[PATCH -next v5 0/8]arm64: add machine check safe support

[PATCH -next v5 0/8]arm64: add machine check safe support

[Tong Tiangen]

With the increase of memory capacity and density, the probability of
memory error increases. The increasing size and density of server RAM
in the data center and cloud have shown increased uncorrectable memory
errors.

Currently, the kernel has a mechanism to recover from hardware memory
errors. This patchset provides an new recovery mechanism.

For arm64, the hardware memory error handling is do_sea() which divided
into two cases:
 1. The user state consumed the memory errors, the solution is kill the
    user process and isolate the error page.
 2. The kernel state consumed the memory errors, the solution is panic.

For case 2, Undifferentiated panic maybe not the optimal choice, it can be
handled better, in some scenarios, we can avoid panic, such as uaccess, if the
uaccess fails due to memory error, only the user process will be affected,
kill the user process and isolate the user page with hardware memory errors
is a better choice.

This patchset can be divided into two parts:
 1. Patch 1~4    - do some restructuring to arm64 extable.
 2. Patch 5~8    - arm64 add support for machine check safe framework,
 then ,add two specific scenarios(uaccess/cow) to machine check safe.

Since V4:
 1. According Michael's suggestion, add patch5.
 2. According Mark's suggestiog, do some restructuring to arm64
 extable, then a new adaptation of machine check safe support is made based
 on this.
 3. According Mark's suggestion, support machine check safe in do_mte() in
 cow scene.
 4. In V4, two patches have been merged into -next, so V5 not send these
 two patches.

Since V3:
 1. According to Robin's suggestion, direct modify user_ldst and
 user_ldp in asm-uaccess.h and modify mte.S.
 2. Add new macro USER_MC in asm-uaccess.h, used in copy_from_user.S
 and copy_to_user.S.
 3. According to Robin's suggestion, using micro in copy_page_mc.S to
 simplify code.
 4. According to KeFeng's suggestion, modify powerpc code in patch1.
 5. According to KeFeng's suggestion, modify mm/extable.c and some code
 optimization.

Since V2:
 1. According to Mark's suggestion, all uaccess can be recovered due to
    memory error.
 2. Scenario pagecache reading is also supported as part of uaccess
    (copy_to_user()) and duplication code problem is also solved. 
    Thanks for Robin's suggestion.
 3. According Mark's suggestion, update commit message of patch 2/5.
 4. According Borisllav's suggestion, update commit message of patch 1/5.

Since V1:
 1.Consistent with PPC/x86, Using CONFIG_ARCH_HAS_COPY_MC instead of
   ARM64_UCE_KERNEL_RECOVERY.
 2.Add two new scenes, cow and pagecache reading.
 3.Fix two small bug(the first two patch).

V1 in here:
https://lore.kernel.org/lkml/20220323033705.3966643-1-tongtiangen@huawei.com/

Tong Tiangen (8):
  arm64: extable: add new extable type EX_TYPE_KACCESS_ERR_ZERO support
  arm64: extable: make uaaccess helper use extable type
    EX_TYPE_UACCESS_ERR_ZERO
  arm64: extable: move _cond_extable to _cond_uaccess_extable
  arm64: extable: cleanup redundant extable type EX_TYPE_FIXUP
  Add generic fallback version of copy_mc_to_user()
  arm64: add support for machine check error safe
  arm64: add uaccess to machine check safe
  arm64: add cow to machine check safe

 arch/arm64/Kconfig                   |  1 +
 arch/arm64/include/asm/asm-extable.h | 45 +++++++++----
 arch/arm64/include/asm/asm-uaccess.h | 12 ++--
 arch/arm64/include/asm/assembler.h   |  4 +-
 arch/arm64/include/asm/extable.h     |  1 +
 arch/arm64/include/asm/mte.h         |  4 ++
 arch/arm64/include/asm/page.h        | 10 +++
 arch/arm64/include/asm/uaccess.h     | 94 ++++++++++++++--------------
 arch/arm64/lib/Makefile              |  2 +
 arch/arm64/lib/copy_from_user.S      |  8 +--
 arch/arm64/lib/copy_page_mc.S        | 82 ++++++++++++++++++++++++
 arch/arm64/lib/copy_to_user.S        |  8 +--
 arch/arm64/lib/mte.S                 | 19 ++++++
 arch/arm64/mm/copypage.c             | 41 +++++++++---
 arch/arm64/mm/extable.c              | 22 ++++++-
 arch/arm64/mm/fault.c                | 27 +++++++-
 arch/powerpc/include/asm/uaccess.h   |  1 +
 arch/x86/include/asm/uaccess.h       |  1 +
 include/linux/highmem.h              |  8 +++
 include/linux/uaccess.h              |  9 +++
 mm/memory.c                          |  2 +-
 21 files changed, 314 insertions(+), 87 deletions(-)
 create mode 100644 arch/arm64/lib/copy_page_mc.S

-- 
2.25.1

[PATCH -next v5 0/8]arm64: add machine check safe support

[Tong Tiangen]

With the increase of memory capacity and density, the probability of
memory error increases. The increasing size and density of server RAM
in the data center and cloud have shown increased uncorrectable memory
errors.

Currently, the kernel has a mechanism to recover from hardware memory
errors. This patchset provides an new recovery mechanism.

For arm64, the hardware memory error handling is do_sea() which divided
into two cases:
 1. The user state consumed the memory errors, the solution is kill the
    user process and isolate the error page.
 2. The kernel state consumed the memory errors, the solution is panic.

For case 2, Undifferentiated panic maybe not the optimal choice, it can be
handled better, in some scenarios, we can avoid panic, such as uaccess, if the
uaccess fails due to memory error, only the user process will be affected,
kill the user process and isolate the user page with hardware memory errors
is a better choice.

This patchset can be divided into two parts:
 1. Patch 1~4    - do some restructuring to arm64 extable.
 2. Patch 5~8    - arm64 add support for machine check safe framework,
 then ,add two specific scenarios(uaccess/cow) to machine check safe.

Since V4:
 1. According Michael's suggestion, add patch5.
 2. According Mark's suggestiog, do some restructuring to arm64
 extable, then a new adaptation of machine check safe support is made based
 on this.
 3. According Mark's suggestion, support machine check safe in do_mte() in
 cow scene.
 4. In V4, two patches have been merged into -next, so V5 not send these
 two patches.

Since V3:
 1. According to Robin's suggestion, direct modify user_ldst and
 user_ldp in asm-uaccess.h and modify mte.S.
 2. Add new macro USER_MC in asm-uaccess.h, used in copy_from_user.S
 and copy_to_user.S.
 3. According to Robin's suggestion, using micro in copy_page_mc.S to
 simplify code.
 4. According to KeFeng's suggestion, modify powerpc code in patch1.
 5. According to KeFeng's suggestion, modify mm/extable.c and some code
 optimization.

Since V2:
 1. According to Mark's suggestion, all uaccess can be recovered due to
    memory error.
 2. Scenario pagecache reading is also supported as part of uaccess
    (copy_to_user()) and duplication code problem is also solved. 
    Thanks for Robin's suggestion.
 3. According Mark's suggestion, update commit message of patch 2/5.
 4. According Borisllav's suggestion, update commit message of patch 1/5.

Since V1:
 1.Consistent with PPC/x86, Using CONFIG_ARCH_HAS_COPY_MC instead of
   ARM64_UCE_KERNEL_RECOVERY.
 2.Add two new scenes, cow and pagecache reading.
 3.Fix two small bug(the first two patch).

V1 in here:
https://lore.kernel.org/lkml/20220323033705.3966643-1-tongtiangen@huawei.com/

Tong Tiangen (8):
  arm64: extable: add new extable type EX_TYPE_KACCESS_ERR_ZERO support
  arm64: extable: make uaaccess helper use extable type
    EX_TYPE_UACCESS_ERR_ZERO
  arm64: extable: move _cond_extable to _cond_uaccess_extable
  arm64: extable: cleanup redundant extable type EX_TYPE_FIXUP
  Add generic fallback version of copy_mc_to_user()
  arm64: add support for machine check error safe
  arm64: add uaccess to machine check safe
  arm64: add cow to machine check safe

 arch/arm64/Kconfig                   |  1 +
 arch/arm64/include/asm/asm-extable.h | 45 +++++++++----
 arch/arm64/include/asm/asm-uaccess.h | 12 ++--
 arch/arm64/include/asm/assembler.h   |  4 +-
 arch/arm64/include/asm/extable.h     |  1 +
 arch/arm64/include/asm/mte.h         |  4 ++
 arch/arm64/include/asm/page.h        | 10 +++
 arch/arm64/include/asm/uaccess.h     | 94 ++++++++++++++--------------
 arch/arm64/lib/Makefile              |  2 +
 arch/arm64/lib/copy_from_user.S      |  8 +--
 arch/arm64/lib/copy_page_mc.S        | 82 ++++++++++++++++++++++++
 arch/arm64/lib/copy_to_user.S        |  8 +--
 arch/arm64/lib/mte.S                 | 19 ++++++
 arch/arm64/mm/copypage.c             | 41 +++++++++---
 arch/arm64/mm/extable.c              | 22 ++++++-
 arch/arm64/mm/fault.c                | 27 +++++++-
 arch/powerpc/include/asm/uaccess.h   |  1 +
 arch/x86/include/asm/uaccess.h       |  1 +
 include/linux/highmem.h              |  8 +++
 include/linux/uaccess.h              |  9 +++
 mm/memory.c                          |  2 +-
 21 files changed, 314 insertions(+), 87 deletions(-)
 create mode 100644 arch/arm64/lib/copy_page_mc.S

-- 
2.25.1


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

[PATCH -next v5 0/8]arm64: add machine check safe support

[Tong Tiangen]

With the increase of memory capacity and density, the probability of
memory error increases. The increasing size and density of server RAM
in the data center and cloud have shown increased uncorrectable memory
errors.

Currently, the kernel has a mechanism to recover from hardware memory
errors. This patchset provides an new recovery mechanism.

For arm64, the hardware memory error handling is do_sea() which divided
into two cases:
 1. The user state consumed the memory errors, the solution is kill the
    user process and isolate the error page.
 2. The kernel state consumed the memory errors, the solution is panic.

For case 2, Undifferentiated panic maybe not the optimal choice, it can be
handled better, in some scenarios, we can avoid panic, such as uaccess, if the
uaccess fails due to memory error, only the user process will be affected,
kill the user process and isolate the user page with hardware memory errors
is a better choice.

This patchset can be divided into two parts:
 1. Patch 1~4    - do some restructuring to arm64 extable.
 2. Patch 5~8    - arm64 add support for machine check safe framework,
 then ,add two specific scenarios(uaccess/cow) to machine check safe.

Since V4:
 1. According Michael's suggestion, add patch5.
 2. According Mark's suggestiog, do some restructuring to arm64
 extable, then a new adaptation of machine check safe support is made based
 on this.
 3. According Mark's suggestion, support machine check safe in do_mte() in
 cow scene.
 4. In V4, two patches have been merged into -next, so V5 not send these
 two patches.

Since V3:
 1. According to Robin's suggestion, direct modify user_ldst and
 user_ldp in asm-uaccess.h and modify mte.S.
 2. Add new macro USER_MC in asm-uaccess.h, used in copy_from_user.S
 and copy_to_user.S.
 3. According to Robin's suggestion, using micro in copy_page_mc.S to
 simplify code.
 4. According to KeFeng's suggestion, modify powerpc code in patch1.
 5. According to KeFeng's suggestion, modify mm/extable.c and some code
 optimization.

Since V2:
 1. According to Mark's suggestion, all uaccess can be recovered due to
    memory error.
 2. Scenario pagecache reading is also supported as part of uaccess
    (copy_to_user()) and duplication code problem is also solved. 
    Thanks for Robin's suggestion.
 3. According Mark's suggestion, update commit message of patch 2/5.
 4. According Borisllav's suggestion, update commit message of patch 1/5.

Since V1:
 1.Consistent with PPC/x86, Using CONFIG_ARCH_HAS_COPY_MC instead of
   ARM64_UCE_KERNEL_RECOVERY.
 2.Add two new scenes, cow and pagecache reading.
 3.Fix two small bug(the first two patch).

V1 in here:
https://lore.kernel.org/lkml/20220323033705.3966643-1-tongtiangen@huawei.com/

Tong Tiangen (8):
  arm64: extable: add new extable type EX_TYPE_KACCESS_ERR_ZERO support
  arm64: extable: make uaaccess helper use extable type
    EX_TYPE_UACCESS_ERR_ZERO
  arm64: extable: move _cond_extable to _cond_uaccess_extable
  arm64: extable: cleanup redundant extable type EX_TYPE_FIXUP
  Add generic fallback version of copy_mc_to_user()
  arm64: add support for machine check error safe
  arm64: add uaccess to machine check safe
  arm64: add cow to machine check safe

 arch/arm64/Kconfig                   |  1 +
 arch/arm64/include/asm/asm-extable.h | 45 +++++++++----
 arch/arm64/include/asm/asm-uaccess.h | 12 ++--
 arch/arm64/include/asm/assembler.h   |  4 +-
 arch/arm64/include/asm/extable.h     |  1 +
 arch/arm64/include/asm/mte.h         |  4 ++
 arch/arm64/include/asm/page.h        | 10 +++
 arch/arm64/include/asm/uaccess.h     | 94 ++++++++++++++--------------
 arch/arm64/lib/Makefile              |  2 +
 arch/arm64/lib/copy_from_user.S      |  8 +--
 arch/arm64/lib/copy_page_mc.S        | 82 ++++++++++++++++++++++++
 arch/arm64/lib/copy_to_user.S        |  8 +--
 arch/arm64/lib/mte.S                 | 19 ++++++
 arch/arm64/mm/copypage.c             | 41 +++++++++---
 arch/arm64/mm/extable.c              | 22 ++++++-
 arch/arm64/mm/fault.c                | 27 +++++++-
 arch/powerpc/include/asm/uaccess.h   |  1 +
 arch/x86/include/asm/uaccess.h       |  1 +
 include/linux/highmem.h              |  8 +++
 include/linux/uaccess.h              |  9 +++
 mm/memory.c                          |  2 +-
 21 files changed, 314 insertions(+), 87 deletions(-)
 create mode 100644 arch/arm64/lib/copy_page_mc.S

-- 
2.25.1

[PATCH -next v5 1/8] arm64: extable: add new extable type EX_TYPE_KACCESS_ERR_ZERO support

[Tong Tiangen]

Currently, The extable type EX_TYPE_UACCESS_ERR_ZERO is used by
__get/put_kernel_nofault(), but those helpers are not uaccess type, so we
add a new extable type EX_TYPE_KACCESS_ERR_ZERO which can be used by
__get/put_kernel_no_fault().

This is also to prepare for distinguishing the two types in machine check
safe process.

Suggested-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
---
 arch/arm64/include/asm/asm-extable.h | 13 ++++
 arch/arm64/include/asm/uaccess.h     | 94 ++++++++++++++--------------
 arch/arm64/mm/extable.c              |  1 +
 3 files changed, 61 insertions(+), 47 deletions(-)

diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
index c39f2437e08e..56ebe183e78b 100644
--- a/arch/arm64/include/asm/asm-extable.h
+++ b/arch/arm64/include/asm/asm-extable.h
@@ -7,6 +7,7 @@
 #define EX_TYPE_BPF			2
 #define EX_TYPE_UACCESS_ERR_ZERO	3
 #define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	4
+#define EX_TYPE_KACCESS_ERR_ZERO	5
 
 #ifdef __ASSEMBLY__
 
@@ -73,9 +74,21 @@
 			    EX_DATA_REG(ZERO, zero)			\
 			  ")")
 
+#define _ASM_EXTABLE_KACCESS_ERR_ZERO(insn, fixup, err, zero)		\
+	__DEFINE_ASM_GPR_NUMS						\
+	__ASM_EXTABLE_RAW(#insn, #fixup, 				\
+			  __stringify(EX_TYPE_KACCESS_ERR_ZERO),	\
+			  "("						\
+			    EX_DATA_REG(ERR, err) " | "			\
+			    EX_DATA_REG(ZERO, zero)			\
+			  ")")
+
 #define _ASM_EXTABLE_UACCESS_ERR(insn, fixup, err)			\
 	_ASM_EXTABLE_UACCESS_ERR_ZERO(insn, fixup, err, wzr)
 
+#define _ASM_EXTABLE_KACCESS_ERR(insn, fixup, err)			\
+	_ASM_EXTABLE_KACCESS_ERR_ZERO(insn, fixup, err, wzr)
+
 #define EX_DATA_REG_DATA_SHIFT	0
 #define EX_DATA_REG_DATA	GENMASK(4, 0)
 #define EX_DATA_REG_ADDR_SHIFT	5
diff --git a/arch/arm64/include/asm/uaccess.h b/arch/arm64/include/asm/uaccess.h
index 63f9c828f1a7..2fc9f0861769 100644
--- a/arch/arm64/include/asm/uaccess.h
+++ b/arch/arm64/include/asm/uaccess.h
@@ -232,34 +232,34 @@ static inline void __user *__uaccess_mask_ptr(const void __user *ptr)
  * The "__xxx_error" versions set the third argument to -EFAULT if an error
  * occurs, and leave it unchanged on success.
  */
-#define __get_mem_asm(load, reg, x, addr, err)				\
+#define __get_mem_asm(load, reg, x, addr, err, type)			\
 	asm volatile(							\
 	"1:	" load "	" reg "1, [%2]\n"			\
 	"2:\n"								\
-	_ASM_EXTABLE_UACCESS_ERR_ZERO(1b, 2b, %w0, %w1)			\
+	_ASM_EXTABLE_##type##ACCESS_ERR_ZERO(1b, 2b, %w0, %w1)		\
 	: "+r" (err), "=&r" (x)						\
 	: "r" (addr))
 
-#define __raw_get_mem(ldr, x, ptr, err)					\
-do {									\
-	unsigned long __gu_val;						\
-	switch (sizeof(*(ptr))) {					\
-	case 1:								\
-		__get_mem_asm(ldr "b", "%w", __gu_val, (ptr), (err));	\
-		break;							\
-	case 2:								\
-		__get_mem_asm(ldr "h", "%w", __gu_val, (ptr), (err));	\
-		break;							\
-	case 4:								\
-		__get_mem_asm(ldr, "%w", __gu_val, (ptr), (err));	\
-		break;							\
-	case 8:								\
-		__get_mem_asm(ldr, "%x",  __gu_val, (ptr), (err));	\
-		break;							\
-	default:							\
-		BUILD_BUG();						\
-	}								\
-	(x) = (__force __typeof__(*(ptr)))__gu_val;			\
+#define __raw_get_mem(ldr, x, ptr, err, type)					\
+do {										\
+	unsigned long __gu_val;							\
+	switch (sizeof(*(ptr))) {						\
+	case 1:									\
+		__get_mem_asm(ldr "b", "%w", __gu_val, (ptr), (err), type);	\
+		break;								\
+	case 2:									\
+		__get_mem_asm(ldr "h", "%w", __gu_val, (ptr), (err), type);	\
+		break;								\
+	case 4:									\
+		__get_mem_asm(ldr, "%w", __gu_val, (ptr), (err), type);		\
+		break;								\
+	case 8:									\
+		__get_mem_asm(ldr, "%x",  __gu_val, (ptr), (err), type);	\
+		break;								\
+	default:								\
+		BUILD_BUG();							\
+	}									\
+	(x) = (__force __typeof__(*(ptr)))__gu_val;				\
 } while (0)
 
 /*
@@ -274,7 +274,7 @@ do {									\
 	__chk_user_ptr(ptr);						\
 									\
 	uaccess_ttbr0_enable();						\
-	__raw_get_mem("ldtr", __rgu_val, __rgu_ptr, err);		\
+	__raw_get_mem("ldtr", __rgu_val, __rgu_ptr, err, U);		\
 	uaccess_ttbr0_disable();					\
 									\
 	(x) = __rgu_val;						\
@@ -314,40 +314,40 @@ do {									\
 									\
 	__uaccess_enable_tco_async();					\
 	__raw_get_mem("ldr", *((type *)(__gkn_dst)),			\
-		      (__force type *)(__gkn_src), __gkn_err);		\
+		      (__force type *)(__gkn_src), __gkn_err, K);	\
 	__uaccess_disable_tco_async();					\
 									\
 	if (unlikely(__gkn_err))					\
 		goto err_label;						\
 } while (0)
 
-#define __put_mem_asm(store, reg, x, addr, err)				\
+#define __put_mem_asm(store, reg, x, addr, err, type)			\
 	asm volatile(							\
 	"1:	" store "	" reg "1, [%2]\n"			\
 	"2:\n"								\
-	_ASM_EXTABLE_UACCESS_ERR(1b, 2b, %w0)				\
+	_ASM_EXTABLE_##type##ACCESS_ERR(1b, 2b, %w0)			\
 	: "+r" (err)							\
 	: "r" (x), "r" (addr))
 
-#define __raw_put_mem(str, x, ptr, err)					\
-do {									\
-	__typeof__(*(ptr)) __pu_val = (x);				\
-	switch (sizeof(*(ptr))) {					\
-	case 1:								\
-		__put_mem_asm(str "b", "%w", __pu_val, (ptr), (err));	\
-		break;							\
-	case 2:								\
-		__put_mem_asm(str "h", "%w", __pu_val, (ptr), (err));	\
-		break;							\
-	case 4:								\
-		__put_mem_asm(str, "%w", __pu_val, (ptr), (err));	\
-		break;							\
-	case 8:								\
-		__put_mem_asm(str, "%x", __pu_val, (ptr), (err));	\
-		break;							\
-	default:							\
-		BUILD_BUG();						\
-	}								\
+#define __raw_put_mem(str, x, ptr, err, type)					\
+do {										\
+	__typeof__(*(ptr)) __pu_val = (x);					\
+	switch (sizeof(*(ptr))) {						\
+	case 1:									\
+		__put_mem_asm(str "b", "%w", __pu_val, (ptr), (err), type);	\
+		break;								\
+	case 2:									\
+		__put_mem_asm(str "h", "%w", __pu_val, (ptr), (err), type);	\
+		break;								\
+	case 4:									\
+		__put_mem_asm(str, "%w", __pu_val, (ptr), (err), type);		\
+		break;								\
+	case 8:									\
+		__put_mem_asm(str, "%x", __pu_val, (ptr), (err), type);		\
+		break;								\
+	default:								\
+		BUILD_BUG();							\
+	}									\
 } while (0)
 
 /*
@@ -362,7 +362,7 @@ do {									\
 	__chk_user_ptr(__rpu_ptr);					\
 									\
 	uaccess_ttbr0_enable();						\
-	__raw_put_mem("sttr", __rpu_val, __rpu_ptr, err);		\
+	__raw_put_mem("sttr", __rpu_val, __rpu_ptr, err, U);		\
 	uaccess_ttbr0_disable();					\
 } while (0)
 
@@ -400,7 +400,7 @@ do {									\
 									\
 	__uaccess_enable_tco_async();					\
 	__raw_put_mem("str", *((type *)(__pkn_src)),			\
-		      (__force type *)(__pkn_dst), __pkn_err);		\
+		      (__force type *)(__pkn_dst), __pkn_err, K);	\
 	__uaccess_disable_tco_async();					\
 									\
 	if (unlikely(__pkn_err))					\
diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
index 489455309695..056591e5ca80 100644
--- a/arch/arm64/mm/extable.c
+++ b/arch/arm64/mm/extable.c
@@ -77,6 +77,7 @@ bool fixup_exception(struct pt_regs *regs)
 	case EX_TYPE_BPF:
 		return ex_handler_bpf(ex, regs);
 	case EX_TYPE_UACCESS_ERR_ZERO:
+	case EX_TYPE_KACCESS_ERR_ZERO:
 		return ex_handler_uaccess_err_zero(ex, regs);
 	case EX_TYPE_LOAD_UNALIGNED_ZEROPAD:
 		return ex_handler_load_unaligned_zeropad(ex, regs);
-- 
2.25.1

[PATCH -next v5 1/8] arm64: extable: add new extable type EX_TYPE_KACCESS_ERR_ZERO support

[Tong Tiangen]

Currently, The extable type EX_TYPE_UACCESS_ERR_ZERO is used by
__get/put_kernel_nofault(), but those helpers are not uaccess type, so we
add a new extable type EX_TYPE_KACCESS_ERR_ZERO which can be used by
__get/put_kernel_no_fault().

This is also to prepare for distinguishing the two types in machine check
safe process.

