:14 ` rostedt
2019-03-18 13:11 ` Andrey Konovalov
2019-03-18 13:11 ` Andrey Konovalov
2019-03-18 13:11 ` Andrey Konovalov
2019-03-18 13:11 ` Andrey Konovalov
2019-03-18 13:11 ` Andrey Konovalov
2019-03-18 13:11 ` Andrey Konovalov
2019-03-18 13:11 ` andreyknvl
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` [PATCH v11 11/14] uprobes, arm64: untag user pointers in find_active_uprobe Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` andreyknvl
2019-03-15 19:51 ` [PATCH v11 12/14] bpf, arm64: untag user pointers in stack_map_get_build_id_offset Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` andreyknvl
2019-03-15 19:51 ` [PATCH v11 13/14] arm64: update Documentation/arm64/tagged-pointers.txt Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` andreyknvl
2019-03-18 13:26 ` Kevin Brodsky
2019-03-18 13:26 ` Kevin Brodsky
2019-03-18 13:26 ` Kevin Brodsky
2019-03-18 13:26 ` kevin.brodsky
2019-03-18 16:59 ` Andrey Konovalov
2019-03-18 16:59 ` Andrey Konovalov
2019-03-18 16:59 ` Andrey Konovalov
2019-03-18 16:59 ` Andrey Konovalov
2019-03-18 16:59 ` Andrey Konovalov
2019-03-18 16:59 ` Andrey Konovalov
2019-03-18 16:59 ` andreyknvl
2019-03-18 13:26 ` Kevin Brodsky
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` [PATCH v11 14/14] selftests, arm64: add a selftest for passing tagged pointers to kernel Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` Andrey Konovalov
2019-03-15 19:51 ` andreyknvl
2019-03-18 16:35 ` [PATCH v2 0/4] arm64 relaxed ABI Vincenzo Frascino
2019-03-18 16:35 ` Vincenzo Frascino
2019-03-18 16:35 ` Vincenzo Frascino
2019-03-18 16:35 ` Vincenzo Frascino
2019-03-18 16:35 ` vincenzo.frascino
2019-03-18 16:35 ` [PATCH v2 1/4] elf: Make AT_FLAGS arch configurable Vincenzo Frascino
2019-03-18 16:35 ` Vincenzo Frascino
2019-03-18 16:35 ` Vincenzo Frascino
2019-03-18 16:35 ` Vincenzo Frascino
2019-03-18 16:35 ` vincenzo.frascino
2019-03-18 16:35 ` [PATCH v2 2/4] arm64: Define Documentation/arm64/elf_at_flags.txt Vincenzo Frascino
2019-03-18 16:35 ` Vincenzo Frascino
2019-03-18 16:35 ` Vincenzo Frascino
2019-03-18 16:35 ` Vincenzo Frascino
2019-03-18 16:35 ` vincenzo.frascino
2019-03-22 6:22 ` Amit Daniel Kachhap
2019-03-22 6:22 ` Amit Daniel Kachhap
2019-03-22 6:22 ` Amit Daniel Kachhap
2019-03-22 6:22 ` Amit Daniel Kachhap
2019-03-22 6:22 ` Amit Daniel Kachhap
2019-03-22 6:22 ` amit.kachhap
2019-03-22 10:48 ` Catalin Marinas
2019-03-22 10:48 ` Catalin Marinas
2019-03-22 10:48 ` Catalin Marinas
2019-03-22 10:48 ` Catalin Marinas
2019-03-22 10:48 ` catalin.marinas
2019-03-22 15:52 ` Kevin Brodsky
2019-03-22 15:52 ` Kevin Brodsky
2019-03-22 15:52 ` Kevin Brodsky
2019-03-22 15:52 ` Kevin Brodsky
2019-03-22 15:52 ` kevin.brodsky
2019-04-03 16:50 ` Catalin Marinas
2019-04-03 16:50 ` Catalin Marinas
2019-04-03 16:50 ` Catalin Marinas
2019-04-03 16:50 ` Catalin Marinas
2019-04-03 16:50 ` catalin.marinas
2019-04-12 14:16 ` Kevin Brodsky
2019-04-12 14:16 ` Kevin Brodsky
2019-04-12 14:16 ` Kevin Brodsky
2019-04-12 14:16 ` Kevin Brodsky
2019-04-12 14:16 ` kevin.brodsky
2019-03-18 16:35 ` [PATCH v2 3/4] arm64: Relax Documentation/arm64/tagged-pointers.txt Vincenzo Frascino
2019-03-18 16:35 ` Vincenzo Frascino
2019-03-18 16:35 ` Vincenzo Frascino
2019-03-18 16:35 ` Vincenzo Frascino
2019-03-18 16:35 ` vincenzo.frascino
2019-03-18 16:35 ` [PATCH v2 4/4] arm64: elf: Advertise relaxed ABI Vincenzo Frascino
2019-03-18 16:35 ` Vincenzo Frascino
2019-03-18 16:35 ` Vincenzo Frascino
2019-03-18 16:35 ` Vincenzo Frascino
2019-03-18 16:35 ` vincenzo.frascino
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='5de82e7d-6091-e694-8397-fbcfd59f9d0b__29180.413430889$1552908887$gmane$org@arm.com' \
--to=kevin.brodsky@arm.com \
--cc=Dave.Martin@arm.com \
--cc=Jacob.Bramley@arm.com \
--cc=Lee.Smith@arm.com \
--cc=Ramana.Radhakrishnan@arm.com \
--cc=Ruben.Ayrapetyan@arm.com \
--cc=Szabolcs.Nagy@arm.com \
--cc=acme@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=andreyknvl@google.com \
--cc=ast@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=cpandya@codeaurora.org \
--cc=daniel@iogearbox.net \
--cc=davem@davemloft.net \
--cc=dvyukov@google.com \
--cc=edumazet@google.com \
--cc=eugenis@google.com \
--cc=gregkh@linuxfoundation.org \
--cc=kcc@google.com \
--cc=keescook@chromium.org \
--cc=kirill.shutemov@linux.intel.com \
--cc=kstewart@linuxfoundation.org \
--cc=linux-arm-kernel@lists.infradead.orglin \
--cc=luc.vanoostenryck@gmail.com \
--cc=mark.rutland@arm.com \
--cc=mingo@kernel.org \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=robin.murphy@arm.com \
--cc=rostedt@goodmis.org \
--cc=shuah@kernel.org \
--cc=vincenzo.frascino@arm.com \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.