Suggested-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
---
 arch/arm64/include/asm/asm-extable.h | 13 ++++
 arch/arm64/include/asm/uaccess.h     | 94 ++++++++++++++--------------
 arch/arm64/mm/extable.c              |  1 +
 3 files changed, 61 insertions(+), 47 deletions(-)

diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
index c39f2437e08e..56ebe183e78b 100644
--- a/arch/arm64/include/asm/asm-extable.h
+++ b/arch/arm64/include/asm/asm-extable.h
@@ -7,6 +7,7 @@
 #define EX_TYPE_BPF			2
 #define EX_TYPE_UACCESS_ERR_ZERO	3
 #define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	4
+#define EX_TYPE_KACCESS_ERR_ZERO	5
 
 #ifdef __ASSEMBLY__
 
@@ -73,9 +74,21 @@
 			    EX_DATA_REG(ZERO, zero)			\
 			  ")")
 
+#define _ASM_EXTABLE_KACCESS_ERR_ZERO(insn, fixup, err, zero)		\
+	__DEFINE_ASM_GPR_NUMS						\
+	__ASM_EXTABLE_RAW(#insn, #fixup, 				\
+			  __stringify(EX_TYPE_KACCESS_ERR_ZERO),	\
+			  "("						\
+			    EX_DATA_REG(ERR, err) " | "			\
+			    EX_DATA_REG(ZERO, zero)			\
+			  ")")
+
 #define _ASM_EXTABLE_UACCESS_ERR(insn, fixup, err)			\
 	_ASM_EXTABLE_UACCESS_ERR_ZERO(insn, fixup, err, wzr)
 
+#define _ASM_EXTABLE_KACCESS_ERR(insn, fixup, err)			\
+	_ASM_EXTABLE_KACCESS_ERR_ZERO(insn, fixup, err, wzr)
+
 #define EX_DATA_REG_DATA_SHIFT	0
 #define EX_DATA_REG_DATA	GENMASK(4, 0)
 #define EX_DATA_REG_ADDR_SHIFT	5
diff --git a/arch/arm64/include/asm/uaccess.h b/arch/arm64/include/asm/uaccess.h
index 63f9c828f1a7..2fc9f0861769 100644
--- a/arch/arm64/include/asm/uaccess.h
+++ b/arch/arm64/include/asm/uaccess.h
@@ -232,34 +232,34 @@ static inline void __user *__uaccess_mask_ptr(const void __user *ptr)
  * The "__xxx_error" versions set the third argument to -EFAULT if an error
  * occurs, and leave it unchanged on success.
  */
-#define __get_mem_asm(load, reg, x, addr, err)				\
+#define __get_mem_asm(load, reg, x, addr, err, type)			\
 	asm volatile(							\
 	"1:	" load "	" reg "1, [%2]\n"			\
 	"2:\n"								\
-	_ASM_EXTABLE_UACCESS_ERR_ZERO(1b, 2b, %w0, %w1)			\
+	_ASM_EXTABLE_##type##ACCESS_ERR_ZERO(1b, 2b, %w0, %w1)		\
 	: "+r" (err), "=&r" (x)						\
 	: "r" (addr))
 
-#define __raw_get_mem(ldr, x, ptr, err)					\
-do {									\
-	unsigned long __gu_val;						\
-	switch (sizeof(*(ptr))) {					\
-	case 1:								\
-		__get_mem_asm(ldr "b", "%w", __gu_val, (ptr), (err));	\
-		break;							\
-	case 2:								\
-		__get_mem_asm(ldr "h", "%w", __gu_val, (ptr), (err));	\
-		break;							\
-	case 4:								\
-		__get_mem_asm(ldr, "%w", __gu_val, (ptr), (err));	\
-		break;							\
-	case 8:								\
-		__get_mem_asm(ldr, "%x",  __gu_val, (ptr), (err));	\
-		break;							\
-	default:							\
-		BUILD_BUG();						\
-	}								\
-	(x) = (__force __typeof__(*(ptr)))__gu_val;			\
+#define __raw_get_mem(ldr, x, ptr, err, type)					\
+do {										\
+	unsigned long __gu_val;							\
+	switch (sizeof(*(ptr))) {						\
+	case 1:									\
+		__get_mem_asm(ldr "b", "%w", __gu_val, (ptr), (err), type);	\
+		break;								\
+	case 2:									\
+		__get_mem_asm(ldr "h", "%w", __gu_val, (ptr), (err), type);	\
+		break;								\
+	case 4:									\
+		__get_mem_asm(ldr, "%w", __gu_val, (ptr), (err), type);		\
+		break;								\
+	case 8:									\
+		__get_mem_asm(ldr, "%x",  __gu_val, (ptr), (err), type);	\
+		break;								\
+	default:								\
+		BUILD_BUG();							\
+	}									\
+	(x) = (__force __typeof__(*(ptr)))__gu_val;				\
 } while (0)
 
 /*
@@ -274,7 +274,7 @@ do {									\
 	__chk_user_ptr(ptr);						\
 									\
 	uaccess_ttbr0_enable();						\
-	__raw_get_mem("ldtr", __rgu_val, __rgu_ptr, err);		\
+	__raw_get_mem("ldtr", __rgu_val, __rgu_ptr, err, U);		\
 	uaccess_ttbr0_disable();					\
 									\
 	(x) = __rgu_val;						\
@@ -314,40 +314,40 @@ do {									\
 									\
 	__uaccess_enable_tco_async();					\
 	__raw_get_mem("ldr", *((type *)(__gkn_dst)),			\
-		      (__force type *)(__gkn_src), __gkn_err);		\
+		      (__force type *)(__gkn_src), __gkn_err, K);	\
 	__uaccess_disable_tco_async();					\
 									\
 	if (unlikely(__gkn_err))					\
 		goto err_label;						\
 } while (0)
 
-#define __put_mem_asm(store, reg, x, addr, err)				\
+#define __put_mem_asm(store, reg, x, addr, err, type)			\
 	asm volatile(							\
 	"1:	" store "	" reg "1, [%2]\n"			\
 	"2:\n"								\
-	_ASM_EXTABLE_UACCESS_ERR(1b, 2b, %w0)				\
+	_ASM_EXTABLE_##type##ACCESS_ERR(1b, 2b, %w0)			\
 	: "+r" (err)							\
 	: "r" (x), "r" (addr))
 
-#define __raw_put_mem(str, x, ptr, err)					\
-do {									\
-	__typeof__(*(ptr)) __pu_val = (x);				\
-	switch (sizeof(*(ptr))) {					\
-	case 1:								\
-		__put_mem_asm(str "b", "%w", __pu_val, (ptr), (err));	\
-		break;							\
-	case 2:								\
-		__put_mem_asm(str "h", "%w", __pu_val, (ptr), (err));	\
-		break;							\
-	case 4:								\
-		__put_mem_asm(str, "%w", __pu_val, (ptr), (err));	\
-		break;							\
-	case 8:								\
-		__put_mem_asm(str, "%x", __pu_val, (ptr), (err));	\
-		break;							\
-	default:							\
-		BUILD_BUG();						\
-	}								\
+#define __raw_put_mem(str, x, ptr, err, type)					\
+do {										\
+	__typeof__(*(ptr)) __pu_val = (x);					\
+	switch (sizeof(*(ptr))) {						\
+	case 1:									\
+		__put_mem_asm(str "b", "%w", __pu_val, (ptr), (err), type);	\
+		break;								\
+	case 2:									\
+		__put_mem_asm(str "h", "%w", __pu_val, (ptr), (err), type);	\
+		break;								\
+	case 4:									\
+		__put_mem_asm(str, "%w", __pu_val, (ptr), (err), type);		\
+		break;								\
+	case 8:									\
+		__put_mem_asm(str, "%x", __pu_val, (ptr), (err), type);		\
+		break;								\
+	default:								\
+		BUILD_BUG();							\
+	}									\
 } while (0)
 
 /*
@@ -362,7 +362,7 @@ do {									\
 	__chk_user_ptr(__rpu_ptr);					\
 									\
 	uaccess_ttbr0_enable();						\
-	__raw_put_mem("sttr", __rpu_val, __rpu_ptr, err);		\
+	__raw_put_mem("sttr", __rpu_val, __rpu_ptr, err, U);		\
 	uaccess_ttbr0_disable();					\
 } while (0)
 
@@ -400,7 +400,7 @@ do {									\
 									\
 	__uaccess_enable_tco_async();					\
 	__raw_put_mem("str", *((type *)(__pkn_src)),			\
-		      (__force type *)(__pkn_dst), __pkn_err);		\
+		      (__force type *)(__pkn_dst), __pkn_err, K);	\
 	__uaccess_disable_tco_async();					\
 									\
 	if (unlikely(__pkn_err))					\
diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
index 489455309695..056591e5ca80 100644
--- a/arch/arm64/mm/extable.c
+++ b/arch/arm64/mm/extable.c
@@ -77,6 +77,7 @@ bool fixup_exception(struct pt_regs *regs)
 	case EX_TYPE_BPF:
 		return ex_handler_bpf(ex, regs);
 	case EX_TYPE_UACCESS_ERR_ZERO:
+	case EX_TYPE_KACCESS_ERR_ZERO:
 		return ex_handler_uaccess_err_zero(ex, regs);
 	case EX_TYPE_LOAD_UNALIGNED_ZEROPAD:
 		return ex_handler_load_unaligned_zeropad(ex, regs);
-- 
2.25.1

[PATCH -next v5 1/8] arm64: extable: add new extable type EX_TYPE_KACCESS_ERR_ZERO support

[Tong Tiangen]

Currently, The extable type EX_TYPE_UACCESS_ERR_ZERO is used by
__get/put_kernel_nofault(), but those helpers are not uaccess type, so we
add a new extable type EX_TYPE_KACCESS_ERR_ZERO which can be used by
__get/put_kernel_no_fault().

This is also to prepare for distinguishing the two types in machine check
safe process.

Suggested-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
---
 arch/arm64/include/asm/asm-extable.h | 13 ++++
 arch/arm64/include/asm/uaccess.h     | 94 ++++++++++++++--------------
 arch/arm64/mm/extable.c              |  1 +
 3 files changed, 61 insertions(+), 47 deletions(-)

diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
index c39f2437e08e..56ebe183e78b 100644
--- a/arch/arm64/include/asm/asm-extable.h
+++ b/arch/arm64/include/asm/asm-extable.h
@@ -7,6 +7,7 @@
 #define EX_TYPE_BPF			2
 #define EX_TYPE_UACCESS_ERR_ZERO	3
 #define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	4
+#define EX_TYPE_KACCESS_ERR_ZERO	5
 
 #ifdef __ASSEMBLY__
 
@@ -73,9 +74,21 @@
 			    EX_DATA_REG(ZERO, zero)			\
 			  ")")
 
+#define _ASM_EXTABLE_KACCESS_ERR_ZERO(insn, fixup, err, zero)		\
+	__DEFINE_ASM_GPR_NUMS						\
+	__ASM_EXTABLE_RAW(#insn, #fixup, 				\
+			  __stringify(EX_TYPE_KACCESS_ERR_ZERO),	\
+			  "("						\
+			    EX_DATA_REG(ERR, err) " | "			\
+			    EX_DATA_REG(ZERO, zero)			\
+			  ")")
+
 #define _ASM_EXTABLE_UACCESS_ERR(insn, fixup, err)			\
 	_ASM_EXTABLE_UACCESS_ERR_ZERO(insn, fixup, err, wzr)
 
+#define _ASM_EXTABLE_KACCESS_ERR(insn, fixup, err)			\
+	_ASM_EXTABLE_KACCESS_ERR_ZERO(insn, fixup, err, wzr)
+
 #define EX_DATA_REG_DATA_SHIFT	0
 #define EX_DATA_REG_DATA	GENMASK(4, 0)
 #define EX_DATA_REG_ADDR_SHIFT	5
diff --git a/arch/arm64/include/asm/uaccess.h b/arch/arm64/include/asm/uaccess.h
index 63f9c828f1a7..2fc9f0861769 100644
--- a/arch/arm64/include/asm/uaccess.h
+++ b/arch/arm64/include/asm/uaccess.h
@@ -232,34 +232,34 @@ static inline void __user *__uaccess_mask_ptr(const void __user *ptr)
  * The "__xxx_error" versions set the third argument to -EFAULT if an error
  * occurs, and leave it unchanged on success.
  */
-#define __get_mem_asm(load, reg, x, addr, err)				\
+#define __get_mem_asm(load, reg, x, addr, err, type)			\
 	asm volatile(							\
 	"1:	" load "	" reg "1, [%2]\n"			\
 	"2:\n"								\
-	_ASM_EXTABLE_UACCESS_ERR_ZERO(1b, 2b, %w0, %w1)			\
+	_ASM_EXTABLE_##type##ACCESS_ERR_ZERO(1b, 2b, %w0, %w1)		\
 	: "+r" (err), "=&r" (x)						\
 	: "r" (addr))
 
-#define __raw_get_mem(ldr, x, ptr, err)					\
-do {									\
-	unsigned long __gu_val;						\
-	switch (sizeof(*(ptr))) {					\
-	case 1:								\
-		__get_mem_asm(ldr "b", "%w", __gu_val, (ptr), (err));	\
-		break;							\
-	case 2:								\
-		__get_mem_asm(ldr "h", "%w", __gu_val, (ptr), (err));	\
-		break;							\
-	case 4:								\
-		__get_mem_asm(ldr, "%w", __gu_val, (ptr), (err));	\
-		break;							\
-	case 8:								\
-		__get_mem_asm(ldr, "%x",  __gu_val, (ptr), (err));	\
-		break;							\
-	default:							\
-		BUILD_BUG();						\
-	}								\
-	(x) = (__force __typeof__(*(ptr)))__gu_val;			\
+#define __raw_get_mem(ldr, x, ptr, err, type)					\
+do {										\
+	unsigned long __gu_val;							\
+	switch (sizeof(*(ptr))) {						\
+	case 1:									\
+		__get_mem_asm(ldr "b", "%w", __gu_val, (ptr), (err), type);	\
+		break;								\
+	case 2:									\
+		__get_mem_asm(ldr "h", "%w", __gu_val, (ptr), (err), type);	\
+		break;								\
+	case 4:									\
+		__get_mem_asm(ldr, "%w", __gu_val, (ptr), (err), type);		\
+		break;								\
+	case 8:									\
+		__get_mem_asm(ldr, "%x",  __gu_val, (ptr), (err), type);	\
+		break;								\
+	default:								\
+		BUILD_BUG();							\
+	}									\
+	(x) = (__force __typeof__(*(ptr)))__gu_val;				\
 } while (0)
 
 /*
@@ -274,7 +274,7 @@ do {									\
 	__chk_user_ptr(ptr);						\
 									\
 	uaccess_ttbr0_enable();						\
-	__raw_get_mem("ldtr", __rgu_val, __rgu_ptr, err);		\
+	__raw_get_mem("ldtr", __rgu_val, __rgu_ptr, err, U);		\
 	uaccess_ttbr0_disable();					\
 									\
 	(x) = __rgu_val;						\
@@ -314,40 +314,40 @@ do {									\
 									\
 	__uaccess_enable_tco_async();					\
 	__raw_get_mem("ldr", *((type *)(__gkn_dst)),			\
-		      (__force type *)(__gkn_src), __gkn_err);		\
+		      (__force type *)(__gkn_src), __gkn_err, K);	\
 	__uaccess_disable_tco_async();					\
 									\
 	if (unlikely(__gkn_err))					\
 		goto err_label;						\
 } while (0)
 
-#define __put_mem_asm(store, reg, x, addr, err)				\
+#define __put_mem_asm(store, reg, x, addr, err, type)			\
 	asm volatile(							\
 	"1:	" store "	" reg "1, [%2]\n"			\
 	"2:\n"								\
-	_ASM_EXTABLE_UACCESS_ERR(1b, 2b, %w0)				\
+	_ASM_EXTABLE_##type##ACCESS_ERR(1b, 2b, %w0)			\
 	: "+r" (err)							\
 	: "r" (x), "r" (addr))
 
-#define __raw_put_mem(str, x, ptr, err)					\
-do {									\
-	__typeof__(*(ptr)) __pu_val = (x);				\
-	switch (sizeof(*(ptr))) {					\
-	case 1:								\
-		__put_mem_asm(str "b", "%w", __pu_val, (ptr), (err));	\
-		break;							\
-	case 2:								\
-		__put_mem_asm(str "h", "%w", __pu_val, (ptr), (err));	\
-		break;							\
-	case 4:								\
-		__put_mem_asm(str, "%w", __pu_val, (ptr), (err));	\
-		break;							\
-	case 8:								\
-		__put_mem_asm(str, "%x", __pu_val, (ptr), (err));	\
-		break;							\
-	default:							\
-		BUILD_BUG();						\
-	}								\
+#define __raw_put_mem(str, x, ptr, err, type)					\
+do {										\
+	__typeof__(*(ptr)) __pu_val = (x);					\
+	switch (sizeof(*(ptr))) {						\
+	case 1:									\
+		__put_mem_asm(str "b", "%w", __pu_val, (ptr), (err), type);	\
+		break;								\
+	case 2:									\
+		__put_mem_asm(str "h", "%w", __pu_val, (ptr), (err), type);	\
+		break;								\
+	case 4:									\
+		__put_mem_asm(str, "%w", __pu_val, (ptr), (err), type);		\
+		break;								\
+	case 8:									\
+		__put_mem_asm(str, "%x", __pu_val, (ptr), (err), type);		\
+		break;								\
+	default:								\
+		BUILD_BUG();							\
+	}									\
 } while (0)
 
 /*
@@ -362,7 +362,7 @@ do {									\
 	__chk_user_ptr(__rpu_ptr);					\
 									\
 	uaccess_ttbr0_enable();						\
-	__raw_put_mem("sttr", __rpu_val, __rpu_ptr, err);		\
+	__raw_put_mem("sttr", __rpu_val, __rpu_ptr, err, U);		\
 	uaccess_ttbr0_disable();					\
 } while (0)
 
@@ -400,7 +400,7 @@ do {									\
 									\
 	__uaccess_enable_tco_async();					\
 	__raw_put_mem("str", *((type *)(__pkn_src)),			\
-		      (__force type *)(__pkn_dst), __pkn_err);		\
+		      (__force type *)(__pkn_dst), __pkn_err, K);	\
 	__uaccess_disable_tco_async();					\
 									\
 	if (unlikely(__pkn_err))					\
diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
index 489455309695..056591e5ca80 100644
--- a/arch/arm64/mm/extable.c
+++ b/arch/arm64/mm/extable.c
@@ -77,6 +77,7 @@ bool fixup_exception(struct pt_regs *regs)
 	case EX_TYPE_BPF:
 		return ex_handler_bpf(ex, regs);
 	case EX_TYPE_UACCESS_ERR_ZERO:
+	case EX_TYPE_KACCESS_ERR_ZERO:
 		return ex_handler_uaccess_err_zero(ex, regs);
 	case EX_TYPE_LOAD_UNALIGNED_ZEROPAD:
 		return ex_handler_load_unaligned_zeropad(ex, regs);
-- 
2.25.1


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

[PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Tong Tiangen]

Currnetly, the extable type used by __arch_copy_from/to_user() is
EX_TYPE_FIXUP. In fact, It is more clearly to use meaningful
EX_TYPE_UACCESS_*.

Suggested-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
---
 arch/arm64/include/asm/asm-extable.h |  8 ++++++++
 arch/arm64/include/asm/asm-uaccess.h | 12 ++++++------
 2 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
index 56ebe183e78b..9c94ac1f082c 100644
--- a/arch/arm64/include/asm/asm-extable.h
+++ b/arch/arm64/include/asm/asm-extable.h
@@ -28,6 +28,14 @@
 	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
 	.endm
 
+/*
+ * Create an exception table entry for uaccess `insn`, which will branch to `fixup`
+ * when an unhandled fault is taken.
+ * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
+ */
+	.macro          _asm_extable_uaccess, insn, fixup
+	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
+	.endm
 /*
  * Create an exception table entry for `insn` if `fixup` is provided. Otherwise
  * do nothing.
diff --git a/arch/arm64/include/asm/asm-uaccess.h b/arch/arm64/include/asm/asm-uaccess.h
index 0557af834e03..75b211c98dea 100644
--- a/arch/arm64/include/asm/asm-uaccess.h
+++ b/arch/arm64/include/asm/asm-uaccess.h
@@ -61,7 +61,7 @@ alternative_else_nop_endif
 
 #define USER(l, x...)				\
 9999:	x;					\
-	_asm_extable	9999b, l
+	_asm_extable_uaccess	9999b, l
 
 /*
  * Generate the assembly for LDTR/STTR with exception table entries.
@@ -73,8 +73,8 @@ alternative_else_nop_endif
 8889:		ldtr	\reg2, [\addr, #8];
 		add	\addr, \addr, \post_inc;
 
-		_asm_extable	8888b,\l;
-		_asm_extable	8889b,\l;
+		_asm_extable_uaccess	8888b, \l;
+		_asm_extable_uaccess	8889b, \l;
 	.endm
 
 	.macro user_stp l, reg1, reg2, addr, post_inc
@@ -82,14 +82,14 @@ alternative_else_nop_endif
 8889:		sttr	\reg2, [\addr, #8];
 		add	\addr, \addr, \post_inc;
 
-		_asm_extable	8888b,\l;
-		_asm_extable	8889b,\l;
+		_asm_extable_uaccess	8888b,\l;
+		_asm_extable_uaccess	8889b,\l;
 	.endm
 
 	.macro user_ldst l, inst, reg, addr, post_inc
 8888:		\inst		\reg, [\addr];
 		add		\addr, \addr, \post_inc;
 
-		_asm_extable	8888b,\l;
+		_asm_extable_uaccess	8888b, \l;
 	.endm
 #endif
-- 
2.25.1

[PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Tong Tiangen]

Currnetly, the extable type used by __arch_copy_from/to_user() is
EX_TYPE_FIXUP. In fact, It is more clearly to use meaningful
EX_TYPE_UACCESS_*.

Suggested-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
---
 arch/arm64/include/asm/asm-extable.h |  8 ++++++++
 arch/arm64/include/asm/asm-uaccess.h | 12 ++++++------
 2 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
index 56ebe183e78b..9c94ac1f082c 100644
--- a/arch/arm64/include/asm/asm-extable.h
+++ b/arch/arm64/include/asm/asm-extable.h
@@ -28,6 +28,14 @@
 	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
 	.endm
 
+/*
+ * Create an exception table entry for uaccess `insn`, which will branch to `fixup`
+ * when an unhandled fault is taken.
+ * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
+ */
+	.macro          _asm_extable_uaccess, insn, fixup
+	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
+	.endm
 /*
  * Create an exception table entry for `insn` if `fixup` is provided. Otherwise
  * do nothing.
diff --git a/arch/arm64/include/asm/asm-uaccess.h b/arch/arm64/include/asm/asm-uaccess.h
index 0557af834e03..75b211c98dea 100644
--- a/arch/arm64/include/asm/asm-uaccess.h
+++ b/arch/arm64/include/asm/asm-uaccess.h
@@ -61,7 +61,7 @@ alternative_else_nop_endif
 
 #define USER(l, x...)				\
 9999:	x;					\
-	_asm_extable	9999b, l
+	_asm_extable_uaccess	9999b, l
 
 /*
  * Generate the assembly for LDTR/STTR with exception table entries.
@@ -73,8 +73,8 @@ alternative_else_nop_endif
 8889:		ldtr	\reg2, [\addr, #8];
 		add	\addr, \addr, \post_inc;
 
-		_asm_extable	8888b,\l;
-		_asm_extable	8889b,\l;
+		_asm_extable_uaccess	8888b, \l;
+		_asm_extable_uaccess	8889b, \l;
 	.endm
 
 	.macro user_stp l, reg1, reg2, addr, post_inc
@@ -82,14 +82,14 @@ alternative_else_nop_endif
 8889:		sttr	\reg2, [\addr, #8];
 		add	\addr, \addr, \post_inc;
 
-		_asm_extable	8888b,\l;
-		_asm_extable	8889b,\l;
+		_asm_extable_uaccess	8888b,\l;
+		_asm_extable_uaccess	8889b,\l;
 	.endm
 
 	.macro user_ldst l, inst, reg, addr, post_inc
 8888:		\inst		\reg, [\addr];
 		add		\addr, \addr, \post_inc;
 
-		_asm_extable	8888b,\l;
+		_asm_extable_uaccess	8888b, \l;
 	.endm
 #endif
-- 
2.25.1

[PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Tong Tiangen]

Currnetly, the extable type used by __arch_copy_from/to_user() is
EX_TYPE_FIXUP. In fact, It is more clearly to use meaningful
EX_TYPE_UACCESS_*.

Suggested-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
---
 arch/arm64/include/asm/asm-extable.h |  8 ++++++++
 arch/arm64/include/asm/asm-uaccess.h | 12 ++++++------
 2 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
index 56ebe183e78b..9c94ac1f082c 100644
--- a/arch/arm64/include/asm/asm-extable.h
+++ b/arch/arm64/include/asm/asm-extable.h
@@ -28,6 +28,14 @@
 	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
 	.endm
 
+/*
+ * Create an exception table entry for uaccess `insn`, which will branch to `fixup`
+ * when an unhandled fault is taken.
+ * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
+ */
+	.macro          _asm_extable_uaccess, insn, fixup
+	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
+	.endm
 /*
  * Create an exception table entry for `insn` if `fixup` is provided. Otherwise
  * do nothing.
diff --git a/arch/arm64/include/asm/asm-uaccess.h b/arch/arm64/include/asm/asm-uaccess.h
index 0557af834e03..75b211c98dea 100644
--- a/arch/arm64/include/asm/asm-uaccess.h
+++ b/arch/arm64/include/asm/asm-uaccess.h
@@ -61,7 +61,7 @@ alternative_else_nop_endif
 
 #define USER(l, x...)				\
 9999:	x;					\
-	_asm_extable	9999b, l
+	_asm_extable_uaccess	9999b, l
 
 /*
  * Generate the assembly for LDTR/STTR with exception table entries.
@@ -73,8 +73,8 @@ alternative_else_nop_endif
 8889:		ldtr	\reg2, [\addr, #8];
 		add	\addr, \addr, \post_inc;
 
-		_asm_extable	8888b,\l;
-		_asm_extable	8889b,\l;
+		_asm_extable_uaccess	8888b, \l;
+		_asm_extable_uaccess	8889b, \l;
 	.endm
 
 	.macro user_stp l, reg1, reg2, addr, post_inc
@@ -82,14 +82,14 @@ alternative_else_nop_endif
 8889:		sttr	\reg2, [\addr, #8];
 		add	\addr, \addr, \post_inc;
 
-		_asm_extable	8888b,\l;
-		_asm_extable	8889b,\l;
+		_asm_extable_uaccess	8888b,\l;
+		_asm_extable_uaccess	8889b,\l;
 	.endm
 
 	.macro user_ldst l, inst, reg, addr, post_inc
 8888:		\inst		\reg, [\addr];
 		add		\addr, \addr, \post_inc;
 
-		_asm_extable	8888b,\l;
+		_asm_extable_uaccess	8888b, \l;
 	.endm
 #endif
-- 
2.25.1


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

[PATCH -next v5 3/8] arm64: extable: move _cond_extable to _cond_uaccess_extable

[Tong Tiangen]

Currently, We use _cond_extable for cache maintenance uaccess helper
caches_clean_inval_user_pou(), so this should be moved over to
EX_TYPE_UACCESS_ERR_ZERO and rename _cond_extable to _cond_uaccess_extable
for clarity.

Suggested-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
---
 arch/arm64/include/asm/asm-extable.h | 6 +++---
 arch/arm64/include/asm/assembler.h   | 4 ++--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
index 9c94ac1f082c..d01bd94cc4c2 100644
--- a/arch/arm64/include/asm/asm-extable.h
+++ b/arch/arm64/include/asm/asm-extable.h
@@ -40,9 +40,9 @@
  * Create an exception table entry for `insn` if `fixup` is provided. Otherwise
  * do nothing.
  */
-	.macro		_cond_extable, insn, fixup
-	.ifnc		\fixup,
-	_asm_extable	\insn, \fixup
+	.macro		_cond_uaccess_extable, insn, fixup
+	.ifnc			\fixup,
+	_asm_extable_uaccess	\insn, \fixup
 	.endif
 	.endm
 
diff --git a/arch/arm64/include/asm/assembler.h b/arch/arm64/include/asm/assembler.h
index 8c5a61aeaf8e..dc422fa437c2 100644
--- a/arch/arm64/include/asm/assembler.h
+++ b/arch/arm64/include/asm/assembler.h
@@ -423,7 +423,7 @@ alternative_endif
 	b.lo	.Ldcache_op\@
 	dsb	\domain
 
-	_cond_extable .Ldcache_op\@, \fixup
+	_cond_uaccess_extable .Ldcache_op\@, \fixup
 	.endm
 
 /*
@@ -462,7 +462,7 @@ alternative_endif
 	dsb	ish
 	isb
 
-	_cond_extable .Licache_op\@, \fixup
+	_cond_uaccess_extable .Licache_op\@, \fixup
 	.endm
 
 /*
-- 
2.25.1

[PATCH -next v5 3/8] arm64: extable: move _cond_extable to _cond_uaccess_extable

[Tong Tiangen]

Currently, We use _cond_extable for cache maintenance uaccess helper
caches_clean_inval_user_pou(), so this should be moved over to
EX_TYPE_UACCESS_ERR_ZERO and rename _cond_extable to _cond_uaccess_extable
for clarity.

Suggested-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
---
 arch/arm64/include/asm/asm-extable.h | 6 +++---
 arch/arm64/include/asm/assembler.h   | 4 ++--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
index 9c94ac1f082c..d01bd94cc4c2 100644
--- a/arch/arm64/include/asm/asm-extable.h
+++ b/arch/arm64/include/asm/asm-extable.h
@@ -40,9 +40,9 @@
  * Create an exception table entry for `insn` if `fixup` is provided. Otherwise
  * do nothing.
  */
-	.macro		_cond_extable, insn, fixup
-	.ifnc		\fixup,
-	_asm_extable	\insn, \fixup
+	.macro		_cond_uaccess_extable, insn, fixup
+	.ifnc			\fixup,
+	_asm_extable_uaccess	\insn, \fixup
 	.endif
 	.endm
 
diff --git a/arch/arm64/include/asm/assembler.h b/arch/arm64/include/asm/assembler.h
index 8c5a61aeaf8e..dc422fa437c2 100644
--- a/arch/arm64/include/asm/assembler.h
+++ b/arch/arm64/include/asm/assembler.h
@@ -423,7 +423,7 @@ alternative_endif
 	b.lo	.Ldcache_op\@
 	dsb	\domain
 
-	_cond_extable .Ldcache_op\@, \fixup
+	_cond_uaccess_extable .Ldcache_op\@, \fixup
 	.endm
 
 /*
@@ -462,7 +462,7 @@ alternative_endif
 	dsb	ish
 	isb
 
-	_cond_extable .Licache_op\@, \fixup
+	_cond_uaccess_extable .Licache_op\@, \fixup
 	.endm
 
 /*
-- 
2.25.1

[PATCH -next v5 3/8] arm64: extable: move _cond_extable to _cond_uaccess_extable

[Tong Tiangen]

Currently, We use _cond_extable for cache maintenance uaccess helper
caches_clean_inval_user_pou(), so this should be moved over to
EX_TYPE_UACCESS_ERR_ZERO and rename _cond_extable to _cond_uaccess_extable
for clarity.

Suggested-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
---
 arch/arm64/include/asm/asm-extable.h | 6 +++---
 arch/arm64/include/asm/assembler.h   | 4 ++--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
index 9c94ac1f082c..d01bd94cc4c2 100644
--- a/arch/arm64/include/asm/asm-extable.h
+++ b/arch/arm64/include/asm/asm-extable.h
@@ -40,9 +40,9 @@
  * Create an exception table entry for `insn` if `fixup` is provided. Otherwise
  * do nothing.
  */
-	.macro		_cond_extable, insn, fixup
-	.ifnc		\fixup,
-	_asm_extable	\insn, \fixup
+	.macro		_cond_uaccess_extable, insn, fixup
+	.ifnc			\fixup,
+	_asm_extable_uaccess	\insn, \fixup
 	.endif
 	.endm
 
diff --git a/arch/arm64/include/asm/assembler.h b/arch/arm64/include/asm/assembler.h
index 8c5a61aeaf8e..dc422fa437c2 100644
--- a/arch/arm64/include/asm/assembler.h
+++ b/arch/arm64/include/asm/assembler.h
@@ -423,7 +423,7 @@ alternative_endif
 	b.lo	.Ldcache_op\@
 	dsb	\domain
 
-	_cond_extable .Ldcache_op\@, \fixup
+	_cond_uaccess_extable .Ldcache_op\@, \fixup
 	.endm
 
 /*
@@ -462,7 +462,7 @@ alternative_endif
 	dsb	ish
 	isb
 
-	_cond_extable .Licache_op\@, \fixup
+	_cond_uaccess_extable .Licache_op\@, \fixup
 	.endm
 
 /*
-- 
2.25.1


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

[PATCH -next v5 4/8] arm64: extable: cleanup redundant extable type EX_TYPE_FIXUP

[Tong Tiangen]

Currently, extable type EX_TYPE_FIXUP is no place to use, We can safely
remove it.

Suggested-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
---
 arch/arm64/include/asm/asm-extable.h | 20 ++++----------------
 arch/arm64/mm/extable.c              |  9 ---------
 2 files changed, 4 insertions(+), 25 deletions(-)

diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
index d01bd94cc4c2..1f2974467273 100644
--- a/arch/arm64/include/asm/asm-extable.h
+++ b/arch/arm64/include/asm/asm-extable.h
@@ -3,11 +3,10 @@
 #define __ASM_ASM_EXTABLE_H
 
 #define EX_TYPE_NONE			0
-#define EX_TYPE_FIXUP			1
-#define EX_TYPE_BPF			2
-#define EX_TYPE_UACCESS_ERR_ZERO	3
-#define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	4
-#define EX_TYPE_KACCESS_ERR_ZERO	5
+#define EX_TYPE_BPF			1
+#define EX_TYPE_UACCESS_ERR_ZERO	2
+#define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	3
+#define EX_TYPE_KACCESS_ERR_ZERO	4
 
 #ifdef __ASSEMBLY__
 
@@ -20,14 +19,6 @@
 	.short		(data);				\
 	.popsection;
 
-/*
- * Create an exception table entry for `insn`, which will branch to `fixup`
- * when an unhandled fault is taken.
- */
-	.macro		_asm_extable, insn, fixup
-	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
-	.endm
-
 /*
  * Create an exception table entry for uaccess `insn`, which will branch to `fixup`
  * when an unhandled fault is taken.
@@ -62,9 +53,6 @@
 	".short		(" data ")\n"			\
 	".popsection\n"
 
-#define _ASM_EXTABLE(insn, fixup) \
-	__ASM_EXTABLE_RAW(#insn, #fixup, __stringify(EX_TYPE_FIXUP), "0")
-
 #define EX_DATA_REG_ERR_SHIFT	0
 #define EX_DATA_REG_ERR		GENMASK(4, 0)
 #define EX_DATA_REG_ZERO_SHIFT	5
diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
index 056591e5ca80..228d681a8715 100644
--- a/arch/arm64/mm/extable.c
+++ b/arch/arm64/mm/extable.c
@@ -16,13 +16,6 @@ get_ex_fixup(const struct exception_table_entry *ex)
 	return ((unsigned long)&ex->fixup + ex->fixup);
 }
 
-static bool ex_handler_fixup(const struct exception_table_entry *ex,
-			     struct pt_regs *regs)
-{
-	regs->pc = get_ex_fixup(ex);
-	return true;
-}
-
 static bool ex_handler_uaccess_err_zero(const struct exception_table_entry *ex,
 					struct pt_regs *regs)
 {
@@ -72,8 +65,6 @@ bool fixup_exception(struct pt_regs *regs)
 		return false;
 
 	switch (ex->type) {
-	case EX_TYPE_FIXUP:
-		return ex_handler_fixup(ex, regs);
 	case EX_TYPE_BPF:
 		return ex_handler_bpf(ex, regs);
 	case EX_TYPE_UACCESS_ERR_ZERO:
-- 
2.25.1

[PATCH -next v5 4/8] arm64: extable: cleanup redundant extable type EX_TYPE_FIXUP

[Tong Tiangen]

Currently, extable type EX_TYPE_FIXUP is no place to use, We can safely
remove it.

Suggested-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
---
 arch/arm64/include/asm/asm-extable.h | 20 ++++----------------
 arch/arm64/mm/extable.c              |  9 ---------
 2 files changed, 4 insertions(+), 25 deletions(-)

diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
index d01bd94cc4c2..1f2974467273 100644
--- a/arch/arm64/include/asm/asm-extable.h
+++ b/arch/arm64/include/asm/asm-extable.h
@@ -3,11 +3,10 @@
 #define __ASM_ASM_EXTABLE_H
 
 #define EX_TYPE_NONE			0
-#define EX_TYPE_FIXUP			1
-#define EX_TYPE_BPF			2
-#define EX_TYPE_UACCESS_ERR_ZERO	3
-#define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	4
-#define EX_TYPE_KACCESS_ERR_ZERO	5
+#define EX_TYPE_BPF			1
+#define EX_TYPE_UACCESS_ERR_ZERO	2
+#define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	3
+#define EX_TYPE_KACCESS_ERR_ZERO	4
 
 #ifdef __ASSEMBLY__
 
@@ -20,14 +19,6 @@
 	.short		(data);				\
 	.popsection;
 
-/*
- * Create an exception table entry for `insn`, which will branch to `fixup`
- * when an unhandled fault is taken.
- */
-	.macro		_asm_extable, insn, fixup
-	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
-	.endm
-
 /*
  * Create an exception table entry for uaccess `insn`, which will branch to `fixup`
  * when an unhandled fault is taken.
@@ -62,9 +53,6 @@
 	".short		(" data ")\n"			\
 	".popsection\n"
 
-#define _ASM_EXTABLE(insn, fixup) \
-	__ASM_EXTABLE_RAW(#insn, #fixup, __stringify(EX_TYPE_FIXUP), "0")
-
 #define EX_DATA_REG_ERR_SHIFT	0
 #define EX_DATA_REG_ERR		GENMASK(4, 0)
 #define EX_DATA_REG_ZERO_SHIFT	5
diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
index 056591e5ca80..228d681a8715 100644
--- a/arch/arm64/mm/extable.c
+++ b/arch/arm64/mm/extable.c
@@ -16,13 +16,6 @@ get_ex_fixup(const struct exception_table_entry *ex)
 	return ((unsigned long)&ex->fixup + ex->fixup);
 }
 
-static bool ex_handler_fixup(const struct exception_table_entry *ex,
-			     struct pt_regs *regs)
-{
-	regs->pc = get_ex_fixup(ex);
-	return true;
-}
-
 static bool ex_handler_uaccess_err_zero(const struct exception_table_entry *ex,
 					struct pt_regs *regs)
 {
@@ -72,8 +65,6 @@ bool fixup_exception(struct pt_regs *regs)
 		return false;
 
 	switch (ex->type) {
-	case EX_TYPE_FIXUP:
-		return ex_handler_fixup(ex, regs);
 	case EX_TYPE_BPF:
 		return ex_handler_bpf(ex, regs);
 	case EX_TYPE_UACCESS_ERR_ZERO:
-- 
2.25.1


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

[PATCH -next v5 4/8] arm64: extable: cleanup redundant extable type EX_TYPE_FIXUP

[Tong Tiangen]

Currently, extable type EX_TYPE_FIXUP is no place to use, We can safely
remove it.

Suggested-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
---
 arch/arm64/include/asm/asm-extable.h | 20 ++++----------------
 arch/arm64/mm/extable.c              |  9 ---------
 2 files changed, 4 insertions(+), 25 deletions(-)

diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
index d01bd94cc4c2..1f2974467273 100644
--- a/arch/arm64/include/asm/asm-extable.h
+++ b/arch/arm64/include/asm/asm-extable.h
@@ -3,11 +3,10 @@
 #define __ASM_ASM_EXTABLE_H
 
 #define EX_TYPE_NONE			0
-#define EX_TYPE_FIXUP			1
-#define EX_TYPE_BPF			2
-#define EX_TYPE_UACCESS_ERR_ZERO	3
-#define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	4
-#define EX_TYPE_KACCESS_ERR_ZERO	5
+#define EX_TYPE_BPF			1
+#define EX_TYPE_UACCESS_ERR_ZERO	2
+#define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	3
+#define EX_TYPE_KACCESS_ERR_ZERO	4
 
 #ifdef __ASSEMBLY__
 
@@ -20,14 +19,6 @@
 	.short		(data);				\
 	.popsection;
 
-/*
- * Create an exception table entry for `insn`, which will branch to `fixup`
- * when an unhandled fault is taken.
- */
-	.macro		_asm_extable, insn, fixup
-	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
-	.endm
-
 /*
  * Create an exception table entry for uaccess `insn`, which will branch to `fixup`
  * when an unhandled fault is taken.
@@ -62,9 +53,6 @@
 	".short		(" data ")\n"			\
 	".popsection\n"
 
-#define _ASM_EXTABLE(insn, fixup) \
-	__ASM_EXTABLE_RAW(#insn, #fixup, __stringify(EX_TYPE_FIXUP), "0")
-
 #define EX_DATA_REG_ERR_SHIFT	0
 #define EX_DATA_REG_ERR		GENMASK(4, 0)
 #define EX_DATA_REG_ZERO_SHIFT	5
diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
index 056591e5ca80..228d681a8715 100644
--- a/arch/arm64/mm/extable.c
+++ b/arch/arm64/mm/extable.c
@@ -16,13 +16,6 @@ get_ex_fixup(const struct exception_table_entry *ex)
 	return ((unsigned long)&ex->fixup + ex->fixup);
 }
 
-static bool ex_handler_fixup(const struct exception_table_entry *ex,
-			     struct pt_regs *regs)
-{
-	regs->pc = get_ex_fixup(ex);
-	return true;
-}
-
 static bool ex_handler_uaccess_err_zero(const struct exception_table_entry *ex,
 					struct pt_regs *regs)
 {
@@ -72,8 +65,6 @@ bool fixup_exception(struct pt_regs *regs)
 		return false;
 
 	switch (ex->type) {
-	case EX_TYPE_FIXUP:
-		return ex_handler_fixup(ex, regs);
 	case EX_TYPE_BPF:
 		return ex_handler_bpf(ex, regs);
 	case EX_TYPE_UACCESS_ERR_ZERO:
-- 
2.25.1

[PATCH -next v5 5/8] Add generic fallback version of copy_mc_to_user()

[Tong Tiangen]

x86/powerpc has it's implementation of copy_mc_to_user(), we add generic
fallback in include/linux/uaccess.h prepare for other architechures to
enable CONFIG_ARCH_HAS_COPY_MC.

Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
Acked-by: Michael Ellerman <mpe@ellerman.id.au>
---
 arch/powerpc/include/asm/uaccess.h | 1 +
 arch/x86/include/asm/uaccess.h     | 1 +
 include/linux/uaccess.h            | 9 +++++++++
 3 files changed, 11 insertions(+)

diff --git a/arch/powerpc/include/asm/uaccess.h b/arch/powerpc/include/asm/uaccess.h
index 9b82b38ff867..58dbe8e2e318 100644
--- a/arch/powerpc/include/asm/uaccess.h
+++ b/arch/powerpc/include/asm/uaccess.h
@@ -358,6 +358,7 @@ copy_mc_to_user(void __user *to, const void *from, unsigned long n)
 
 	return n;
 }
+#define copy_mc_to_user copy_mc_to_user
 #endif
 
 extern long __copy_from_user_flushcache(void *dst, const void __user *src,
diff --git a/arch/x86/include/asm/uaccess.h b/arch/x86/include/asm/uaccess.h
index 35f222aa66bf..b7b1aca5d6cd 100644
--- a/arch/x86/include/asm/uaccess.h
+++ b/arch/x86/include/asm/uaccess.h
@@ -512,6 +512,7 @@ copy_mc_to_kernel(void *to, const void *from, unsigned len);
 
 unsigned long __must_check
 copy_mc_to_user(void *to, const void *from, unsigned len);
+#define copy_mc_to_user copy_mc_to_user
 #endif
 
 /*
diff --git a/include/linux/uaccess.h b/include/linux/uaccess.h
index 5a328cf02b75..07e9faeb14b5 100644
--- a/include/linux/uaccess.h
+++ b/include/linux/uaccess.h
@@ -174,6 +174,15 @@ copy_mc_to_kernel(void *dst, const void *src, size_t cnt)
 }
 #endif
 
+#ifndef copy_mc_to_user
+static inline unsigned long __must_check
+copy_mc_to_user(void *dst, const void *src, size_t cnt)
+{
+	check_object_size(src, cnt, true);
+	return raw_copy_to_user(dst, src, cnt);
+}
+#endif
+
 static __always_inline void pagefault_disabled_inc(void)
 {
 	current->pagefault_disabled++;
-- 
2.25.1

[PATCH -next v5 5/8] Add generic fallback version of copy_mc_to_user()

[Tong Tiangen]

x86/powerpc has it's implementation of copy_mc_to_user(), we add generic
fallback in include/linux/uaccess.h prepare for other architechures to
enable CONFIG_ARCH_HAS_COPY_MC.

Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
Acked-by: Michael Ellerman <mpe@ellerman.id.au>
---
 arch/powerpc/include/asm/uaccess.h | 1 +
 arch/x86/include/asm/uaccess.h     | 1 +
 include/linux/uaccess.h            | 9 +++++++++
 3 files changed, 11 insertions(+)

diff --git a/arch/powerpc/include/asm/uaccess.h b/arch/powerpc/include/asm/uaccess.h
index 9b82b38ff867..58dbe8e2e318 100644
--- a/arch/powerpc/include/asm/uaccess.h
+++ b/arch/powerpc/include/asm/uaccess.h
@@ -358,6 +358,7 @@ copy_mc_to_user(void __user *to, const void *from, unsigned long n)
 
 	return n;
 }
+#define copy_mc_to_user copy_mc_to_user
 #endif
 
 extern long __copy_from_user_flushcache(void *dst, const void __user *src,
diff --git a/arch/x86/include/asm/uaccess.h b/arch/x86/include/asm/uaccess.h
index 35f222aa66bf..b7b1aca5d6cd 100644
--- a/arch/x86/include/asm/uaccess.h
+++ b/arch/x86/include/asm/uaccess.h
@@ -512,6 +512,7 @@ copy_mc_to_kernel(void *to, const void *from, unsigned len);
 
 unsigned long __must_check
 copy_mc_to_user(void *to, const void *from, unsigned len);
+#define copy_mc_to_user copy_mc_to_user
 #endif
 
 /*
diff --git a/include/linux/uaccess.h b/include/linux/uaccess.h
index 5a328cf02b75..07e9faeb14b5 100644
--- a/include/linux/uaccess.h
+++ b/include/linux/uaccess.h
@@ -174,6 +174,15 @@ copy_mc_to_kernel(void *dst, const void *src, size_t cnt)
 }
 #endif
 
+#ifndef copy_mc_to_user
+static inline unsigned long __must_check
+copy_mc_to_user(void *dst, const void *src, size_t cnt)
+{
+	check_object_size(src, cnt, true);
+	return raw_copy_to_user(dst, src, cnt);
+}
+#endif
+
 static __always_inline void pagefault_disabled_inc(void)
 {
 	current->pagefault_disabled++;
-- 
2.25.1

[PATCH -next v5 5/8] Add generic fallback version of copy_mc_to_user()

[Tong Tiangen]

x86/powerpc has it's implementation of copy_mc_to_user(), we add generic
fallback in include/linux/uaccess.h prepare for other architechures to
enable CONFIG_ARCH_HAS_COPY_MC.

Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
Acked-by: Michael Ellerman <mpe@ellerman.id.au>
---
 arch/powerpc/include/asm/uaccess.h | 1 +
 arch/x86/include/asm/uaccess.h     | 1 +
 include/linux/uaccess.h            | 9 +++++++++
 3 files changed, 11 insertions(+)

diff --git a/arch/powerpc/include/asm/uaccess.h b/arch/powerpc/include/asm/uaccess.h
index 9b82b38ff867..58dbe8e2e318 100644
--- a/arch/powerpc/include/asm/uaccess.h
+++ b/arch/powerpc/include/asm/uaccess.h
@@ -358,6 +358,7 @@ copy_mc_to_user(void __user *to, const void *from, unsigned long n)
 
 	return n;
 }
+#define copy_mc_to_user copy_mc_to_user
 #endif
 
 extern long __copy_from_user_flushcache(void *dst, const void __user *src,
diff --git a/arch/x86/include/asm/uaccess.h b/arch/x86/include/asm/uaccess.h
index 35f222aa66bf..b7b1aca5d6cd 100644
--- a/arch/x86/include/asm/uaccess.h
+++ b/arch/x86/include/asm/uaccess.h
@@ -512,6 +512,7 @@ copy_mc_to_kernel(void *to, const void *from, unsigned len);
 
 unsigned long __must_check
 copy_mc_to_user(void *to, const void *from, unsigned len);
+#define copy_mc_to_user copy_mc_to_user
 #endif
 
 /*
diff --git a/include/linux/uaccess.h b/include/linux/uaccess.h
index 5a328cf02b75..07e9faeb14b5 100644
--- a/include/linux/uaccess.h
+++ b/include/linux/uaccess.h
@@ -174,6 +174,15 @@ copy_mc_to_kernel(void *dst, const void *src, size_t cnt)
 }
 #endif
 
+#ifndef copy_mc_to_user
+static inline unsigned long __must_check
+copy_mc_to_user(void *dst, const void *src, size_t cnt)
+{
+	check_object_size(src, cnt, true);
+	return raw_copy_to_user(dst, src, cnt);
+}
+#endif
+
 static __always_inline void pagefault_disabled_inc(void)
 {
 	current->pagefault_disabled++;
-- 
2.25.1


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

[PATCH -next v5 6/8] arm64: add support for machine check error safe

[Tong Tiangen]

During the processing of arm64 kernel hardware memory errors(do_sea()), if
the errors is consumed in the kernel, the current processing is panic.
However, it is not optimal.

Take uaccess for example, if the uaccess operation fails due to memory
error, only the user process will be affected, kill the user process
and isolate the user page with hardware memory errors is a better choice.

This patch only enable machine error check framework, it add exception
fixup before kernel panic in do_sea() and only limit the consumption of
hardware memory errors in kernel mode triggered by user mode processes.
If fixup successful, panic can be avoided.

Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
---
 arch/arm64/Kconfig               |  1 +
 arch/arm64/include/asm/extable.h |  1 +
 arch/arm64/mm/extable.c          | 17 +++++++++++++++++
 arch/arm64/mm/fault.c            | 27 ++++++++++++++++++++++++++-
 4 files changed, 45 insertions(+), 1 deletion(-)

diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index aaeb70358979..a3b12ff0cd7f 100644
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -19,6 +19,7 @@ config ARM64
 	select ARCH_ENABLE_SPLIT_PMD_PTLOCK if PGTABLE_LEVELS > 2
 	select ARCH_ENABLE_THP_MIGRATION if TRANSPARENT_HUGEPAGE
 	select ARCH_HAS_CACHE_LINE_SIZE
+	select ARCH_HAS_COPY_MC if ACPI_APEI_GHES
 	select ARCH_HAS_CURRENT_STACK_POINTER
 	select ARCH_HAS_DEBUG_VIRTUAL
 	select ARCH_HAS_DEBUG_VM_PGTABLE
diff --git a/arch/arm64/include/asm/extable.h b/arch/arm64/include/asm/extable.h
index 72b0e71cc3de..f80ebd0addfd 100644
--- a/arch/arm64/include/asm/extable.h
+++ b/arch/arm64/include/asm/extable.h
@@ -46,4 +46,5 @@ bool ex_handler_bpf(const struct exception_table_entry *ex,
 #endif /* !CONFIG_BPF_JIT */
 
 bool fixup_exception(struct pt_regs *regs);
+bool fixup_exception_mc(struct pt_regs *regs);
 #endif
diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
index 228d681a8715..c301dcf6335f 100644
--- a/arch/arm64/mm/extable.c
+++ b/arch/arm64/mm/extable.c
@@ -9,6 +9,7 @@
 
 #include <asm/asm-extable.h>
 #include <asm/ptrace.h>
+#include <asm/esr.h>
 
 static inline unsigned long
 get_ex_fixup(const struct exception_table_entry *ex)
@@ -76,3 +77,19 @@ bool fixup_exception(struct pt_regs *regs)
 
 	BUG();
 }
+
+bool fixup_exception_mc(struct pt_regs *regs)
+{
+	const struct exception_table_entry *ex;
+
+	ex = search_exception_tables(instruction_pointer(regs));
+	if (!ex)
+		return false;
+
+	/*
+	 * This is not complete, More Machine check safe extable type can
+	 * be processed here.
+	 */
+
+	return false;
+}
diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c
index c5e11768e5c1..b262bd282a89 100644
--- a/arch/arm64/mm/fault.c
+++ b/arch/arm64/mm/fault.c
@@ -696,6 +696,29 @@ static int do_bad(unsigned long far, unsigned long esr, struct pt_regs *regs)
 	return 1; /* "fault" */
 }
 
+static bool arm64_do_kernel_sea(unsigned long addr, unsigned int esr,
+				     struct pt_regs *regs, int sig, int code)
+{
+	if (!IS_ENABLED(CONFIG_ARCH_HAS_COPY_MC))
+		return false;
+
+	if (user_mode(regs) || !current->mm)
+		return false;
+
+	if (apei_claim_sea(regs) < 0)
+		return false;
+
+	if (!fixup_exception_mc(regs))
+		return false;
+
+	set_thread_esr(0, esr);
+
+	arm64_force_sig_fault(sig, code, addr,
+		"Uncorrected hardware memory error in kernel-access\n");
+
+	return true;
+}
+
 static int do_sea(unsigned long far, unsigned long esr, struct pt_regs *regs)
 {
 	const struct fault_info *inf;
@@ -721,7 +744,9 @@ static int do_sea(unsigned long far, unsigned long esr, struct pt_regs *regs)
 		 */
 		siaddr  = untagged_addr(far);
 	}
-	arm64_notify_die(inf->name, regs, inf->sig, inf->code, siaddr, esr);
+
+	if (!arm64_do_kernel_sea(siaddr, esr, regs, inf->sig, inf->code))
+		arm64_notify_die(inf->name, regs, inf->sig, inf->code, siaddr, esr);
 
 	return 0;
 }
-- 
2.25.1

[PATCH -next v5 6/8] arm64: add support for machine check error safe

[Tong Tiangen]

During the processing of arm64 kernel hardware memory errors(do_sea()), if
the errors is consumed in the kernel, the current processing is panic.
However, it is not optimal.

Take uaccess for example, if the uaccess operation fails due to memory
error, only the user process will be affected, kill the user process
and isolate the user page with hardware memory errors is a better choice.

This patch only enable machine error check framework, it add exception
fixup before kernel panic in do_sea() and only limit the consumption of
hardware memory errors in kernel mode triggered by user mode processes.
If fixup successful, panic can be avoided.

Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
---
 arch/arm64/Kconfig               |  1 +
 arch/arm64/include/asm/extable.h |  1 +
 arch/arm64/mm/extable.c          | 17 +++++++++++++++++
 arch/arm64/mm/fault.c            | 27 ++++++++++++++++++++++++++-
 4 files changed, 45 insertions(+), 1 deletion(-)

diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index aaeb70358979..a3b12ff0cd7f 100644
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -19,6 +19,7 @@ config ARM64
 	select ARCH_ENABLE_SPLIT_PMD_PTLOCK if PGTABLE_LEVELS > 2
 	select ARCH_ENABLE_THP_MIGRATION if TRANSPARENT_HUGEPAGE
 	select ARCH_HAS_CACHE_LINE_SIZE
+	select ARCH_HAS_COPY_MC if ACPI_APEI_GHES
 	select ARCH_HAS_CURRENT_STACK_POINTER
 	select ARCH_HAS_DEBUG_VIRTUAL
 	select ARCH_HAS_DEBUG_VM_PGTABLE
diff --git a/arch/arm64/include/asm/extable.h b/arch/arm64/include/asm/extable.h
index 72b0e71cc3de..f80ebd0addfd 100644
--- a/arch/arm64/include/asm/extable.h
+++ b/arch/arm64/include/asm/extable.h
@@ -46,4 +46,5 @@ bool ex_handler_bpf(const struct exception_table_entry *ex,
 #endif /* !CONFIG_BPF_JIT */
 
 bool fixup_exception(struct pt_regs *regs);
+bool fixup_exception_mc(struct pt_regs *regs);
 #endif
diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
index 228d681a8715..c301dcf6335f 100644
--- a/arch/arm64/mm/extable.c
+++ b/arch/arm64/mm/extable.c
@@ -9,6 +9,7 @@
 
 #include <asm/asm-extable.h>
 #include <asm/ptrace.h>
+#include <asm/esr.h>
 
 static inline unsigned long
 get_ex_fixup(const struct exception_table_entry *ex)
@@ -76,3 +77,19 @@ bool fixup_exception(struct pt_regs *regs)
 
 	BUG();
 }
+
+bool fixup_exception_mc(struct pt_regs *regs)
+{
+	const struct exception_table_entry *ex;
+
+	ex = search_exception_tables(instruction_pointer(regs));
+	if (!ex)
+		return false;
+
+	/*
+	 * This is not complete, More Machine check safe extable type can
+	 * be processed here.
+	 */
+
+	return false;
+}
diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c
index c5e11768e5c1..b262bd282a89 100644
--- a/arch/arm64/mm/fault.c
+++ b/arch/arm64/mm/fault.c
@@ -696,6 +696,29 @@ static int do_bad(unsigned long far, unsigned long esr, struct pt_regs *regs)
 	return 1; /* "fault" */
 }
 
+static bool arm64_do_kernel_sea(unsigned long addr, unsigned int esr,
+				     struct pt_regs *regs, int sig, int code)
+{
+	if (!IS_ENABLED(CONFIG_ARCH_HAS_COPY_MC))
+		return false;
+
+	if (user_mode(regs) || !current->mm)
+		return false;
+
+	if (apei_claim_sea(regs) < 0)
+		return false;
+
+	if (!fixup_exception_mc(regs))
+		return false;
+
+	set_thread_esr(0, esr);
+
+	arm64_force_sig_fault(sig, code, addr,
+		"Uncorrected hardware memory error in kernel-access\n");
+
+	return true;
+}
+
 static int do_sea(unsigned long far, unsigned long esr, struct pt_regs *regs)
 {
 	const struct fault_info *inf;
@@ -721,7 +744,9 @@ static int do_sea(unsigned long far, unsigned long esr, struct pt_regs *regs)
 		 */
 		siaddr  = untagged_addr(far);
 	}
-	arm64_notify_die(inf->name, regs, inf->sig, inf->code, siaddr, esr);
+
+	if (!arm64_do_kernel_sea(siaddr, esr, regs, inf->sig, inf->code))
+		arm64_notify_die(inf->name, regs, inf->sig, inf->code, siaddr, esr);
 
 	return 0;
 }
-- 
2.25.1


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

[PATCH -next v5 6/8] arm64: add support for machine check error safe

[Tong Tiangen]

During the processing of arm64 kernel hardware memory errors(do_sea()), if
the errors is consumed in the kernel, the current processing is panic.
However, it is not optimal.

Take uaccess for example, if the uaccess operation fails due to memory
error, only the user process will be affected, kill the user process
and isolate the user page with hardware memory errors is a better choice.

This patch only enable machine error check framework, it add exception
fixup before kernel panic in do_sea() and only limit the consumption of
hardware memory errors in kernel mode triggered by user mode processes.
If fixup successful, panic can be avoided.

Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
---
 arch/arm64/Kconfig               |  1 +
 arch/arm64/include/asm/extable.h |  1 +
 arch/arm64/mm/extable.c          | 17 +++++++++++++++++
 arch/arm64/mm/fault.c            | 27 ++++++++++++++++++++++++++-
 4 files changed, 45 insertions(+), 1 deletion(-)

diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index aaeb70358979..a3b12ff0cd7f 100644
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -19,6 +19,7 @@ config ARM64
 	select ARCH_ENABLE_SPLIT_PMD_PTLOCK if PGTABLE_LEVELS > 2
 	select ARCH_ENABLE_THP_MIGRATION if TRANSPARENT_HUGEPAGE
 	select ARCH_HAS_CACHE_LINE_SIZE
+	select ARCH_HAS_COPY_MC if ACPI_APEI_GHES
 	select ARCH_HAS_CURRENT_STACK_POINTER
 	select ARCH_HAS_DEBUG_VIRTUAL
 	select ARCH_HAS_DEBUG_VM_PGTABLE
diff --git a/arch/arm64/include/asm/extable.h b/arch/arm64/include/asm/extable.h
index 72b0e71cc3de..f80ebd0addfd 100644
--- a/arch/arm64/include/asm/extable.h
+++ b/arch/arm64/include/asm/extable.h
@@ -46,4 +46,5 @@ bool ex_handler_bpf(const struct exception_table_entry *ex,
 #endif /* !CONFIG_BPF_JIT */
 
 bool fixup_exception(struct pt_regs *regs);
+bool fixup_exception_mc(struct pt_regs *regs);
 #endif
diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
index 228d681a8715..c301dcf6335f 100644
--- a/arch/arm64/mm/extable.c
+++ b/arch/arm64/mm/extable.c
@@ -9,6 +9,7 @@
 
 #include <asm/asm-extable.h>
 #include <asm/ptrace.h>
+#include <asm/esr.h>
 
 static inline unsigned long
 get_ex_fixup(const struct exception_table_entry *ex)
@@ -76,3 +77,19 @@ bool fixup_exception(struct pt_regs *regs)
 
 	BUG();
 }
+
+bool fixup_exception_mc(struct pt_regs *regs)
+{
+	const struct exception_table_entry *ex;
+
+	ex = search_exception_tables(instruction_pointer(regs));
+	if (!ex)
+		return false;
+
+	/*
+	 * This is not complete, More Machine check safe extable type can
+	 * be processed here.
+	 */
+
+	return false;
+}
diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c
index c5e11768e5c1..b262bd282a89 100644
--- a/arch/arm64/mm/fault.c
+++ b/arch/arm64/mm/fault.c
@@ -696,6 +696,29 @@ static int do_bad(unsigned long far, unsigned long esr, struct pt_regs *regs)
 	return 1; /* "fault" */
 }
 
+static bool arm64_do_kernel_sea(unsigned long addr, unsigned int esr,
+				     struct pt_regs *regs, int sig, int code)
+{
+	if (!IS_ENABLED(CONFIG_ARCH_HAS_COPY_MC))
+		return false;
+
+	if (user_mode(regs) || !current->mm)
+		return false;
+
+	if (apei_claim_sea(regs) < 0)
+		return false;
+
+	if (!fixup_exception_mc(regs))
+		return false;
+
+	set_thread_esr(0, esr);
+
+	arm64_force_sig_fault(sig, code, addr,
+		"Uncorrected hardware memory error in kernel-access\n");
+
+	return true;
+}
+
 static int do_sea(unsigned long far, unsigned long esr, struct pt_regs *regs)
 {
 	const struct fault_info *inf;
@@ -721,7 +744,9 @@ static int do_sea(unsigned long far, unsigned long esr, struct pt_regs *regs)
 		 */
 		siaddr  = untagged_addr(far);
 	}
-	arm64_notify_die(inf->name, regs, inf->sig, inf->code, siaddr, esr);
+
+	if (!arm64_do_kernel_sea(siaddr, esr, regs, inf->sig, inf->code))
+		arm64_notify_die(inf->name, regs, inf->sig, inf->code, siaddr, esr);
 
 	return 0;
 }
-- 
2.25.1

[PATCH -next v5 7/8] arm64: add uaccess to machine check safe

[Tong Tiangen]

If user access fail due to hardware memory error, only the relevant
processes are affected, so killing the user process and isolate the
error page with hardware memory errors is a more reasonable choice
than kernel panic.

Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
---
 arch/arm64/lib/copy_from_user.S | 8 ++++----
 arch/arm64/lib/copy_to_user.S   | 8 ++++----
 arch/arm64/mm/extable.c         | 8 ++++----
 3 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/arch/arm64/lib/copy_from_user.S b/arch/arm64/lib/copy_from_user.S
index 34e317907524..402dd48a4f93 100644
--- a/arch/arm64/lib/copy_from_user.S
+++ b/arch/arm64/lib/copy_from_user.S
@@ -25,7 +25,7 @@
 	.endm
 
 	.macro strb1 reg, ptr, val
-	strb \reg, [\ptr], \val
+	USER(9998f, strb \reg, [\ptr], \val)
 	.endm
 
 	.macro ldrh1 reg, ptr, val
@@ -33,7 +33,7 @@
 	.endm
 
 	.macro strh1 reg, ptr, val
-	strh \reg, [\ptr], \val
+	USER(9998f, strh \reg, [\ptr], \val)
 	.endm
 
 	.macro ldr1 reg, ptr, val
@@ -41,7 +41,7 @@
 	.endm
 
 	.macro str1 reg, ptr, val
-	str \reg, [\ptr], \val
+	USER(9998f, str \reg, [\ptr], \val)
 	.endm
 
 	.macro ldp1 reg1, reg2, ptr, val
@@ -49,7 +49,7 @@
 	.endm
 
 	.macro stp1 reg1, reg2, ptr, val
-	stp \reg1, \reg2, [\ptr], \val
+	USER(9998f, stp \reg1, \reg2, [\ptr], \val)
 	.endm
 
 end	.req	x5
diff --git a/arch/arm64/lib/copy_to_user.S b/arch/arm64/lib/copy_to_user.S
index 802231772608..4134bdb3a8b0 100644
--- a/arch/arm64/lib/copy_to_user.S
+++ b/arch/arm64/lib/copy_to_user.S
@@ -20,7 +20,7 @@
  *	x0 - bytes not copied
  */
 	.macro ldrb1 reg, ptr, val
-	ldrb  \reg, [\ptr], \val
+	USER(9998f, ldrb  \reg, [\ptr], \val)
 	.endm
 
 	.macro strb1 reg, ptr, val
@@ -28,7 +28,7 @@
 	.endm
 
 	.macro ldrh1 reg, ptr, val
-	ldrh  \reg, [\ptr], \val
+	USER(9998f, ldrh  \reg, [\ptr], \val)
 	.endm
 
 	.macro strh1 reg, ptr, val
@@ -36,7 +36,7 @@
 	.endm
 
 	.macro ldr1 reg, ptr, val
-	ldr \reg, [\ptr], \val
+	USER(9998f, ldr \reg, [\ptr], \val)
 	.endm
 
 	.macro str1 reg, ptr, val
@@ -44,7 +44,7 @@
 	.endm
 
 	.macro ldp1 reg1, reg2, ptr, val
-	ldp \reg1, \reg2, [\ptr], \val
+	USER(9998f, ldp \reg1, \reg2, [\ptr], \val)
 	.endm
 
 	.macro stp1 reg1, reg2, ptr, val
diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
index c301dcf6335f..8ca8d9639f9f 100644
--- a/arch/arm64/mm/extable.c
+++ b/arch/arm64/mm/extable.c
@@ -86,10 +86,10 @@ bool fixup_exception_mc(struct pt_regs *regs)
 	if (!ex)
 		return false;
 
-	/*
-	 * This is not complete, More Machine check safe extable type can
-	 * be processed here.
-	 */
+	switch (ex->type) {
+	case EX_TYPE_UACCESS_ERR_ZERO:
+		return ex_handler_uaccess_err_zero(ex, regs);
+	}
 
 	return false;
 }
-- 
2.25.1

[PATCH -next v5 7/8] arm64: add uaccess to machine check safe

[Tong Tiangen]

If user access fail due to hardware memory error, only the relevant
processes are affected, so killing the user process and isolate the
error page with hardware memory errors is a more reasonable choice
than kernel panic.

Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
---
 arch/arm64/lib/copy_from_user.S | 8 ++++----
 arch/arm64/lib/copy_to_user.S   | 8 ++++----
 arch/arm64/mm/extable.c         | 8 ++++----
 3 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/arch/arm64/lib/copy_from_user.S b/arch/arm64/lib/copy_from_user.S
index 34e317907524..402dd48a4f93 100644
--- a/arch/arm64/lib/copy_from_user.S
+++ b/arch/arm64/lib/copy_from_user.S
@@ -25,7 +25,7 @@
 	.endm
 
 	.macro strb1 reg, ptr, val
-	strb \reg, [\ptr], \val
+	USER(9998f, strb \reg, [\ptr], \val)
 	.endm
 
 	.macro ldrh1 reg, ptr, val
@@ -33,7 +33,7 @@
 	.endm
 
 	.macro strh1 reg, ptr, val
-	strh \reg, [\ptr], \val
+	USER(9998f, strh \reg, [\ptr], \val)
 	.endm
 
 	.macro ldr1 reg, ptr, val
@@ -41,7 +41,7 @@
 	.endm
 
 	.macro str1 reg, ptr, val
-	str \reg, [\ptr], \val
+	USER(9998f, str \reg, [\ptr], \val)
 	.endm
 
 	.macro ldp1 reg1, reg2, ptr, val
@@ -49,7 +49,7 @@
 	.endm
 
 	.macro stp1 reg1, reg2, ptr, val
-	stp \reg1, \reg2, [\ptr], \val
+	USER(9998f, stp \reg1, \reg2, [\ptr], \val)
 	.endm
 
 end	.req	x5
diff --git a/arch/arm64/lib/copy_to_user.S b/arch/arm64/lib/copy_to_user.S
index 802231772608..4134bdb3a8b0 100644
--- a/arch/arm64/lib/copy_to_user.S
+++ b/arch/arm64/lib/copy_to_user.S
@@ -20,7 +20,7 @@
  *	x0 - bytes not copied
  */
 	.macro ldrb1 reg, ptr, val
-	ldrb  \reg, [\ptr], \val
+	USER(9998f, ldrb  \reg, [\ptr], \val)
 	.endm
 
 	.macro strb1 reg, ptr, val
@@ -28,7 +28,7 @@
 	.endm
 
 	.macro ldrh1 reg, ptr, val
-	ldrh  \reg, [\ptr], \val
+	USER(9998f, ldrh  \reg, [\ptr], \val)
 	.endm
 
 	.macro strh1 reg, ptr, val
@@ -36,7 +36,7 @@
 	.endm
 
 	.macro ldr1 reg, ptr, val
-	ldr \reg, [\ptr], \val
+	USER(9998f, ldr \reg, [\ptr], \val)
 	.endm
 
 	.macro str1 reg, ptr, val
@@ -44,7 +44,7 @@
 	.endm
 
 	.macro ldp1 reg1, reg2, ptr, val
-	ldp \reg1, \reg2, [\ptr], \val
+	USER(9998f, ldp \reg1, \reg2, [\ptr], \val)
 	.endm
 
 	.macro stp1 reg1, reg2, ptr, val
diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
index c301dcf6335f..8ca8d9639f9f 100644
--- a/arch/arm64/mm/extable.c
+++ b/arch/arm64/mm/extable.c
@@ -86,10 +86,10 @@ bool fixup_exception_mc(struct pt_regs *regs)
 	if (!ex)
 		return false;
 
-	/*
-	 * This is not complete, More Machine check safe extable type can
-	 * be processed here.
-	 */
+	switch (ex->type) {
+	case EX_TYPE_UACCESS_ERR_ZERO:
+		return ex_handler_uaccess_err_zero(ex, regs);
+	}
 
 	return false;
 }
-- 
2.25.1

[PATCH -next v5 7/8] arm64: add uaccess to machine check safe

[Tong Tiangen]

If user access fail due to hardware memory error, only the relevant
processes are affected, so killing the user process and isolate the
error page with hardware memory errors is a more reasonable choice
than kernel panic.

Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
---
 arch/arm64/lib/copy_from_user.S | 8 ++++----
 arch/arm64/lib/copy_to_user.S   | 8 ++++----
 arch/arm64/mm/extable.c         | 8 ++++----
 3 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/arch/arm64/lib/copy_from_user.S b/arch/arm64/lib/copy_from_user.S
index 34e317907524..402dd48a4f93 100644
--- a/arch/arm64/lib/copy_from_user.S
+++ b/arch/arm64/lib/copy_from_user.S
@@ -25,7 +25,7 @@
 	.endm
 
 	.macro strb1 reg, ptr, val
-	strb \reg, [\ptr], \val
+	USER(9998f, strb \reg, [\ptr], \val)
 	.endm
 
 	.macro ldrh1 reg, ptr, val
@@ -33,7 +33,7 @@
 	.endm
 
 	.macro strh1 reg, ptr, val
-	strh \reg, [\ptr], \val
+	USER(9998f, strh \reg, [\ptr], \val)
 	.endm
 
 	.macro ldr1 reg, ptr, val
@@ -41,7 +41,7 @@
 	.endm
 
 	.macro str1 reg, ptr, val
-	str \reg, [\ptr], \val
+	USER(9998f, str \reg, [\ptr], \val)
 	.endm
 
 	.macro ldp1 reg1, reg2, ptr, val
@@ -49,7 +49,7 @@
 	.endm
 
 	.macro stp1 reg1, reg2, ptr, val
-	stp \reg1, \reg2, [\ptr], \val
+	USER(9998f, stp \reg1, \reg2, [\ptr], \val)
 	.endm
 
 end	.req	x5
diff --git a/arch/arm64/lib/copy_to_user.S b/arch/arm64/lib/copy_to_user.S
index 802231772608..4134bdb3a8b0 100644
--- a/arch/arm64/lib/copy_to_user.S
+++ b/arch/arm64/lib/copy_to_user.S
@@ -20,7 +20,7 @@
  *	x0 - bytes not copied
  */
 	.macro ldrb1 reg, ptr, val
-	ldrb  \reg, [\ptr], \val
+	USER(9998f, ldrb  \reg, [\ptr], \val)
 	.endm
 
 	.macro strb1 reg, ptr, val
@@ -28,7 +28,7 @@
 	.endm
 
 	.macro ldrh1 reg, ptr, val
-	ldrh  \reg, [\ptr], \val
+	USER(9998f, ldrh  \reg, [\ptr], \val)
 	.endm
 
 	.macro strh1 reg, ptr, val
@@ -36,7 +36,7 @@
 	.endm
 
 	.macro ldr1 reg, ptr, val
-	ldr \reg, [\ptr], \val
+	USER(9998f, ldr \reg, [\ptr], \val)
 	.endm
 
 	.macro str1 reg, ptr, val
@@ -44,7 +44,7 @@
 	.endm
 
 	.macro ldp1 reg1, reg2, ptr, val
-	ldp \reg1, \reg2, [\ptr], \val
+	USER(9998f, ldp \reg1, \reg2, [\ptr], \val)
 	.endm
 
 	.macro stp1 reg1, reg2, ptr, val
diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
index c301dcf6335f..8ca8d9639f9f 100644
--- a/arch/arm64/mm/extable.c
+++ b/arch/arm64/mm/extable.c
@@ -86,10 +86,10 @@ bool fixup_exception_mc(struct pt_regs *regs)
 	if (!ex)
 		return false;
 
-	/*
-	 * This is not complete, More Machine check safe extable type can
-	 * be processed here.
-	 */
+	switch (ex->type) {
+	case EX_TYPE_UACCESS_ERR_ZERO:
+		return ex_handler_uaccess_err_zero(ex, regs);
+	}
 
 	return false;
 }
-- 
2.25.1


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

[PATCH -next v5 8/8] arm64: add cow to machine check safe

[Tong Tiangen]

In the cow(copy on write) processing, the data of the user process is
copied, when hardware memory error is encountered during copy, only the
relevant processes are affected, so killing the user process and isolate
the user page with hardware memory errors is a more reasonable choice than
kernel panic.

Add new helper copy_page_mc() which provide a page copy implementation with
machine check safe. At present, only used in cow. In future, we can expand
more scenes. As long as the consequences of page copy failure are not
fatal(eg: only affect user process), we can use this helper.

The copy_page_mc() in copy_page_mc.S is largely borrows from copy_page()
in copy_page.S and the main difference is copy_page_mc() add extable entry
to every load/store insn to support machine check safe. largely to keep the
patch simple. If needed those optimizations can be folded in.

Add new extable type EX_TYPE_COPY_PAGE_MC which used in copy_page_mc().

Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
---
 arch/arm64/include/asm/asm-extable.h | 10 ++++
 arch/arm64/include/asm/mte.h         |  4 ++
 arch/arm64/include/asm/page.h        | 10 ++++
 arch/arm64/lib/Makefile              |  2 +
 arch/arm64/lib/copy_page_mc.S        | 82 ++++++++++++++++++++++++++++
 arch/arm64/lib/mte.S                 | 19 +++++++
 arch/arm64/mm/copypage.c             | 41 +++++++++++---
 arch/arm64/mm/extable.c              |  9 +++
 include/linux/highmem.h              |  8 +++
 mm/memory.c                          |  2 +-
 10 files changed, 179 insertions(+), 8 deletions(-)
 create mode 100644 arch/arm64/lib/copy_page_mc.S

diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
index 1f2974467273..6f626388c176 100644
--- a/arch/arm64/include/asm/asm-extable.h
+++ b/arch/arm64/include/asm/asm-extable.h
@@ -7,6 +7,7 @@
 #define EX_TYPE_UACCESS_ERR_ZERO	2
 #define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	3
 #define EX_TYPE_KACCESS_ERR_ZERO	4
+#define EX_TYPE_COPY_PAGE_MC		5
 
 #ifdef __ASSEMBLY__
 
@@ -27,6 +28,11 @@
 	.macro          _asm_extable_uaccess, insn, fixup
 	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
 	.endm
+
+	.macro          _asm_extable_copy_page_mc, insn, fixup
+	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_COPY_PAGE_MC, 0)
+	.endm
+
 /*
  * Create an exception table entry for `insn` if `fixup` is provided. Otherwise
  * do nothing.
@@ -37,6 +43,10 @@
 	.endif
 	.endm
 
+#define CPY_MC(l, x...)		\
+9999:   x;			\
+	_asm_extable_copy_page_mc    9999b, l
+
 #else /* __ASSEMBLY__ */
 
 #include <linux/bits.h>
diff --git a/arch/arm64/include/asm/mte.h b/arch/arm64/include/asm/mte.h
index aa523591a44e..b8129f64cfea 100644
--- a/arch/arm64/include/asm/mte.h
+++ b/arch/arm64/include/asm/mte.h
@@ -40,6 +40,7 @@ void mte_free_tag_storage(char *storage);
 void mte_zero_clear_page_tags(void *addr);
 void mte_sync_tags(pte_t old_pte, pte_t pte);
 void mte_copy_page_tags(void *kto, const void *kfrom);
+void mte_copy_page_tags_mc(void *kto, const void *kfrom);
 void mte_thread_init_user(void);
 void mte_thread_switch(struct task_struct *next);
 void mte_suspend_enter(void);
@@ -63,6 +64,9 @@ static inline void mte_sync_tags(pte_t old_pte, pte_t pte)
 static inline void mte_copy_page_tags(void *kto, const void *kfrom)
 {
 }
+static inline void mte_copy_page_tags_mc(void *kto, const void *kfrom)
+{
+}
 static inline void mte_thread_init_user(void)
 {
 }
diff --git a/arch/arm64/include/asm/page.h b/arch/arm64/include/asm/page.h
index 993a27ea6f54..832571a7dddb 100644
--- a/arch/arm64/include/asm/page.h
+++ b/arch/arm64/include/asm/page.h
@@ -29,6 +29,16 @@ void copy_user_highpage(struct page *to, struct page *from,
 void copy_highpage(struct page *to, struct page *from);
 #define __HAVE_ARCH_COPY_HIGHPAGE
 
+#ifdef CONFIG_ARCH_HAS_COPY_MC
+extern void copy_page_mc(void *to, const void *from);
+void copy_highpage_mc(struct page *to, struct page *from);
+#define __HAVE_ARCH_COPY_HIGHPAGE_MC
+
+void copy_user_highpage_mc(struct page *to, struct page *from,
+		unsigned long vaddr, struct vm_area_struct *vma);
+#define __HAVE_ARCH_COPY_USER_HIGHPAGE_MC
+#endif
+
 struct page *alloc_zeroed_user_highpage_movable(struct vm_area_struct *vma,
 						unsigned long vaddr);
 #define __HAVE_ARCH_ALLOC_ZEROED_USER_HIGHPAGE_MOVABLE
diff --git a/arch/arm64/lib/Makefile b/arch/arm64/lib/Makefile
index 29490be2546b..0d9f292ef68a 100644
--- a/arch/arm64/lib/Makefile
+++ b/arch/arm64/lib/Makefile
@@ -15,6 +15,8 @@ endif
 
 lib-$(CONFIG_ARCH_HAS_UACCESS_FLUSHCACHE) += uaccess_flushcache.o
 
+lib-$(CONFIG_ARCH_HAS_COPY_MC) += copy_page_mc.o
+
 obj-$(CONFIG_CRC32) += crc32.o
 
 obj-$(CONFIG_FUNCTION_ERROR_INJECTION) += error-inject.o
diff --git a/arch/arm64/lib/copy_page_mc.S b/arch/arm64/lib/copy_page_mc.S
new file mode 100644
index 000000000000..65fcad1dd7c8
--- /dev/null
+++ b/arch/arm64/lib/copy_page_mc.S
@@ -0,0 +1,82 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+/*
+ * Copyright (C) 2012 ARM Ltd.
+ */
+
+#include <linux/linkage.h>
+#include <linux/const.h>
+#include <asm/assembler.h>
+#include <asm/page.h>
+#include <asm/cpufeature.h>
+#include <asm/alternative.h>
+#include <asm/asm-extable.h>
+
+/*
+ * Copy a page from src to dest (both are page aligned) with machine check
+ *
+ * Parameters:
+ *	x0 - dest
+ *	x1 - src
+ */
+SYM_FUNC_START(__pi_copy_page_mc)
+alternative_if ARM64_HAS_NO_HW_PREFETCH
+	// Prefetch three cache lines ahead.
+	prfm	pldl1strm, [x1, #128]
+	prfm	pldl1strm, [x1, #256]
+	prfm	pldl1strm, [x1, #384]
+alternative_else_nop_endif
+
+CPY_MC(9998f, ldp	x2, x3, [x1])
+CPY_MC(9998f, ldp	x4, x5, [x1, #16])
+CPY_MC(9998f, ldp	x6, x7, [x1, #32])
+CPY_MC(9998f, ldp	x8, x9, [x1, #48])
+CPY_MC(9998f, ldp	x10, x11, [x1, #64])
+CPY_MC(9998f, ldp	x12, x13, [x1, #80])
+CPY_MC(9998f, ldp	x14, x15, [x1, #96])
+CPY_MC(9998f, ldp	x16, x17, [x1, #112])
+
+	add	x0, x0, #256
+	add	x1, x1, #128
+1:
+	tst	x0, #(PAGE_SIZE - 1)
+
+alternative_if ARM64_HAS_NO_HW_PREFETCH
+	prfm	pldl1strm, [x1, #384]
+alternative_else_nop_endif
+
+CPY_MC(9998f, stnp	x2, x3, [x0, #-256])
+CPY_MC(9998f, ldp	x2, x3, [x1])
+CPY_MC(9998f, stnp	x4, x5, [x0, #16 - 256])
+CPY_MC(9998f, ldp	x4, x5, [x1, #16])
+CPY_MC(9998f, stnp	x6, x7, [x0, #32 - 256])
+CPY_MC(9998f, ldp	x6, x7, [x1, #32])
+CPY_MC(9998f, stnp	x8, x9, [x0, #48 - 256])
+CPY_MC(9998f, ldp	x8, x9, [x1, #48])
+CPY_MC(9998f, stnp	x10, x11, [x0, #64 - 256])
+CPY_MC(9998f, ldp	x10, x11, [x1, #64])
+CPY_MC(9998f, stnp	x12, x13, [x0, #80 - 256])
+CPY_MC(9998f, ldp	x12, x13, [x1, #80])
+CPY_MC(9998f, stnp	x14, x15, [x0, #96 - 256])
+CPY_MC(9998f, ldp	x14, x15, [x1, #96])
+CPY_MC(9998f, stnp	x16, x17, [x0, #112 - 256])
+CPY_MC(9998f, ldp	x16, x17, [x1, #112])
+
+	add	x0, x0, #128
+	add	x1, x1, #128
+
+	b.ne	1b
+
+CPY_MC(9998f, stnp	x2, x3, [x0, #-256])
+CPY_MC(9998f, stnp	x4, x5, [x0, #16 - 256])
+CPY_MC(9998f, stnp	x6, x7, [x0, #32 - 256])
+CPY_MC(9998f, stnp	x8, x9, [x0, #48 - 256])
+CPY_MC(9998f, stnp	x10, x11, [x0, #64 - 256])
+CPY_MC(9998f, stnp	x12, x13, [x0, #80 - 256])
+CPY_MC(9998f, stnp	x14, x15, [x0, #96 - 256])
+CPY_MC(9998f, stnp	x16, x17, [x0, #112 - 256])
+
+9998:	ret
+
+SYM_FUNC_END(__pi_copy_page_mc)
+SYM_FUNC_ALIAS(copy_page_mc, __pi_copy_page_mc)
+EXPORT_SYMBOL(copy_page_mc)
diff --git a/arch/arm64/lib/mte.S b/arch/arm64/lib/mte.S
index eeb9e45bcce8..cf728a9f39b5 100644
--- a/arch/arm64/lib/mte.S
+++ b/arch/arm64/lib/mte.S
@@ -80,6 +80,25 @@ SYM_FUNC_START(mte_copy_page_tags)
 	ret
 SYM_FUNC_END(mte_copy_page_tags)
 
+/*
+ * Copy the tags from the source page to the destination one wiht machine check safe
+ *   x0 - address of the destination page
+ *   x1 - address of the source page
+ */
+SYM_FUNC_START(mte_copy_page_tags_mc)
+	mov	x2, x0
+	mov	x3, x1
+	multitag_transfer_size x5, x6
+1:
+CPY_MC(2f, ldgm	x4, [x3])
+	stgm	x4, [x2]
+	add	x2, x2, x5
+	add	x3, x3, x5
+	tst	x2, #(PAGE_SIZE - 1)
+	b.ne	1b
+2:	ret
+SYM_FUNC_END(mte_copy_page_tags_mc)
+
 /*
  * Read tags from a user buffer (one tag per byte) and set the corresponding
  * tags at the given kernel address. Used by PTRACE_POKEMTETAGS.
diff --git a/arch/arm64/mm/copypage.c b/arch/arm64/mm/copypage.c
index 0dea80bf6de4..d68c5fc753a2 100644
--- a/arch/arm64/mm/copypage.c
+++ b/arch/arm64/mm/copypage.c
@@ -14,13 +14,8 @@
 #include <asm/cpufeature.h>
 #include <asm/mte.h>
 
-void copy_highpage(struct page *to, struct page *from)
+static void do_mte(struct page *to, struct page *from, void *kto, void *kfrom, bool mc)
 {
-	void *kto = page_address(to);
-	void *kfrom = page_address(from);
-
-	copy_page(kto, kfrom);
-
 	if (system_supports_mte() && test_bit(PG_mte_tagged, &from->flags)) {
 		set_bit(PG_mte_tagged, &to->flags);
 		page_kasan_tag_reset(to);
@@ -32,9 +27,21 @@ void copy_highpage(struct page *to, struct page *from)
 		 * the new page->flags are visible before the tags were updated.
 		 */
 		smp_wmb();
-		mte_copy_page_tags(kto, kfrom);
+		if (mc)
+			mte_copy_page_tags_mc(kto, kfrom);
+		else
+			mte_copy_page_tags(kto, kfrom);
 	}
 }
+
+void copy_highpage(struct page *to, struct page *from)
+{
+	void *kto = page_address(to);
+	void *kfrom = page_address(from);
+
+	copy_page(kto, kfrom);
+	do_mte(to, from, kto, kfrom, false);
+}
 EXPORT_SYMBOL(copy_highpage);
 
 void copy_user_highpage(struct page *to, struct page *from,
@@ -44,3 +51,23 @@ void copy_user_highpage(struct page *to, struct page *from,
 	flush_dcache_page(to);
 }
 EXPORT_SYMBOL_GPL(copy_user_highpage);
+
+#ifdef CONFIG_ARCH_HAS_COPY_MC
+void copy_highpage_mc(struct page *to, struct page *from)
+{
+	void *kto = page_address(to);
+	void *kfrom = page_address(from);
+
+	copy_page_mc(kto, kfrom);
+	do_mte(to, from, kto, kfrom, true);
+}
+EXPORT_SYMBOL(copy_highpage_mc);
+
+void copy_user_highpage_mc(struct page *to, struct page *from,
+			unsigned long vaddr, struct vm_area_struct *vma)
+{
+	copy_highpage_mc(to, from);
+	flush_dcache_page(to);
+}
+EXPORT_SYMBOL_GPL(copy_user_highpage_mc);
+#endif
diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
index 8ca8d9639f9f..c96274a4db40 100644
--- a/arch/arm64/mm/extable.c
+++ b/arch/arm64/mm/extable.c
@@ -17,6 +17,13 @@ get_ex_fixup(const struct exception_table_entry *ex)
 	return ((unsigned long)&ex->fixup + ex->fixup);
 }
 
+static bool ex_handler_fixup(const struct exception_table_entry *ex,
+			     struct pt_regs *regs)
+{
+	regs->pc = get_ex_fixup(ex);
+	return true;
+}
+
 static bool ex_handler_uaccess_err_zero(const struct exception_table_entry *ex,
 					struct pt_regs *regs)
 {
@@ -89,6 +96,8 @@ bool fixup_exception_mc(struct pt_regs *regs)
 	switch (ex->type) {
 	case EX_TYPE_UACCESS_ERR_ZERO:
 		return ex_handler_uaccess_err_zero(ex, regs);
+	case EX_TYPE_COPY_PAGE_MC:
+		return ex_handler_fixup(ex, regs);
 	}
 
 	return false;
diff --git a/include/linux/highmem.h b/include/linux/highmem.h
index 3af34de54330..6c19e6bc0746 100644
--- a/include/linux/highmem.h
+++ b/include/linux/highmem.h
@@ -308,6 +308,10 @@ static inline void copy_user_highpage(struct page *to, struct page *from,
 
 #endif
 
+#ifndef __HAVE_ARCH_COPY_USER_HIGHPAGE_MC
+#define copy_user_highpage_mc copy_user_highpage
+#endif
+
 #ifndef __HAVE_ARCH_COPY_HIGHPAGE
 
 static inline void copy_highpage(struct page *to, struct page *from)
@@ -323,6 +327,10 @@ static inline void copy_highpage(struct page *to, struct page *from)
 
 #endif
 
+#ifndef __HAVE_ARCH_COPY_HIGHPAGE_MC
+#define cop_highpage_mc copy_highpage
+#endif
+
 static inline void memcpy_page(struct page *dst_page, size_t dst_off,
 			       struct page *src_page, size_t src_off,
 			       size_t len)
diff --git a/mm/memory.c b/mm/memory.c
index 21dadf03f089..06408451ed38 100644
--- a/mm/memory.c
+++ b/mm/memory.c
@@ -2845,7 +2845,7 @@ static inline bool __wp_page_copy_user(struct page *dst, struct page *src,
 	unsigned long addr = vmf->address;
 
 	if (likely(src)) {
-		copy_user_highpage(dst, src, addr, vma);
+		copy_user_highpage_mc(dst, src, addr, vma);
 		return true;
 	}
 
-- 
2.25.1

[PATCH -next v5 8/8] arm64: add cow to machine check safe

[Tong Tiangen]

In the cow(copy on write) processing, the data of the user process is
copied, when hardware memory error is encountered during copy, only the
relevant processes are affected, so killing the user process and isolate
the user page with hardware memory errors is a more reasonable choice than
kernel panic.

Add new helper copy_page_mc() which provide a page copy implementation with
machine check safe. At present, only used in cow. In future, we can expand
more scenes. As long as the consequences of page copy failure are not
fatal(eg: only affect user process), we can use this helper.

The copy_page_mc() in copy_page_mc.S is largely borrows from copy_page()
in copy_page.S and the main difference is copy_page_mc() add extable entry
to every load/store insn to support machine check safe. largely to keep the
patch simple. If needed those optimizations can be folded in.

Add new extable type EX_TYPE_COPY_PAGE_MC which used in copy_page_mc().

Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
---
 arch/arm64/include/asm/asm-extable.h | 10 ++++
 arch/arm64/include/asm/mte.h         |  4 ++
 arch/arm64/include/asm/page.h        | 10 ++++
 arch/arm64/lib/Makefile              |  2 +
 arch/arm64/lib/copy_page_mc.S        | 82 ++++++++++++++++++++++++++++
 arch/arm64/lib/mte.S                 | 19 +++++++
 arch/arm64/mm/copypage.c             | 41 +++++++++++---
 arch/arm64/mm/extable.c              |  9 +++
 include/linux/highmem.h              |  8 +++
 mm/memory.c                          |  2 +-
 10 files changed, 179 insertions(+), 8 deletions(-)
 create mode 100644 arch/arm64/lib/copy_page_mc.S

diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
index 1f2974467273..6f626388c176 100644
--- a/arch/arm64/include/asm/asm-extable.h
+++ b/arch/arm64/include/asm/asm-extable.h
@@ -7,6 +7,7 @@
 #define EX_TYPE_UACCESS_ERR_ZERO	2
 #define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	3
 #define EX_TYPE_KACCESS_ERR_ZERO	4
+#define EX_TYPE_COPY_PAGE_MC		5
 
 #ifdef __ASSEMBLY__
 
@@ -27,6 +28,11 @@
 	.macro          _asm_extable_uaccess, insn, fixup
 	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
 	.endm
+
+	.macro          _asm_extable_copy_page_mc, insn, fixup
+	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_COPY_PAGE_MC, 0)
+	.endm
+
 /*
  * Create an exception table entry for `insn` if `fixup` is provided. Otherwise
  * do nothing.
@@ -37,6 +43,10 @@
 	.endif
 	.endm
 
+#define CPY_MC(l, x...)		\
+9999:   x;			\
+	_asm_extable_copy_page_mc    9999b, l
+
 #else /* __ASSEMBLY__ */
 
 #include <linux/bits.h>
diff --git a/arch/arm64/include/asm/mte.h b/arch/arm64/include/asm/mte.h
index aa523591a44e..b8129f64cfea 100644
--- a/arch/arm64/include/asm/mte.h
+++ b/arch/arm64/include/asm/mte.h
@@ -40,6 +40,7 @@ void mte_free_tag_storage(char *storage);
 void mte_zero_clear_page_tags(void *addr);
 void mte_sync_tags(pte_t old_pte, pte_t pte);
 void mte_copy_page_tags(void *kto, const void *kfrom);
+void mte_copy_page_tags_mc(void *kto, const void *kfrom);
 void mte_thread_init_user(void);
 void mte_thread_switch(struct task_struct *next);
 void mte_suspend_enter(void);
@@ -63,6 +64,9 @@ static inline void mte_sync_tags(pte_t old_pte, pte_t pte)
 static inline void mte_copy_page_tags(void *kto, const void *kfrom)
 {
 }
+static inline void mte_copy_page_tags_mc(void *kto, const void *kfrom)
+{
+}
 static inline void mte_thread_init_user(void)
 {
 }
diff --git a/arch/arm64/include/asm/page.h b/arch/arm64/include/asm/page.h
index 993a27ea6f54..832571a7dddb 100644
--- a/arch/arm64/include/asm/page.h
+++ b/arch/arm64/include/asm/page.h
@@ -29,6 +29,16 @@ void copy_user_highpage(struct page *to, struct page *from,
 void copy_highpage(struct page *to, struct page *from);
 #define __HAVE_ARCH_COPY_HIGHPAGE
 
+#ifdef CONFIG_ARCH_HAS_COPY_MC
+extern void copy_page_mc(void *to, const void *from);
+void copy_highpage_mc(struct page *to, struct page *from);
+#define __HAVE_ARCH_COPY_HIGHPAGE_MC
+
+void copy_user_highpage_mc(struct page *to, struct page *from,
+		unsigned long vaddr, struct vm_area_struct *vma);
+#define __HAVE_ARCH_COPY_USER_HIGHPAGE_MC
+#endif
+
 struct page *alloc_zeroed_user_highpage_movable(struct vm_area_struct *vma,
 						unsigned long vaddr);
 #define __HAVE_ARCH_ALLOC_ZEROED_USER_HIGHPAGE_MOVABLE
diff --git a/arch/arm64/lib/Makefile b/arch/arm64/lib/Makefile
index 29490be2546b..0d9f292ef68a 100644
--- a/arch/arm64/lib/Makefile
+++ b/arch/arm64/lib/Makefile
@@ -15,6 +15,8 @@ endif
 
 lib-$(CONFIG_ARCH_HAS_UACCESS_FLUSHCACHE) += uaccess_flushcache.o
 
+lib-$(CONFIG_ARCH_HAS_COPY_MC) += copy_page_mc.o
+
 obj-$(CONFIG_CRC32) += crc32.o
 
 obj-$(CONFIG_FUNCTION_ERROR_INJECTION) += error-inject.o
diff --git a/arch/arm64/lib/copy_page_mc.S b/arch/arm64/lib/copy_page_mc.S
new file mode 100644
index 000000000000..65fcad1dd7c8
--- /dev/null
+++ b/arch/arm64/lib/copy_page_mc.S
@@ -0,0 +1,82 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+/*
+ * Copyright (C) 2012 ARM Ltd.
+ */
+
+#include <linux/linkage.h>
+#include <linux/const.h>
+#include <asm/assembler.h>
+#include <asm/page.h>
+#include <asm/cpufeature.h>
+#include <asm/alternative.h>
+#include <asm/asm-extable.h>
+
+/*
+ * Copy a page from src to dest (both are page aligned) with machine check
+ *
+ * Parameters:
+ *	x0 - dest
+ *	x1 - src
+ */
+SYM_FUNC_START(__pi_copy_page_mc)
+alternative_if ARM64_HAS_NO_HW_PREFETCH
+	// Prefetch three cache lines ahead.
+	prfm	pldl1strm, [x1, #128]
+	prfm	pldl1strm, [x1, #256]
+	prfm	pldl1strm, [x1, #384]
+alternative_else_nop_endif
+
+CPY_MC(9998f, ldp	x2, x3, [x1])
+CPY_MC(9998f, ldp	x4, x5, [x1, #16])
+CPY_MC(9998f, ldp	x6, x7, [x1, #32])
+CPY_MC(9998f, ldp	x8, x9, [x1, #48])
+CPY_MC(9998f, ldp	x10, x11, [x1, #64])
+CPY_MC(9998f, ldp	x12, x13, [x1, #80])
+CPY_MC(9998f, ldp	x14, x15, [x1, #96])
+CPY_MC(9998f, ldp	x16, x17, [x1, #112])
+
+	add	x0, x0, #256
+	add	x1, x1, #128
+1:
+	tst	x0, #(PAGE_SIZE - 1)
+
+alternative_if ARM64_HAS_NO_HW_PREFETCH
+	prfm	pldl1strm, [x1, #384]
+alternative_else_nop_endif
+
+CPY_MC(9998f, stnp	x2, x3, [x0, #-256])
+CPY_MC(9998f, ldp	x2, x3, [x1])
+CPY_MC(9998f, stnp	x4, x5, [x0, #16 - 256])
+CPY_MC(9998f, ldp	x4, x5, [x1, #16])
+CPY_MC(9998f, stnp	x6, x7, [x0, #32 - 256])
+CPY_MC(9998f, ldp	x6, x7, [x1, #32])
+CPY_MC(9998f, stnp	x8, x9, [x0, #48 - 256])
+CPY_MC(9998f, ldp	x8, x9, [x1, #48])
+CPY_MC(9998f, stnp	x10, x11, [x0, #64 - 256])
+CPY_MC(9998f, ldp	x10, x11, [x1, #64])
+CPY_MC(9998f, stnp	x12, x13, [x0, #80 - 256])
+CPY_MC(9998f, ldp	x12, x13, [x1, #80])
+CPY_MC(9998f, stnp	x14, x15, [x0, #96 - 256])
+CPY_MC(9998f, ldp	x14, x15, [x1, #96])
+CPY_MC(9998f, stnp	x16, x17, [x0, #112 - 256])
+CPY_MC(9998f, ldp	x16, x17, [x1, #112])
+
+	add	x0, x0, #128
+	add	x1, x1, #128
+
+	b.ne	1b
+
+CPY_MC(9998f, stnp	x2, x3, [x0, #-256])
+CPY_MC(9998f, stnp	x4, x5, [x0, #16 - 256])
+CPY_MC(9998f, stnp	x6, x7, [x0, #32 - 256])
+CPY_MC(9998f, stnp	x8, x9, [x0, #48 - 256])
+CPY_MC(9998f, stnp	x10, x11, [x0, #64 - 256])
+CPY_MC(9998f, stnp	x12, x13, [x0, #80 - 256])
+CPY_MC(9998f, stnp	x14, x15, [x0, #96 - 256])
+CPY_MC(9998f, stnp	x16, x17, [x0, #112 - 256])
+
+9998:	ret
+
+SYM_FUNC_END(__pi_copy_page_mc)
+SYM_FUNC_ALIAS(copy_page_mc, __pi_copy_page_mc)
+EXPORT_SYMBOL(copy_page_mc)
diff --git a/arch/arm64/lib/mte.S b/arch/arm64/lib/mte.S
index eeb9e45bcce8..cf728a9f39b5 100644
--- a/arch/arm64/lib/mte.S
+++ b/arch/arm64/lib/mte.S
@@ -80,6 +80,25 @@ SYM_FUNC_START(mte_copy_page_tags)
 	ret
 SYM_FUNC_END(mte_copy_page_tags)
 
+/*
+ * Copy the tags from the source page to the destination one wiht machine check safe
+ *   x0 - address of the destination page
+ *   x1 - address of the source page
+ */
+SYM_FUNC_START(mte_copy_page_tags_mc)
+	mov	x2, x0
+	mov	x3, x1
+	multitag_transfer_size x5, x6
+1:
+CPY_MC(2f, ldgm	x4, [x3])
+	stgm	x4, [x2]
+	add	x2, x2, x5
+	add	x3, x3, x5
+	tst	x2, #(PAGE_SIZE - 1)
+	b.ne	1b
+2:	ret
+SYM_FUNC_END(mte_copy_page_tags_mc)
+
 /*
  * Read tags from a user buffer (one tag per byte) and set the corresponding
  * tags at the given kernel address. Used by PTRACE_POKEMTETAGS.
diff --git a/arch/arm64/mm/copypage.c b/arch/arm64/mm/copypage.c
index 0dea80bf6de4..d68c5fc753a2 100644
--- a/arch/arm64/mm/copypage.c
+++ b/arch/arm64/mm/copypage.c
@@ -14,13 +14,8 @@
 #include <asm/cpufeature.h>
 #include <asm/mte.h>
 
-void copy_highpage(struct page *to, struct page *from)
+static void do_mte(struct page *to, struct page *from, void *kto, void *kfrom, bool mc)
 {
-	void *kto = page_address(to);
-	void *kfrom = page_address(from);
-
-	copy_page(kto, kfrom);
-
 	if (system_supports_mte() && test_bit(PG_mte_tagged, &from->flags)) {
 		set_bit(PG_mte_tagged, &to->flags);
 		page_kasan_tag_reset(to);
@@ -32,9 +27,21 @@ void copy_highpage(struct page *to, struct page *from)
 		 * the new page->flags are visible before the tags were updated.
 		 */
 		smp_wmb();
-		mte_copy_page_tags(kto, kfrom);
+		if (mc)
+			mte_copy_page_tags_mc(kto, kfrom);
+		else
+			mte_copy_page_tags(kto, kfrom);
 	}
 }
+
+void copy_highpage(struct page *to, struct page *from)
+{
+	void *kto = page_address(to);
+	void *kfrom = page_address(from);
+
+	copy_page(kto, kfrom);
+	do_mte(to, from, kto, kfrom, false);
+}
 EXPORT_SYMBOL(copy_highpage);
 
 void copy_user_highpage(struct page *to, struct page *from,
@@ -44,3 +51,23 @@ void copy_user_highpage(struct page *to, struct page *from,
 	flush_dcache_page(to);
 }
 EXPORT_SYMBOL_GPL(copy_user_highpage);
+
+#ifdef CONFIG_ARCH_HAS_COPY_MC
+void copy_highpage_mc(struct page *to, struct page *from)
+{
+	void *kto = page_address(to);
+	void *kfrom = page_address(from);
+
+	copy_page_mc(kto, kfrom);
+	do_mte(to, from, kto, kfrom, true);
+}
+EXPORT_SYMBOL(copy_highpage_mc);
+
+void copy_user_highpage_mc(struct page *to, struct page *from,
+			unsigned long vaddr, struct vm_area_struct *vma)
+{
+	copy_highpage_mc(to, from);
+	flush_dcache_page(to);
+}
+EXPORT_SYMBOL_GPL(copy_user_highpage_mc);
+#endif
diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
index 8ca8d9639f9f..c96274a4db40 100644
--- a/arch/arm64/mm/extable.c
+++ b/arch/arm64/mm/extable.c
@@ -17,6 +17,13 @@ get_ex_fixup(const struct exception_table_entry *ex)
 	return ((unsigned long)&ex->fixup + ex->fixup);
 }
 
+static bool ex_handler_fixup(const struct exception_table_entry *ex,
+			     struct pt_regs *regs)
+{
+	regs->pc = get_ex_fixup(ex);
+	return true;
+}
+
 static bool ex_handler_uaccess_err_zero(const struct exception_table_entry *ex,
 					struct pt_regs *regs)
 {
@@ -89,6 +96,8 @@ bool fixup_exception_mc(struct pt_regs *regs)
 	switch (ex->type) {
 	case EX_TYPE_UACCESS_ERR_ZERO:
 		return ex_handler_uaccess_err_zero(ex, regs);
+	case EX_TYPE_COPY_PAGE_MC:
+		return ex_handler_fixup(ex, regs);
 	}
 
 	return false;
diff --git a/include/linux/highmem.h b/include/linux/highmem.h
index 3af34de54330..6c19e6bc0746 100644
--- a/include/linux/highmem.h
+++ b/include/linux/highmem.h
@@ -308,6 +308,10 @@ static inline void copy_user_highpage(struct page *to, struct page *from,
 
 #endif
 
+#ifndef __HAVE_ARCH_COPY_USER_HIGHPAGE_MC
+#define copy_user_highpage_mc copy_user_highpage
+#endif
+
 #ifndef __HAVE_ARCH_COPY_HIGHPAGE
 
 static inline void copy_highpage(struct page *to, struct page *from)
@@ -323,6 +327,10 @@ static inline void copy_highpage(struct page *to, struct page *from)
 
 #endif
 
+#ifndef __HAVE_ARCH_COPY_HIGHPAGE_MC
+#define cop_highpage_mc copy_highpage
+#endif
+
 static inline void memcpy_page(struct page *dst_page, size_t dst_off,
 			       struct page *src_page, size_t src_off,
 			       size_t len)
diff --git a/mm/memory.c b/mm/memory.c
index 21dadf03f089..06408451ed38 100644
--- a/mm/memory.c
+++ b/mm/memory.c
@@ -2845,7 +2845,7 @@ static inline bool __wp_page_copy_user(struct page *dst, struct page *src,
 	unsigned long addr = vmf->address;
 
 	if (likely(src)) {
-		copy_user_highpage(dst, src, addr, vma);
+		copy_user_highpage_mc(dst, src, addr, vma);
 		return true;
 	}
 
-- 
2.25.1

[PATCH -next v5 8/8] arm64: add cow to machine check safe

[Tong Tiangen]

In the cow(copy on write) processing, the data of the user process is
copied, when hardware memory error is encountered during copy, only the
relevant processes are affected, so killing the user process and isolate
the user page with hardware memory errors is a more reasonable choice than
kernel panic.

Add new helper copy_page_mc() which provide a page copy implementation with
machine check safe. At present, only used in cow. In future, we can expand
more scenes. As long as the consequences of page copy failure are not
fatal(eg: only affect user process), we can use this helper.

The copy_page_mc() in copy_page_mc.S is largely borrows from copy_page()
in copy_page.S and the main difference is copy_page_mc() add extable entry
to every load/store insn to support machine check safe. largely to keep the
patch simple. If needed those optimizations can be folded in.

Add new extable type EX_TYPE_COPY_PAGE_MC which used in copy_page_mc().

Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
---
 arch/arm64/include/asm/asm-extable.h | 10 ++++
 arch/arm64/include/asm/mte.h         |  4 ++
 arch/arm64/include/asm/page.h        | 10 ++++
 arch/arm64/lib/Makefile              |  2 +
 arch/arm64/lib/copy_page_mc.S        | 82 ++++++++++++++++++++++++++++
 arch/arm64/lib/mte.S                 | 19 +++++++
 arch/arm64/mm/copypage.c             | 41 +++++++++++---
 arch/arm64/mm/extable.c              |  9 +++
 include/linux/highmem.h              |  8 +++
 mm/memory.c                          |  2 +-
 10 files changed, 179 insertions(+), 8 deletions(-)
 create mode 100644 arch/arm64/lib/copy_page_mc.S

diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
index 1f2974467273..6f626388c176 100644
--- a/arch/arm64/include/asm/asm-extable.h
+++ b/arch/arm64/include/asm/asm-extable.h
@@ -7,6 +7,7 @@
 #define EX_TYPE_UACCESS_ERR_ZERO	2
 #define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	3
 #define EX_TYPE_KACCESS_ERR_ZERO	4
+#define EX_TYPE_COPY_PAGE_MC		5
 
 #ifdef __ASSEMBLY__
 
@@ -27,6 +28,11 @@
 	.macro          _asm_extable_uaccess, insn, fixup
 	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
 	.endm
+
+	.macro          _asm_extable_copy_page_mc, insn, fixup
+	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_COPY_PAGE_MC, 0)
+	.endm
+
 /*
  * Create an exception table entry for `insn` if `fixup` is provided. Otherwise
  * do nothing.
@@ -37,6 +43,10 @@
 	.endif
 	.endm
 
+#define CPY_MC(l, x...)		\
+9999:   x;			\
+	_asm_extable_copy_page_mc    9999b, l
+
 #else /* __ASSEMBLY__ */
 
 #include <linux/bits.h>
diff --git a/arch/arm64/include/asm/mte.h b/arch/arm64/include/asm/mte.h
index aa523591a44e..b8129f64cfea 100644
--- a/arch/arm64/include/asm/mte.h
+++ b/arch/arm64/include/asm/mte.h
@@ -40,6 +40,7 @@ void mte_free_tag_storage(char *storage);
 void mte_zero_clear_page_tags(void *addr);
 void mte_sync_tags(pte_t old_pte, pte_t pte);
 void mte_copy_page_tags(void *kto, const void *kfrom);
+void mte_copy_page_tags_mc(void *kto, const void *kfrom);
 void mte_thread_init_user(void);
 void mte_thread_switch(struct task_struct *next);
 void mte_suspend_enter(void);
@@ -63,6 +64,9 @@ static inline void mte_sync_tags(pte_t old_pte, pte_t pte)
 static inline void mte_copy_page_tags(void *kto, const void *kfrom)
 {
 }
+static inline void mte_copy_page_tags_mc(void *kto, const void *kfrom)
+{
+}
 static inline void mte_thread_init_user(void)
 {
 }
diff --git a/arch/arm64/include/asm/page.h b/arch/arm64/include/asm/page.h
index 993a27ea6f54..832571a7dddb 100644
--- a/arch/arm64/include/asm/page.h
+++ b/arch/arm64/include/asm/page.h
@@ -29,6 +29,16 @@ void copy_user_highpage(struct page *to, struct page *from,
 void copy_highpage(struct page *to, struct page *from);
 #define __HAVE_ARCH_COPY_HIGHPAGE
 
+#ifdef CONFIG_ARCH_HAS_COPY_MC
+extern void copy_page_mc(void *to, const void *from);
+void copy_highpage_mc(struct page *to, struct page *from);
+#define __HAVE_ARCH_COPY_HIGHPAGE_MC
+
+void copy_user_highpage_mc(struct page *to, struct page *from,
+		unsigned long vaddr, struct vm_area_struct *vma);
+#define __HAVE_ARCH_COPY_USER_HIGHPAGE_MC
+#endif
+
 struct page *alloc_zeroed_user_highpage_movable(struct vm_area_struct *vma,
 						unsigned long vaddr);
 #define __HAVE_ARCH_ALLOC_ZEROED_USER_HIGHPAGE_MOVABLE
diff --git a/arch/arm64/lib/Makefile b/arch/arm64/lib/Makefile
index 29490be2546b..0d9f292ef68a 100644
--- a/arch/arm64/lib/Makefile
+++ b/arch/arm64/lib/Makefile
@@ -15,6 +15,8 @@ endif
 
 lib-$(CONFIG_ARCH_HAS_UACCESS_FLUSHCACHE) += uaccess_flushcache.o
 
+lib-$(CONFIG_ARCH_HAS_COPY_MC) += copy_page_mc.o
+
 obj-$(CONFIG_CRC32) += crc32.o
 
 obj-$(CONFIG_FUNCTION_ERROR_INJECTION) += error-inject.o
diff --git a/arch/arm64/lib/copy_page_mc.S b/arch/arm64/lib/copy_page_mc.S
new file mode 100644
index 000000000000..65fcad1dd7c8
--- /dev/null
+++ b/arch/arm64/lib/copy_page_mc.S
@@ -0,0 +1,82 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+/*
+ * Copyright (C) 2012 ARM Ltd.
+ */
+
+#include <linux/linkage.h>
+#include <linux/const.h>
+#include <asm/assembler.h>
+#include <asm/page.h>
+#include <asm/cpufeature.h>
+#include <asm/alternative.h>
+#include <asm/asm-extable.h>
+
+/*
+ * Copy a page from src to dest (both are page aligned) with machine check
+ *
+ * Parameters:
+ *	x0 - dest
+ *	x1 - src
+ */
+SYM_FUNC_START(__pi_copy_page_mc)
+alternative_if ARM64_HAS_NO_HW_PREFETCH
+	// Prefetch three cache lines ahead.
+	prfm	pldl1strm, [x1, #128]
+	prfm	pldl1strm, [x1, #256]
+	prfm	pldl1strm, [x1, #384]
+alternative_else_nop_endif
+
+CPY_MC(9998f, ldp	x2, x3, [x1])
+CPY_MC(9998f, ldp	x4, x5, [x1, #16])
+CPY_MC(9998f, ldp	x6, x7, [x1, #32])
+CPY_MC(9998f, ldp	x8, x9, [x1, #48])
+CPY_MC(9998f, ldp	x10, x11, [x1, #64])
+CPY_MC(9998f, ldp	x12, x13, [x1, #80])
+CPY_MC(9998f, ldp	x14, x15, [x1, #96])
+CPY_MC(9998f, ldp	x16, x17, [x1, #112])
+
+	add	x0, x0, #256
+	add	x1, x1, #128
+1:
+	tst	x0, #(PAGE_SIZE - 1)
+
+alternative_if ARM64_HAS_NO_HW_PREFETCH
+	prfm	pldl1strm, [x1, #384]
+alternative_else_nop_endif
+
+CPY_MC(9998f, stnp	x2, x3, [x0, #-256])
+CPY_MC(9998f, ldp	x2, x3, [x1])
+CPY_MC(9998f, stnp	x4, x5, [x0, #16 - 256])
+CPY_MC(9998f, ldp	x4, x5, [x1, #16])
+CPY_MC(9998f, stnp	x6, x7, [x0, #32 - 256])
+CPY_MC(9998f, ldp	x6, x7, [x1, #32])
+CPY_MC(9998f, stnp	x8, x9, [x0, #48 - 256])
+CPY_MC(9998f, ldp	x8, x9, [x1, #48])
+CPY_MC(9998f, stnp	x10, x11, [x0, #64 - 256])
+CPY_MC(9998f, ldp	x10, x11, [x1, #64])
+CPY_MC(9998f, stnp	x12, x13, [x0, #80 - 256])
+CPY_MC(9998f, ldp	x12, x13, [x1, #80])
+CPY_MC(9998f, stnp	x14, x15, [x0, #96 - 256])
+CPY_MC(9998f, ldp	x14, x15, [x1, #96])
+CPY_MC(9998f, stnp	x16, x17, [x0, #112 - 256])
+CPY_MC(9998f, ldp	x16, x17, [x1, #112])
+
+	add	x0, x0, #128
+	add	x1, x1, #128
+
+	b.ne	1b
+
+CPY_MC(9998f, stnp	x2, x3, [x0, #-256])
+CPY_MC(9998f, stnp	x4, x5, [x0, #16 - 256])
+CPY_MC(9998f, stnp	x6, x7, [x0, #32 - 256])
+CPY_MC(9998f, stnp	x8, x9, [x0, #48 - 256])
+CPY_MC(9998f, stnp	x10, x11, [x0, #64 - 256])
+CPY_MC(9998f, stnp	x12, x13, [x0, #80 - 256])
+CPY_MC(9998f, stnp	x14, x15, [x0, #96 - 256])
+CPY_MC(9998f, stnp	x16, x17, [x0, #112 - 256])
+
+9998:	ret
+
+SYM_FUNC_END(__pi_copy_page_mc)
+SYM_FUNC_ALIAS(copy_page_mc, __pi_copy_page_mc)
+EXPORT_SYMBOL(copy_page_mc)
diff --git a/arch/arm64/lib/mte.S b/arch/arm64/lib/mte.S
index eeb9e45bcce8..cf728a9f39b5 100644
--- a/arch/arm64/lib/mte.S
+++ b/arch/arm64/lib/mte.S
@@ -80,6 +80,25 @@ SYM_FUNC_START(mte_copy_page_tags)
 	ret
 SYM_FUNC_END(mte_copy_page_tags)
 
+/*
+ * Copy the tags from the source page to the destination one wiht machine check safe
+ *   x0 - address of the destination page
+ *   x1 - address of the source page
+ */
+SYM_FUNC_START(mte_copy_page_tags_mc)
+	mov	x2, x0
+	mov	x3, x1
+	multitag_transfer_size x5, x6
+1:
+CPY_MC(2f, ldgm	x4, [x3])
+	stgm	x4, [x2]
+	add	x2, x2, x5
+	add	x3, x3, x5
+	tst	x2, #(PAGE_SIZE - 1)
+	b.ne	1b
+2:	ret
+SYM_FUNC_END(mte_copy_page_tags_mc)
+
 /*
  * Read tags from a user buffer (one tag per byte) and set the corresponding
  * tags at the given kernel address. Used by PTRACE_POKEMTETAGS.
diff --git a/arch/arm64/mm/copypage.c b/arch/arm64/mm/copypage.c
index 0dea80bf6de4..d68c5fc753a2 100644
--- a/arch/arm64/mm/copypage.c
+++ b/arch/arm64/mm/copypage.c
@@ -14,13 +14,8 @@
 #include <asm/cpufeature.h>
 #include <asm/mte.h>
 
-void copy_highpage(struct page *to, struct page *from)
+static void do_mte(struct page *to, struct page *from, void *kto, void *kfrom, bool mc)
 {
-	void *kto = page_address(to);
-	void *kfrom = page_address(from);
-
-	copy_page(kto, kfrom);
-
 	if (system_supports_mte() && test_bit(PG_mte_tagged, &from->flags)) {
 		set_bit(PG_mte_tagged, &to->flags);
 		page_kasan_tag_reset(to);
@@ -32,9 +27,21 @@ void copy_highpage(struct page *to, struct page *from)
 		 * the new page->flags are visible before the tags were updated.
 		 */
 		smp_wmb();
-		mte_copy_page_tags(kto, kfrom);
+		if (mc)
+			mte_copy_page_tags_mc(kto, kfrom);
+		else
+			mte_copy_page_tags(kto, kfrom);
 	}
 }
+
+void copy_highpage(struct page *to, struct page *from)
+{
+	void *kto = page_address(to);
+	void *kfrom = page_address(from);
+
+	copy_page(kto, kfrom);
+	do_mte(to, from, kto, kfrom, false);
+}
 EXPORT_SYMBOL(copy_highpage);
 
 void copy_user_highpage(struct page *to, struct page *from,
@@ -44,3 +51,23 @@ void copy_user_highpage(struct page *to, struct page *from,
 	flush_dcache_page(to);
 }
 EXPORT_SYMBOL_GPL(copy_user_highpage);
+
+#ifdef CONFIG_ARCH_HAS_COPY_MC
+void copy_highpage_mc(struct page *to, struct page *from)
+{
+	void *kto = page_address(to);
+	void *kfrom = page_address(from);
+
+	copy_page_mc(kto, kfrom);
+	do_mte(to, from, kto, kfrom, true);
+}
+EXPORT_SYMBOL(copy_highpage_mc);
+
+void copy_user_highpage_mc(struct page *to, struct page *from,
+			unsigned long vaddr, struct vm_area_struct *vma)
+{
+	copy_highpage_mc(to, from);
+	flush_dcache_page(to);
+}
+EXPORT_SYMBOL_GPL(copy_user_highpage_mc);
+#endif
diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
index 8ca8d9639f9f..c96274a4db40 100644
--- a/arch/arm64/mm/extable.c
+++ b/arch/arm64/mm/extable.c
@@ -17,6 +17,13 @@ get_ex_fixup(const struct exception_table_entry *ex)
 	return ((unsigned long)&ex->fixup + ex->fixup);
 }
 
+static bool ex_handler_fixup(const struct exception_table_entry *ex,
+			     struct pt_regs *regs)
+{
+	regs->pc = get_ex_fixup(ex);
+	return true;
+}
+
 static bool ex_handler_uaccess_err_zero(const struct exception_table_entry *ex,
 					struct pt_regs *regs)
 {
@@ -89,6 +96,8 @@ bool fixup_exception_mc(struct pt_regs *regs)
 	switch (ex->type) {
 	case EX_TYPE_UACCESS_ERR_ZERO:
 		return ex_handler_uaccess_err_zero(ex, regs);
+	case EX_TYPE_COPY_PAGE_MC:
+		return ex_handler_fixup(ex, regs);
 	}
 
 	return false;
diff --git a/include/linux/highmem.h b/include/linux/highmem.h
index 3af34de54330..6c19e6bc0746 100644
--- a/include/linux/highmem.h
+++ b/include/linux/highmem.h
@@ -308,6 +308,10 @@ static inline void copy_user_highpage(struct page *to, struct page *from,
 
 #endif
 
+#ifndef __HAVE_ARCH_COPY_USER_HIGHPAGE_MC
+#define copy_user_highpage_mc copy_user_highpage
+#endif
+
 #ifndef __HAVE_ARCH_COPY_HIGHPAGE
 
 static inline void copy_highpage(struct page *to, struct page *from)
@@ -323,6 +327,10 @@ static inline void copy_highpage(struct page *to, struct page *from)
 
 #endif
 
+#ifndef __HAVE_ARCH_COPY_HIGHPAGE_MC
+#define cop_highpage_mc copy_highpage
+#endif
+
 static inline void memcpy_page(struct page *dst_page, size_t dst_off,
 			       struct page *src_page, size_t src_off,
 			       size_t len)
diff --git a/mm/memory.c b/mm/memory.c
index 21dadf03f089..06408451ed38 100644
--- a/mm/memory.c
+++ b/mm/memory.c
@@ -2845,7 +2845,7 @@ static inline bool __wp_page_copy_user(struct page *dst, struct page *src,
 	unsigned long addr = vmf->address;
 
 	if (likely(src)) {
-		copy_user_highpage(dst, src, addr, vma);
+		copy_user_highpage_mc(dst, src, addr, vma);
 		return true;
 	}
 
-- 
2.25.1


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH -next v5 1/8] arm64: extable: add new extable type EX_TYPE_KACCESS_ERR_ZERO support

[Mark Rutland]

On Sat, May 28, 2022 at 06:50:49AM +0000, Tong Tiangen wrote:
> Currently, The extable type EX_TYPE_UACCESS_ERR_ZERO is used by
> __get/put_kernel_nofault(), but those helpers are not uaccess type, so we
> add a new extable type EX_TYPE_KACCESS_ERR_ZERO which can be used by
> __get/put_kernel_no_fault().
> 
> This is also to prepare for distinguishing the two types in machine check
> safe process.
> 
> Suggested-by: Mark Rutland <mark.rutland@arm.com>
> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>

This looks good to me, so modulo one nit below:

Acked-by: Mark Rutland <mark.rutland@arm.com>

> ---
>  arch/arm64/include/asm/asm-extable.h | 13 ++++
>  arch/arm64/include/asm/uaccess.h     | 94 ++++++++++++++--------------
>  arch/arm64/mm/extable.c              |  1 +
>  3 files changed, 61 insertions(+), 47 deletions(-)
> 
> diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
> index c39f2437e08e..56ebe183e78b 100644
> --- a/arch/arm64/include/asm/asm-extable.h
> +++ b/arch/arm64/include/asm/asm-extable.h
> @@ -7,6 +7,7 @@
>  #define EX_TYPE_BPF			2
>  #define EX_TYPE_UACCESS_ERR_ZERO	3
>  #define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	4
> +#define EX_TYPE_KACCESS_ERR_ZERO	5

Could we please renumber this so the UACCESS and KACCESS definitions are next
to one another, i.e.

#define EX_TYPE_BPF			2
#define EX_TYPE_UACCESS_ERR_ZERO	3
#define EX_TYPE_KACCESS_ERR_ZERO	4
#define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	5

Thanks,
Mark.

>  
>  #ifdef __ASSEMBLY__
>  
> @@ -73,9 +74,21 @@
>  			    EX_DATA_REG(ZERO, zero)			\
>  			  ")")
>  
> +#define _ASM_EXTABLE_KACCESS_ERR_ZERO(insn, fixup, err, zero)		\
> +	__DEFINE_ASM_GPR_NUMS						\
> +	__ASM_EXTABLE_RAW(#insn, #fixup, 				\
> +			  __stringify(EX_TYPE_KACCESS_ERR_ZERO),	\
> +			  "("						\
> +			    EX_DATA_REG(ERR, err) " | "			\
> +			    EX_DATA_REG(ZERO, zero)			\
> +			  ")")
> +
>  #define _ASM_EXTABLE_UACCESS_ERR(insn, fixup, err)			\
>  	_ASM_EXTABLE_UACCESS_ERR_ZERO(insn, fixup, err, wzr)
>  
> +#define _ASM_EXTABLE_KACCESS_ERR(insn, fixup, err)			\
> +	_ASM_EXTABLE_KACCESS_ERR_ZERO(insn, fixup, err, wzr)
> +
>  #define EX_DATA_REG_DATA_SHIFT	0
>  #define EX_DATA_REG_DATA	GENMASK(4, 0)
>  #define EX_DATA_REG_ADDR_SHIFT	5
> diff --git a/arch/arm64/include/asm/uaccess.h b/arch/arm64/include/asm/uaccess.h
> index 63f9c828f1a7..2fc9f0861769 100644
> --- a/arch/arm64/include/asm/uaccess.h
> +++ b/arch/arm64/include/asm/uaccess.h
> @@ -232,34 +232,34 @@ static inline void __user *__uaccess_mask_ptr(const void __user *ptr)
>   * The "__xxx_error" versions set the third argument to -EFAULT if an error
>   * occurs, and leave it unchanged on success.
>   */
> -#define __get_mem_asm(load, reg, x, addr, err)				\
> +#define __get_mem_asm(load, reg, x, addr, err, type)			\
>  	asm volatile(							\
>  	"1:	" load "	" reg "1, [%2]\n"			\
>  	"2:\n"								\
> -	_ASM_EXTABLE_UACCESS_ERR_ZERO(1b, 2b, %w0, %w1)			\
> +	_ASM_EXTABLE_##type##ACCESS_ERR_ZERO(1b, 2b, %w0, %w1)		\
>  	: "+r" (err), "=&r" (x)						\
>  	: "r" (addr))
>  
> -#define __raw_get_mem(ldr, x, ptr, err)					\
> -do {									\
> -	unsigned long __gu_val;						\
> -	switch (sizeof(*(ptr))) {					\
> -	case 1:								\
> -		__get_mem_asm(ldr "b", "%w", __gu_val, (ptr), (err));	\
> -		break;							\
> -	case 2:								\
> -		__get_mem_asm(ldr "h", "%w", __gu_val, (ptr), (err));	\
> -		break;							\
> -	case 4:								\
> -		__get_mem_asm(ldr, "%w", __gu_val, (ptr), (err));	\
> -		break;							\
> -	case 8:								\
> -		__get_mem_asm(ldr, "%x",  __gu_val, (ptr), (err));	\
> -		break;							\
> -	default:							\
> -		BUILD_BUG();						\
> -	}								\
> -	(x) = (__force __typeof__(*(ptr)))__gu_val;			\
> +#define __raw_get_mem(ldr, x, ptr, err, type)					\
> +do {										\
> +	unsigned long __gu_val;							\
> +	switch (sizeof(*(ptr))) {						\
> +	case 1:									\
> +		__get_mem_asm(ldr "b", "%w", __gu_val, (ptr), (err), type);	\
> +		break;								\
> +	case 2:									\
> +		__get_mem_asm(ldr "h", "%w", __gu_val, (ptr), (err), type);	\
> +		break;								\
> +	case 4:									\
> +		__get_mem_asm(ldr, "%w", __gu_val, (ptr), (err), type);		\
> +		break;								\
> +	case 8:									\
> +		__get_mem_asm(ldr, "%x",  __gu_val, (ptr), (err), type);	\
> +		break;								\
> +	default:								\
> +		BUILD_BUG();							\
> +	}									\
> +	(x) = (__force __typeof__(*(ptr)))__gu_val;				\
>  } while (0)
>  
>  /*
> @@ -274,7 +274,7 @@ do {									\
>  	__chk_user_ptr(ptr);						\
>  									\
>  	uaccess_ttbr0_enable();						\
> -	__raw_get_mem("ldtr", __rgu_val, __rgu_ptr, err);		\
> +	__raw_get_mem("ldtr", __rgu_val, __rgu_ptr, err, U);		\
>  	uaccess_ttbr0_disable();					\
>  									\
>  	(x) = __rgu_val;						\
> @@ -314,40 +314,40 @@ do {									\
>  									\
>  	__uaccess_enable_tco_async();					\
>  	__raw_get_mem("ldr", *((type *)(__gkn_dst)),			\
> -		      (__force type *)(__gkn_src), __gkn_err);		\
> +		      (__force type *)(__gkn_src), __gkn_err, K);	\
>  	__uaccess_disable_tco_async();					\
>  									\
>  	if (unlikely(__gkn_err))					\
>  		goto err_label;						\
>  } while (0)
>  
> -#define __put_mem_asm(store, reg, x, addr, err)				\
> +#define __put_mem_asm(store, reg, x, addr, err, type)			\
>  	asm volatile(							\
>  	"1:	" store "	" reg "1, [%2]\n"			\
>  	"2:\n"								\
> -	_ASM_EXTABLE_UACCESS_ERR(1b, 2b, %w0)				\
> +	_ASM_EXTABLE_##type##ACCESS_ERR(1b, 2b, %w0)			\
>  	: "+r" (err)							\
>  	: "r" (x), "r" (addr))
>  
> -#define __raw_put_mem(str, x, ptr, err)					\
> -do {									\
> -	__typeof__(*(ptr)) __pu_val = (x);				\
> -	switch (sizeof(*(ptr))) {					\
> -	case 1:								\
> -		__put_mem_asm(str "b", "%w", __pu_val, (ptr), (err));	\
> -		break;							\
> -	case 2:								\
> -		__put_mem_asm(str "h", "%w", __pu_val, (ptr), (err));	\
> -		break;							\
> -	case 4:								\
> -		__put_mem_asm(str, "%w", __pu_val, (ptr), (err));	\
> -		break;							\
> -	case 8:								\
> -		__put_mem_asm(str, "%x", __pu_val, (ptr), (err));	\
> -		break;							\
> -	default:							\
> -		BUILD_BUG();						\
> -	}								\
> +#define __raw_put_mem(str, x, ptr, err, type)					\
> +do {										\
> +	__typeof__(*(ptr)) __pu_val = (x);					\
> +	switch (sizeof(*(ptr))) {						\
> +	case 1:									\
> +		__put_mem_asm(str "b", "%w", __pu_val, (ptr), (err), type);	\
> +		break;								\
> +	case 2:									\
> +		__put_mem_asm(str "h", "%w", __pu_val, (ptr), (err), type);	\
> +		break;								\
> +	case 4:									\
> +		__put_mem_asm(str, "%w", __pu_val, (ptr), (err), type);		\
> +		break;								\
> +	case 8:									\
> +		__put_mem_asm(str, "%x", __pu_val, (ptr), (err), type);		\
> +		break;								\
> +	default:								\
> +		BUILD_BUG();							\
> +	}									\
>  } while (0)
>  
>  /*
> @@ -362,7 +362,7 @@ do {									\
>  	__chk_user_ptr(__rpu_ptr);					\
>  									\
>  	uaccess_ttbr0_enable();						\
> -	__raw_put_mem("sttr", __rpu_val, __rpu_ptr, err);		\
> +	__raw_put_mem("sttr", __rpu_val, __rpu_ptr, err, U);		\
>  	uaccess_ttbr0_disable();					\
>  } while (0)
>  
> @@ -400,7 +400,7 @@ do {									\
>  									\
>  	__uaccess_enable_tco_async();					\
>  	__raw_put_mem("str", *((type *)(__pkn_src)),			\
> -		      (__force type *)(__pkn_dst), __pkn_err);		\
> +		      (__force type *)(__pkn_dst), __pkn_err, K);	\
>  	__uaccess_disable_tco_async();					\
>  									\
>  	if (unlikely(__pkn_err))					\
> diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
> index 489455309695..056591e5ca80 100644
> --- a/arch/arm64/mm/extable.c
> +++ b/arch/arm64/mm/extable.c
> @@ -77,6 +77,7 @@ bool fixup_exception(struct pt_regs *regs)
>  	case EX_TYPE_BPF:
>  		return ex_handler_bpf(ex, regs);
>  	case EX_TYPE_UACCESS_ERR_ZERO:
> +	case EX_TYPE_KACCESS_ERR_ZERO:
>  		return ex_handler_uaccess_err_zero(ex, regs);
>  	case EX_TYPE_LOAD_UNALIGNED_ZEROPAD:
>  		return ex_handler_load_unaligned_zeropad(ex, regs);
> -- 
> 2.25.1
> 

Re: [PATCH -next v5 1/8] arm64: extable: add new extable type EX_TYPE_KACCESS_ERR_ZERO support

[Mark Rutland]

On Sat, May 28, 2022 at 06:50:49AM +0000, Tong Tiangen wrote:
> Currently, The extable type EX_TYPE_UACCESS_ERR_ZERO is used by
> __get/put_kernel_nofault(), but those helpers are not uaccess type, so we
> add a new extable type EX_TYPE_KACCESS_ERR_ZERO which can be used by
> __get/put_kernel_no_fault().
> 
> This is also to prepare for distinguishing the two types in machine check
> safe process.
> 
> Suggested-by: Mark Rutland <mark.rutland@arm.com>
> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>

This looks good to me, so modulo one nit below:

Acked-by: Mark Rutland <mark.rutland@arm.com>

> ---
>  arch/arm64/include/asm/asm-extable.h | 13 ++++
>  arch/arm64/include/asm/uaccess.h     | 94 ++++++++++++++--------------
>  arch/arm64/mm/extable.c              |  1 +
>  3 files changed, 61 insertions(+), 47 deletions(-)
> 
> diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
> index c39f2437e08e..56ebe183e78b 100644
> --- a/arch/arm64/include/asm/asm-extable.h
> +++ b/arch/arm64/include/asm/asm-extable.h
> @@ -7,6 +7,7 @@
>  #define EX_TYPE_BPF			2
>  #define EX_TYPE_UACCESS_ERR_ZERO	3
>  #define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	4
> +#define EX_TYPE_KACCESS_ERR_ZERO	5

Could we please renumber this so the UACCESS and KACCESS definitions are next
to one another, i.e.

#define EX_TYPE_BPF			2
#define EX_TYPE_UACCESS_ERR_ZERO	3
#define EX_TYPE_KACCESS_ERR_ZERO	4
#define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	5

Thanks,
Mark.

>  
>  #ifdef __ASSEMBLY__
>  
> @@ -73,9 +74,21 @@
>  			    EX_DATA_REG(ZERO, zero)			\
>  			  ")")
>  
> +#define _ASM_EXTABLE_KACCESS_ERR_ZERO(insn, fixup, err, zero)		\
> +	__DEFINE_ASM_GPR_NUMS						\
> +	__ASM_EXTABLE_RAW(#insn, #fixup, 				\
> +			  __stringify(EX_TYPE_KACCESS_ERR_ZERO),	\
> +			  "("						\
> +			    EX_DATA_REG(ERR, err) " | "			\
> +			    EX_DATA_REG(ZERO, zero)			\
> +			  ")")
> +
>  #define _ASM_EXTABLE_UACCESS_ERR(insn, fixup, err)			\
>  	_ASM_EXTABLE_UACCESS_ERR_ZERO(insn, fixup, err, wzr)
>  
> +#define _ASM_EXTABLE_KACCESS_ERR(insn, fixup, err)			\
> +	_ASM_EXTABLE_KACCESS_ERR_ZERO(insn, fixup, err, wzr)
> +
>  #define EX_DATA_REG_DATA_SHIFT	0
>  #define EX_DATA_REG_DATA	GENMASK(4, 0)
>  #define EX_DATA_REG_ADDR_SHIFT	5
> diff --git a/arch/arm64/include/asm/uaccess.h b/arch/arm64/include/asm/uaccess.h
> index 63f9c828f1a7..2fc9f0861769 100644
> --- a/arch/arm64/include/asm/uaccess.h
> +++ b/arch/arm64/include/asm/uaccess.h
> @@ -232,34 +232,34 @@ static inline void __user *__uaccess_mask_ptr(const void __user *ptr)
>   * The "__xxx_error" versions set the third argument to -EFAULT if an error
>   * occurs, and leave it unchanged on success.
>   */
> -#define __get_mem_asm(load, reg, x, addr, err)				\
> +#define __get_mem_asm(load, reg, x, addr, err, type)			\
>  	asm volatile(							\
>  	"1:	" load "	" reg "1, [%2]\n"			\
>  	"2:\n"								\
> -	_ASM_EXTABLE_UACCESS_ERR_ZERO(1b, 2b, %w0, %w1)			\
> +	_ASM_EXTABLE_##type##ACCESS_ERR_ZERO(1b, 2b, %w0, %w1)		\
>  	: "+r" (err), "=&r" (x)						\
>  	: "r" (addr))
>  
> -#define __raw_get_mem(ldr, x, ptr, err)					\
> -do {									\
> -	unsigned long __gu_val;						\
> -	switch (sizeof(*(ptr))) {					\
> -	case 1:								\
> -		__get_mem_asm(ldr "b", "%w", __gu_val, (ptr), (err));	\
> -		break;							\
> -	case 2:								\
> -		__get_mem_asm(ldr "h", "%w", __gu_val, (ptr), (err));	\
> -		break;							\
> -	case 4:								\
> -		__get_mem_asm(ldr, "%w", __gu_val, (ptr), (err));	\
> -		break;							\
> -	case 8:								\
> -		__get_mem_asm(ldr, "%x",  __gu_val, (ptr), (err));	\
> -		break;							\
> -	default:							\
> -		BUILD_BUG();						\
> -	}								\
> -	(x) = (__force __typeof__(*(ptr)))__gu_val;			\
> +#define __raw_get_mem(ldr, x, ptr, err, type)					\
> +do {										\
> +	unsigned long __gu_val;							\
> +	switch (sizeof(*(ptr))) {						\
> +	case 1:									\
> +		__get_mem_asm(ldr "b", "%w", __gu_val, (ptr), (err), type);	\
> +		break;								\
> +	case 2:									\
> +		__get_mem_asm(ldr "h", "%w", __gu_val, (ptr), (err), type);	\
> +		break;								\
> +	case 4:									\
> +		__get_mem_asm(ldr, "%w", __gu_val, (ptr), (err), type);		\
> +		break;								\
> +	case 8:									\
> +		__get_mem_asm(ldr, "%x",  __gu_val, (ptr), (err), type);	\
> +		break;								\
> +	default:								\
> +		BUILD_BUG();							\
> +	}									\
> +	(x) = (__force __typeof__(*(ptr)))__gu_val;				\
>  } while (0)
>  
>  /*
> @@ -274,7 +274,7 @@ do {									\
>  	__chk_user_ptr(ptr);						\
>  									\
>  	uaccess_ttbr0_enable();						\
> -	__raw_get_mem("ldtr", __rgu_val, __rgu_ptr, err);		\
> +	__raw_get_mem("ldtr", __rgu_val, __rgu_ptr, err, U);		\
>  	uaccess_ttbr0_disable();					\
>  									\
>  	(x) = __rgu_val;						\
> @@ -314,40 +314,40 @@ do {									\
>  									\
>  	__uaccess_enable_tco_async();					\
>  	__raw_get_mem("ldr", *((type *)(__gkn_dst)),			\
> -		      (__force type *)(__gkn_src), __gkn_err);		\
> +		      (__force type *)(__gkn_src), __gkn_err, K);	\
>  	__uaccess_disable_tco_async();					\
>  									\
>  	if (unlikely(__gkn_err))					\
>  		goto err_label;						\
>  } while (0)
>  
> -#define __put_mem_asm(store, reg, x, addr, err)				\
> +#define __put_mem_asm(store, reg, x, addr, err, type)			\
>  	asm volatile(							\
>  	"1:	" store "	" reg "1, [%2]\n"			\
>  	"2:\n"								\
> -	_ASM_EXTABLE_UACCESS_ERR(1b, 2b, %w0)				\
> +	_ASM_EXTABLE_##type##ACCESS_ERR(1b, 2b, %w0)			\
>  	: "+r" (err)							\
>  	: "r" (x), "r" (addr))
>  
> -#define __raw_put_mem(str, x, ptr, err)					\
> -do {									\
> -	__typeof__(*(ptr)) __pu_val = (x);				\
> -	switch (sizeof(*(ptr))) {					\
> -	case 1:								\
> -		__put_mem_asm(str "b", "%w", __pu_val, (ptr), (err));	\
> -		break;							\
> -	case 2:								\
> -		__put_mem_asm(str "h", "%w", __pu_val, (ptr), (err));	\
> -		break;							\
> -	case 4:								\
> -		__put_mem_asm(str, "%w", __pu_val, (ptr), (err));	\
> -		break;							\
> -	case 8:								\
> -		__put_mem_asm(str, "%x", __pu_val, (ptr), (err));	\
> -		break;							\
> -	default:							\
> -		BUILD_BUG();						\
> -	}								\
> +#define __raw_put_mem(str, x, ptr, err, type)					\
> +do {										\
> +	__typeof__(*(ptr)) __pu_val = (x);					\
> +	switch (sizeof(*(ptr))) {						\
> +	case 1:									\
> +		__put_mem_asm(str "b", "%w", __pu_val, (ptr), (err), type);	\
> +		break;								\
> +	case 2:									\
> +		__put_mem_asm(str "h", "%w", __pu_val, (ptr), (err), type);	\
> +		break;								\
> +	case 4:									\
> +		__put_mem_asm(str, "%w", __pu_val, (ptr), (err), type);		\
> +		break;								\
> +	case 8:									\
> +		__put_mem_asm(str, "%x", __pu_val, (ptr), (err), type);		\
> +		break;								\
> +	default:								\
> +		BUILD_BUG();							\
> +	}									\
>  } while (0)
>  
>  /*
> @@ -362,7 +362,7 @@ do {									\
>  	__chk_user_ptr(__rpu_ptr);					\
>  									\
>  	uaccess_ttbr0_enable();						\
> -	__raw_put_mem("sttr", __rpu_val, __rpu_ptr, err);		\
> +	__raw_put_mem("sttr", __rpu_val, __rpu_ptr, err, U);		\
>  	uaccess_ttbr0_disable();					\
>  } while (0)
>  
> @@ -400,7 +400,7 @@ do {									\
>  									\
>  	__uaccess_enable_tco_async();					\
>  	__raw_put_mem("str", *((type *)(__pkn_src)),			\
> -		      (__force type *)(__pkn_dst), __pkn_err);		\
> +		      (__force type *)(__pkn_dst), __pkn_err, K);	\
>  	__uaccess_disable_tco_async();					\
>  									\
>  	if (unlikely(__pkn_err))					\
> diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
> index 489455309695..056591e5ca80 100644
> --- a/arch/arm64/mm/extable.c
> +++ b/arch/arm64/mm/extable.c
> @@ -77,6 +77,7 @@ bool fixup_exception(struct pt_regs *regs)
>  	case EX_TYPE_BPF:
>  		return ex_handler_bpf(ex, regs);
>  	case EX_TYPE_UACCESS_ERR_ZERO:
> +	case EX_TYPE_KACCESS_ERR_ZERO:
>  		return ex_handler_uaccess_err_zero(ex, regs);
>  	case EX_TYPE_LOAD_UNALIGNED_ZEROPAD:
>  		return ex_handler_load_unaligned_zeropad(ex, regs);
> -- 
> 2.25.1
> 

Re: [PATCH -next v5 1/8] arm64: extable: add new extable type EX_TYPE_KACCESS_ERR_ZERO support

[Mark Rutland]

On Sat, May 28, 2022 at 06:50:49AM +0000, Tong Tiangen wrote:
> Currently, The extable type EX_TYPE_UACCESS_ERR_ZERO is used by
> __get/put_kernel_nofault(), but those helpers are not uaccess type, so we
> add a new extable type EX_TYPE_KACCESS_ERR_ZERO which can be used by
> __get/put_kernel_no_fault().
> 
> This is also to prepare for distinguishing the two types in machine check
> safe process.
> 
> Suggested-by: Mark Rutland <mark.rutland@arm.com>
> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>

This looks good to me, so modulo one nit below:

Acked-by: Mark Rutland <mark.rutland@arm.com>

> ---
>  arch/arm64/include/asm/asm-extable.h | 13 ++++
>  arch/arm64/include/asm/uaccess.h     | 94 ++++++++++++++--------------
>  arch/arm64/mm/extable.c              |  1 +
>  3 files changed, 61 insertions(+), 47 deletions(-)
> 
> diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
> index c39f2437e08e..56ebe183e78b 100644
> --- a/arch/arm64/include/asm/asm-extable.h
> +++ b/arch/arm64/include/asm/asm-extable.h
> @@ -7,6 +7,7 @@
>  #define EX_TYPE_BPF			2
>  #define EX_TYPE_UACCESS_ERR_ZERO	3
>  #define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	4
> +#define EX_TYPE_KACCESS_ERR_ZERO	5

Could we please renumber this so the UACCESS and KACCESS definitions are next
to one another, i.e.

#define EX_TYPE_BPF			2
#define EX_TYPE_UACCESS_ERR_ZERO	3
#define EX_TYPE_KACCESS_ERR_ZERO	4
#define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	5

Thanks,
Mark.

>  
>  #ifdef __ASSEMBLY__
>  
> @@ -73,9 +74,21 @@
>  			    EX_DATA_REG(ZERO, zero)			\
>  			  ")")
>  
> +#define _ASM_EXTABLE_KACCESS_ERR_ZERO(insn, fixup, err, zero)		\
> +	__DEFINE_ASM_GPR_NUMS						\
> +	__ASM_EXTABLE_RAW(#insn, #fixup, 				\
> +			  __stringify(EX_TYPE_KACCESS_ERR_ZERO),	\
> +			  "("						\
> +			    EX_DATA_REG(ERR, err) " | "			\
> +			    EX_DATA_REG(ZERO, zero)			\
> +			  ")")
> +
>  #define _ASM_EXTABLE_UACCESS_ERR(insn, fixup, err)			\
>  	_ASM_EXTABLE_UACCESS_ERR_ZERO(insn, fixup, err, wzr)
>  
> +#define _ASM_EXTABLE_KACCESS_ERR(insn, fixup, err)			\
> +	_ASM_EXTABLE_KACCESS_ERR_ZERO(insn, fixup, err, wzr)
> +
>  #define EX_DATA_REG_DATA_SHIFT	0
>  #define EX_DATA_REG_DATA	GENMASK(4, 0)
>  #define EX_DATA_REG_ADDR_SHIFT	5
> diff --git a/arch/arm64/include/asm/uaccess.h b/arch/arm64/include/asm/uaccess.h
> index 63f9c828f1a7..2fc9f0861769 100644
> --- a/arch/arm64/include/asm/uaccess.h
> +++ b/arch/arm64/include/asm/uaccess.h
> @@ -232,34 +232,34 @@ static inline void __user *__uaccess_mask_ptr(const void __user *ptr)
>   * The "__xxx_error" versions set the third argument to -EFAULT if an error
>   * occurs, and leave it unchanged on success.
>   */
> -#define __get_mem_asm(load, reg, x, addr, err)				\
> +#define __get_mem_asm(load, reg, x, addr, err, type)			\
>  	asm volatile(							\
>  	"1:	" load "	" reg "1, [%2]\n"			\
>  	"2:\n"								\
> -	_ASM_EXTABLE_UACCESS_ERR_ZERO(1b, 2b, %w0, %w1)			\
> +	_ASM_EXTABLE_##type##ACCESS_ERR_ZERO(1b, 2b, %w0, %w1)		\
>  	: "+r" (err), "=&r" (x)						\
>  	: "r" (addr))
>  
> -#define __raw_get_mem(ldr, x, ptr, err)					\
> -do {									\
> -	unsigned long __gu_val;						\
> -	switch (sizeof(*(ptr))) {					\
> -	case 1:								\
> -		__get_mem_asm(ldr "b", "%w", __gu_val, (ptr), (err));	\
> -		break;							\
> -	case 2:								\
> -		__get_mem_asm(ldr "h", "%w", __gu_val, (ptr), (err));	\
> -		break;							\
> -	case 4:								\
> -		__get_mem_asm(ldr, "%w", __gu_val, (ptr), (err));	\
> -		break;							\
> -	case 8:								\
> -		__get_mem_asm(ldr, "%x",  __gu_val, (ptr), (err));	\
> -		break;							\
> -	default:							\
> -		BUILD_BUG();						\
> -	}								\
> -	(x) = (__force __typeof__(*(ptr)))__gu_val;			\
> +#define __raw_get_mem(ldr, x, ptr, err, type)					\
> +do {										\
> +	unsigned long __gu_val;							\
> +	switch (sizeof(*(ptr))) {						\
> +	case 1:									\
> +		__get_mem_asm(ldr "b", "%w", __gu_val, (ptr), (err), type);	\
> +		break;								\
> +	case 2:									\
> +		__get_mem_asm(ldr "h", "%w", __gu_val, (ptr), (err), type);	\
> +		break;								\
> +	case 4:									\
> +		__get_mem_asm(ldr, "%w", __gu_val, (ptr), (err), type);		\
> +		break;								\
> +	case 8:									\
> +		__get_mem_asm(ldr, "%x",  __gu_val, (ptr), (err), type);	\
> +		break;								\
> +	default:								\
> +		BUILD_BUG();							\
> +	}									\
> +	(x) = (__force __typeof__(*(ptr)))__gu_val;				\
>  } while (0)
>  
>  /*
> @@ -274,7 +274,7 @@ do {									\
>  	__chk_user_ptr(ptr);						\
>  									\
>  	uaccess_ttbr0_enable();						\
> -	__raw_get_mem("ldtr", __rgu_val, __rgu_ptr, err);		\
> +	__raw_get_mem("ldtr", __rgu_val, __rgu_ptr, err, U);		\
>  	uaccess_ttbr0_disable();					\
>  									\
>  	(x) = __rgu_val;						\
> @@ -314,40 +314,40 @@ do {									\
>  									\
>  	__uaccess_enable_tco_async();					\
>  	__raw_get_mem("ldr", *((type *)(__gkn_dst)),			\
> -		      (__force type *)(__gkn_src), __gkn_err);		\
> +		      (__force type *)(__gkn_src), __gkn_err, K);	\
>  	__uaccess_disable_tco_async();					\
>  									\
>  	if (unlikely(__gkn_err))					\
>  		goto err_label;						\
>  } while (0)
>  
> -#define __put_mem_asm(store, reg, x, addr, err)				\
> +#define __put_mem_asm(store, reg, x, addr, err, type)			\
>  	asm volatile(							\
>  	"1:	" store "	" reg "1, [%2]\n"			\
>  	"2:\n"								\
> -	_ASM_EXTABLE_UACCESS_ERR(1b, 2b, %w0)				\
> +	_ASM_EXTABLE_##type##ACCESS_ERR(1b, 2b, %w0)			\
>  	: "+r" (err)							\
>  	: "r" (x), "r" (addr))
>  
> -#define __raw_put_mem(str, x, ptr, err)					\
> -do {									\
> -	__typeof__(*(ptr)) __pu_val = (x);				\
> -	switch (sizeof(*(ptr))) {					\
> -	case 1:								\
> -		__put_mem_asm(str "b", "%w", __pu_val, (ptr), (err));	\
> -		break;							\
> -	case 2:								\
> -		__put_mem_asm(str "h", "%w", __pu_val, (ptr), (err));	\
> -		break;							\
> -	case 4:								\
> -		__put_mem_asm(str, "%w", __pu_val, (ptr), (err));	\
> -		break;							\
> -	case 8:								\
> -		__put_mem_asm(str, "%x", __pu_val, (ptr), (err));	\
> -		break;							\
> -	default:							\
> -		BUILD_BUG();						\
> -	}								\
> +#define __raw_put_mem(str, x, ptr, err, type)					\
> +do {										\
> +	__typeof__(*(ptr)) __pu_val = (x);					\
> +	switch (sizeof(*(ptr))) {						\
> +	case 1:									\
> +		__put_mem_asm(str "b", "%w", __pu_val, (ptr), (err), type);	\
> +		break;								\
> +	case 2:									\
> +		__put_mem_asm(str "h", "%w", __pu_val, (ptr), (err), type);	\
> +		break;								\
> +	case 4:									\
> +		__put_mem_asm(str, "%w", __pu_val, (ptr), (err), type);		\
> +		break;								\
> +	case 8:									\
> +		__put_mem_asm(str, "%x", __pu_val, (ptr), (err), type);		\
> +		break;								\
> +	default:								\
> +		BUILD_BUG();							\
> +	}									\
>  } while (0)
>  
>  /*
> @@ -362,7 +362,7 @@ do {									\
>  	__chk_user_ptr(__rpu_ptr);					\
>  									\
>  	uaccess_ttbr0_enable();						\
> -	__raw_put_mem("sttr", __rpu_val, __rpu_ptr, err);		\
> +	__raw_put_mem("sttr", __rpu_val, __rpu_ptr, err, U);		\
>  	uaccess_ttbr0_disable();					\
>  } while (0)
>  
> @@ -400,7 +400,7 @@ do {									\
>  									\
>  	__uaccess_enable_tco_async();					\
>  	__raw_put_mem("str", *((type *)(__pkn_src)),			\
> -		      (__force type *)(__pkn_dst), __pkn_err);		\
> +		      (__force type *)(__pkn_dst), __pkn_err, K);	\
>  	__uaccess_disable_tco_async();					\
>  									\
>  	if (unlikely(__pkn_err))					\
> diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
> index 489455309695..056591e5ca80 100644
> --- a/arch/arm64/mm/extable.c
> +++ b/arch/arm64/mm/extable.c
> @@ -77,6 +77,7 @@ bool fixup_exception(struct pt_regs *regs)
>  	case EX_TYPE_BPF:
>  		return ex_handler_bpf(ex, regs);
>  	case EX_TYPE_UACCESS_ERR_ZERO:
> +	case EX_TYPE_KACCESS_ERR_ZERO:
>  		return ex_handler_uaccess_err_zero(ex, regs);
>  	case EX_TYPE_LOAD_UNALIGNED_ZEROPAD:
>  		return ex_handler_load_unaligned_zeropad(ex, regs);
> -- 
> 2.25.1
> 

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Mark Rutland]

On Sat, May 28, 2022 at 06:50:50AM +0000, Tong Tiangen wrote:
> Currnetly, the extable type used by __arch_copy_from/to_user() is
> EX_TYPE_FIXUP. In fact, It is more clearly to use meaningful
> EX_TYPE_UACCESS_*.
> 
> Suggested-by: Mark Rutland <mark.rutland@arm.com>
> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
> ---
>  arch/arm64/include/asm/asm-extable.h |  8 ++++++++
>  arch/arm64/include/asm/asm-uaccess.h | 12 ++++++------
>  2 files changed, 14 insertions(+), 6 deletions(-)
> 
> diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
> index 56ebe183e78b..9c94ac1f082c 100644
> --- a/arch/arm64/include/asm/asm-extable.h
> +++ b/arch/arm64/include/asm/asm-extable.h
> @@ -28,6 +28,14 @@
>  	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
>  	.endm
>  
> +/*
> + * Create an exception table entry for uaccess `insn`, which will branch to `fixup`
> + * when an unhandled fault is taken.
> + * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
> + */
> +	.macro          _asm_extable_uaccess, insn, fixup
> +	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
> +	.endm

I'm not too keen on using `~0` here, since that also sets other bits in the
data field, and its somewhat opaque.

How painful is it to generate the data fields as with the C version of this
macro, so that we can pass in wzr explciitly for the two sub-fields?

Other than that, this looks good to me.

Thanks,
Mark.

>  /*
>   * Create an exception table entry for `insn` if `fixup` is provided. Otherwise
>   * do nothing.
> diff --git a/arch/arm64/include/asm/asm-uaccess.h b/arch/arm64/include/asm/asm-uaccess.h
> index 0557af834e03..75b211c98dea 100644
> --- a/arch/arm64/include/asm/asm-uaccess.h
> +++ b/arch/arm64/include/asm/asm-uaccess.h
> @@ -61,7 +61,7 @@ alternative_else_nop_endif
>  
>  #define USER(l, x...)				\
>  9999:	x;					\
> -	_asm_extable	9999b, l
> +	_asm_extable_uaccess	9999b, l
>  
>  /*
>   * Generate the assembly for LDTR/STTR with exception table entries.
> @@ -73,8 +73,8 @@ alternative_else_nop_endif
>  8889:		ldtr	\reg2, [\addr, #8];
>  		add	\addr, \addr, \post_inc;
>  
> -		_asm_extable	8888b,\l;
> -		_asm_extable	8889b,\l;
> +		_asm_extable_uaccess	8888b, \l;
> +		_asm_extable_uaccess	8889b, \l;
>  	.endm
>  
>  	.macro user_stp l, reg1, reg2, addr, post_inc
> @@ -82,14 +82,14 @@ alternative_else_nop_endif
>  8889:		sttr	\reg2, [\addr, #8];
>  		add	\addr, \addr, \post_inc;
>  
> -		_asm_extable	8888b,\l;
> -		_asm_extable	8889b,\l;
> +		_asm_extable_uaccess	8888b,\l;
> +		_asm_extable_uaccess	8889b,\l;
>  	.endm
>  
>  	.macro user_ldst l, inst, reg, addr, post_inc
>  8888:		\inst		\reg, [\addr];
>  		add		\addr, \addr, \post_inc;
>  
> -		_asm_extable	8888b,\l;
> +		_asm_extable_uaccess	8888b, \l;
>  	.endm
>  #endif
> -- 
> 2.25.1
> 

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Mark Rutland]

On Sat, May 28, 2022 at 06:50:50AM +0000, Tong Tiangen wrote:
> Currnetly, the extable type used by __arch_copy_from/to_user() is
> EX_TYPE_FIXUP. In fact, It is more clearly to use meaningful
> EX_TYPE_UACCESS_*.
> 
> Suggested-by: Mark Rutland <mark.rutland@arm.com>
> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
> ---
>  arch/arm64/include/asm/asm-extable.h |  8 ++++++++
>  arch/arm64/include/asm/asm-uaccess.h | 12 ++++++------
>  2 files changed, 14 insertions(+), 6 deletions(-)
> 
> diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
> index 56ebe183e78b..9c94ac1f082c 100644
> --- a/arch/arm64/include/asm/asm-extable.h
> +++ b/arch/arm64/include/asm/asm-extable.h
> @@ -28,6 +28,14 @@
>  	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
>  	.endm
>  
> +/*
> + * Create an exception table entry for uaccess `insn`, which will branch to `fixup`
> + * when an unhandled fault is taken.
> + * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
> + */
> +	.macro          _asm_extable_uaccess, insn, fixup
> +	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
> +	.endm

I'm not too keen on using `~0` here, since that also sets other bits in the
data field, and its somewhat opaque.

How painful is it to generate the data fields as with the C version of this
macro, so that we can pass in wzr explciitly for the two sub-fields?

Other than that, this looks good to me.

Thanks,
Mark.

>  /*
>   * Create an exception table entry for `insn` if `fixup` is provided. Otherwise
>   * do nothing.
> diff --git a/arch/arm64/include/asm/asm-uaccess.h b/arch/arm64/include/asm/asm-uaccess.h
> index 0557af834e03..75b211c98dea 100644
> --- a/arch/arm64/include/asm/asm-uaccess.h
> +++ b/arch/arm64/include/asm/asm-uaccess.h
> @@ -61,7 +61,7 @@ alternative_else_nop_endif
>  
>  #define USER(l, x...)				\
>  9999:	x;					\
> -	_asm_extable	9999b, l
> +	_asm_extable_uaccess	9999b, l
>  
>  /*
>   * Generate the assembly for LDTR/STTR with exception table entries.
> @@ -73,8 +73,8 @@ alternative_else_nop_endif
>  8889:		ldtr	\reg2, [\addr, #8];
>  		add	\addr, \addr, \post_inc;
>  
> -		_asm_extable	8888b,\l;
> -		_asm_extable	8889b,\l;
> +		_asm_extable_uaccess	8888b, \l;
> +		_asm_extable_uaccess	8889b, \l;
>  	.endm
>  
>  	.macro user_stp l, reg1, reg2, addr, post_inc
> @@ -82,14 +82,14 @@ alternative_else_nop_endif
>  8889:		sttr	\reg2, [\addr, #8];
>  		add	\addr, \addr, \post_inc;
>  
> -		_asm_extable	8888b,\l;
> -		_asm_extable	8889b,\l;
> +		_asm_extable_uaccess	8888b,\l;
> +		_asm_extable_uaccess	8889b,\l;
>  	.endm
>  
>  	.macro user_ldst l, inst, reg, addr, post_inc
>  8888:		\inst		\reg, [\addr];
>  		add		\addr, \addr, \post_inc;
>  
> -		_asm_extable	8888b,\l;
> +		_asm_extable_uaccess	8888b, \l;
>  	.endm
>  #endif
> -- 
> 2.25.1
> 

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Mark Rutland]

On Sat, May 28, 2022 at 06:50:50AM +0000, Tong Tiangen wrote:
> Currnetly, the extable type used by __arch_copy_from/to_user() is
> EX_TYPE_FIXUP. In fact, It is more clearly to use meaningful
> EX_TYPE_UACCESS_*.
> 
> Suggested-by: Mark Rutland <mark.rutland@arm.com>
> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
> ---
>  arch/arm64/include/asm/asm-extable.h |  8 ++++++++
>  arch/arm64/include/asm/asm-uaccess.h | 12 ++++++------
>  2 files changed, 14 insertions(+), 6 deletions(-)
> 
> diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
> index 56ebe183e78b..9c94ac1f082c 100644
> --- a/arch/arm64/include/asm/asm-extable.h
> +++ b/arch/arm64/include/asm/asm-extable.h
> @@ -28,6 +28,14 @@
>  	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
>  	.endm
>  
> +/*
> + * Create an exception table entry for uaccess `insn`, which will branch to `fixup`
> + * when an unhandled fault is taken.
> + * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
> + */
> +	.macro          _asm_extable_uaccess, insn, fixup
> +	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
> +	.endm

I'm not too keen on using `~0` here, since that also sets other bits in the
data field, and its somewhat opaque.

How painful is it to generate the data fields as with the C version of this
macro, so that we can pass in wzr explciitly for the two sub-fields?

Other than that, this looks good to me.

Thanks,
Mark.

>  /*
>   * Create an exception table entry for `insn` if `fixup` is provided. Otherwise
>   * do nothing.
> diff --git a/arch/arm64/include/asm/asm-uaccess.h b/arch/arm64/include/asm/asm-uaccess.h
> index 0557af834e03..75b211c98dea 100644
> --- a/arch/arm64/include/asm/asm-uaccess.h
> +++ b/arch/arm64/include/asm/asm-uaccess.h
> @@ -61,7 +61,7 @@ alternative_else_nop_endif
>  
>  #define USER(l, x...)				\
>  9999:	x;					\
> -	_asm_extable	9999b, l
> +	_asm_extable_uaccess	9999b, l
>  
>  /*
>   * Generate the assembly for LDTR/STTR with exception table entries.
> @@ -73,8 +73,8 @@ alternative_else_nop_endif
>  8889:		ldtr	\reg2, [\addr, #8];
>  		add	\addr, \addr, \post_inc;
>  
> -		_asm_extable	8888b,\l;
> -		_asm_extable	8889b,\l;
> +		_asm_extable_uaccess	8888b, \l;
> +		_asm_extable_uaccess	8889b, \l;
>  	.endm
>  
>  	.macro user_stp l, reg1, reg2, addr, post_inc
> @@ -82,14 +82,14 @@ alternative_else_nop_endif
>  8889:		sttr	\reg2, [\addr, #8];
>  		add	\addr, \addr, \post_inc;
>  
> -		_asm_extable	8888b,\l;
> -		_asm_extable	8889b,\l;
> +		_asm_extable_uaccess	8888b,\l;
> +		_asm_extable_uaccess	8889b,\l;
>  	.endm
>  
>  	.macro user_ldst l, inst, reg, addr, post_inc
>  8888:		\inst		\reg, [\addr];
>  		add		\addr, \addr, \post_inc;
>  
> -		_asm_extable	8888b,\l;
> +		_asm_extable_uaccess	8888b, \l;
>  	.endm
>  #endif
> -- 
> 2.25.1
> 

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH -next v5 3/8] arm64: extable: move _cond_extable to _cond_uaccess_extable

[Mark Rutland]

On Sat, May 28, 2022 at 06:50:51AM +0000, Tong Tiangen wrote:
> Currently, We use _cond_extable for cache maintenance uaccess helper
> caches_clean_inval_user_pou(), so this should be moved over to
> EX_TYPE_UACCESS_ERR_ZERO and rename _cond_extable to _cond_uaccess_extable
> for clarity.
> 
> Suggested-by: Mark Rutland <mark.rutland@arm.com>
> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>

Acked-by: Mark Rutland <mark.rutland@arm.com>

Mark.

> ---
>  arch/arm64/include/asm/asm-extable.h | 6 +++---
>  arch/arm64/include/asm/assembler.h   | 4 ++--
>  2 files changed, 5 insertions(+), 5 deletions(-)
> 
> diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
> index 9c94ac1f082c..d01bd94cc4c2 100644
> --- a/arch/arm64/include/asm/asm-extable.h
> +++ b/arch/arm64/include/asm/asm-extable.h
> @@ -40,9 +40,9 @@
>   * Create an exception table entry for `insn` if `fixup` is provided. Otherwise
>   * do nothing.
>   */
> -	.macro		_cond_extable, insn, fixup
> -	.ifnc		\fixup,
> -	_asm_extable	\insn, \fixup
> +	.macro		_cond_uaccess_extable, insn, fixup
> +	.ifnc			\fixup,
> +	_asm_extable_uaccess	\insn, \fixup
>  	.endif
>  	.endm
>  
> diff --git a/arch/arm64/include/asm/assembler.h b/arch/arm64/include/asm/assembler.h
> index 8c5a61aeaf8e..dc422fa437c2 100644
> --- a/arch/arm64/include/asm/assembler.h
> +++ b/arch/arm64/include/asm/assembler.h
> @@ -423,7 +423,7 @@ alternative_endif
>  	b.lo	.Ldcache_op\@
>  	dsb	\domain
>  
> -	_cond_extable .Ldcache_op\@, \fixup
> +	_cond_uaccess_extable .Ldcache_op\@, \fixup
>  	.endm
>  
>  /*
> @@ -462,7 +462,7 @@ alternative_endif
>  	dsb	ish
>  	isb
>  
> -	_cond_extable .Licache_op\@, \fixup
> +	_cond_uaccess_extable .Licache_op\@, \fixup
>  	.endm
>  
>  /*
> -- 
> 2.25.1
> 

Re: [PATCH -next v5 3/8] arm64: extable: move _cond_extable to _cond_uaccess_extable

[Mark Rutland]

On Sat, May 28, 2022 at 06:50:51AM +0000, Tong Tiangen wrote:
> Currently, We use _cond_extable for cache maintenance uaccess helper
> caches_clean_inval_user_pou(), so this should be moved over to
> EX_TYPE_UACCESS_ERR_ZERO and rename _cond_extable to _cond_uaccess_extable
> for clarity.
> 
> Suggested-by: Mark Rutland <mark.rutland@arm.com>
> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>

Acked-by: Mark Rutland <mark.rutland@arm.com>

Mark.

> ---
>  arch/arm64/include/asm/asm-extable.h | 6 +++---
>  arch/arm64/include/asm/assembler.h   | 4 ++--
>  2 files changed, 5 insertions(+), 5 deletions(-)
> 
> diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
> index 9c94ac1f082c..d01bd94cc4c2 100644
> --- a/arch/arm64/include/asm/asm-extable.h
> +++ b/arch/arm64/include/asm/asm-extable.h
> @@ -40,9 +40,9 @@
>   * Create an exception table entry for `insn` if `fixup` is provided. Otherwise
>   * do nothing.
>   */
> -	.macro		_cond_extable, insn, fixup
> -	.ifnc		\fixup,
> -	_asm_extable	\insn, \fixup
> +	.macro		_cond_uaccess_extable, insn, fixup
> +	.ifnc			\fixup,
> +	_asm_extable_uaccess	\insn, \fixup
>  	.endif
>  	.endm
>  
> diff --git a/arch/arm64/include/asm/assembler.h b/arch/arm64/include/asm/assembler.h
> index 8c5a61aeaf8e..dc422fa437c2 100644
> --- a/arch/arm64/include/asm/assembler.h
> +++ b/arch/arm64/include/asm/assembler.h
> @@ -423,7 +423,7 @@ alternative_endif
>  	b.lo	.Ldcache_op\@
>  	dsb	\domain
>  
> -	_cond_extable .Ldcache_op\@, \fixup
> +	_cond_uaccess_extable .Ldcache_op\@, \fixup
>  	.endm
>  
>  /*
> @@ -462,7 +462,7 @@ alternative_endif
>  	dsb	ish
>  	isb
>  
> -	_cond_extable .Licache_op\@, \fixup
> +	_cond_uaccess_extable .Licache_op\@, \fixup
>  	.endm
>  
>  /*
> -- 
> 2.25.1
> 

Re: [PATCH -next v5 3/8] arm64: extable: move _cond_extable to _cond_uaccess_extable

[Mark Rutland]

On Sat, May 28, 2022 at 06:50:51AM +0000, Tong Tiangen wrote:
> Currently, We use _cond_extable for cache maintenance uaccess helper
> caches_clean_inval_user_pou(), so this should be moved over to
> EX_TYPE_UACCESS_ERR_ZERO and rename _cond_extable to _cond_uaccess_extable
> for clarity.
> 
> Suggested-by: Mark Rutland <mark.rutland@arm.com>
> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>

Acked-by: Mark Rutland <mark.rutland@arm.com>

Mark.

> ---
>  arch/arm64/include/asm/asm-extable.h | 6 +++---
>  arch/arm64/include/asm/assembler.h   | 4 ++--
>  2 files changed, 5 insertions(+), 5 deletions(-)
> 
> diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
> index 9c94ac1f082c..d01bd94cc4c2 100644
> --- a/arch/arm64/include/asm/asm-extable.h
> +++ b/arch/arm64/include/asm/asm-extable.h
> @@ -40,9 +40,9 @@
>   * Create an exception table entry for `insn` if `fixup` is provided. Otherwise
>   * do nothing.
>   */
> -	.macro		_cond_extable, insn, fixup
> -	.ifnc		\fixup,
> -	_asm_extable	\insn, \fixup
> +	.macro		_cond_uaccess_extable, insn, fixup
> +	.ifnc			\fixup,
> +	_asm_extable_uaccess	\insn, \fixup
>  	.endif
>  	.endm
>  
> diff --git a/arch/arm64/include/asm/assembler.h b/arch/arm64/include/asm/assembler.h
> index 8c5a61aeaf8e..dc422fa437c2 100644
> --- a/arch/arm64/include/asm/assembler.h
> +++ b/arch/arm64/include/asm/assembler.h
> @@ -423,7 +423,7 @@ alternative_endif
>  	b.lo	.Ldcache_op\@
>  	dsb	\domain
>  
> -	_cond_extable .Ldcache_op\@, \fixup
> +	_cond_uaccess_extable .Ldcache_op\@, \fixup
>  	.endm
>  
>  /*
> @@ -462,7 +462,7 @@ alternative_endif
>  	dsb	ish
>  	isb
>  
> -	_cond_extable .Licache_op\@, \fixup
> +	_cond_uaccess_extable .Licache_op\@, \fixup
>  	.endm
>  
>  /*
> -- 
> 2.25.1
> 

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH -next v5 4/8] arm64: extable: cleanup redundant extable type EX_TYPE_FIXUP

[Mark Rutland]

On Sat, May 28, 2022 at 06:50:52AM +0000, Tong Tiangen wrote:
> Currently, extable type EX_TYPE_FIXUP is no place to use, We can safely
> remove it.
> 
> Suggested-by: Mark Rutland <mark.rutland@arm.com>
> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>

Acked-by: Mark Rutland <mark.rutland@arm.com>

Mark.

> ---
>  arch/arm64/include/asm/asm-extable.h | 20 ++++----------------
>  arch/arm64/mm/extable.c              |  9 ---------
>  2 files changed, 4 insertions(+), 25 deletions(-)
> 
> diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
> index d01bd94cc4c2..1f2974467273 100644
> --- a/arch/arm64/include/asm/asm-extable.h
> +++ b/arch/arm64/include/asm/asm-extable.h
> @@ -3,11 +3,10 @@
>  #define __ASM_ASM_EXTABLE_H
>  
>  #define EX_TYPE_NONE			0
> -#define EX_TYPE_FIXUP			1
> -#define EX_TYPE_BPF			2
> -#define EX_TYPE_UACCESS_ERR_ZERO	3
> -#define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	4
> -#define EX_TYPE_KACCESS_ERR_ZERO	5
> +#define EX_TYPE_BPF			1
> +#define EX_TYPE_UACCESS_ERR_ZERO	2
> +#define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	3
> +#define EX_TYPE_KACCESS_ERR_ZERO	4
>  
>  #ifdef __ASSEMBLY__
>  
> @@ -20,14 +19,6 @@
>  	.short		(data);				\
>  	.popsection;
>  
> -/*
> - * Create an exception table entry for `insn`, which will branch to `fixup`
> - * when an unhandled fault is taken.
> - */
> -	.macro		_asm_extable, insn, fixup
> -	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
> -	.endm
> -
>  /*
>   * Create an exception table entry for uaccess `insn`, which will branch to `fixup`
>   * when an unhandled fault is taken.
> @@ -62,9 +53,6 @@
>  	".short		(" data ")\n"			\
>  	".popsection\n"
>  
> -#define _ASM_EXTABLE(insn, fixup) \
> -	__ASM_EXTABLE_RAW(#insn, #fixup, __stringify(EX_TYPE_FIXUP), "0")
> -
>  #define EX_DATA_REG_ERR_SHIFT	0
>  #define EX_DATA_REG_ERR		GENMASK(4, 0)
>  #define EX_DATA_REG_ZERO_SHIFT	5
> diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
> index 056591e5ca80..228d681a8715 100644
> --- a/arch/arm64/mm/extable.c
> +++ b/arch/arm64/mm/extable.c
> @@ -16,13 +16,6 @@ get_ex_fixup(const struct exception_table_entry *ex)
>  	return ((unsigned long)&ex->fixup + ex->fixup);
>  }
>  
> -static bool ex_handler_fixup(const struct exception_table_entry *ex,
> -			     struct pt_regs *regs)
> -{
> -	regs->pc = get_ex_fixup(ex);
> -	return true;
> -}
> -
>  static bool ex_handler_uaccess_err_zero(const struct exception_table_entry *ex,
>  					struct pt_regs *regs)
>  {
> @@ -72,8 +65,6 @@ bool fixup_exception(struct pt_regs *regs)
>  		return false;
>  
>  	switch (ex->type) {
> -	case EX_TYPE_FIXUP:
> -		return ex_handler_fixup(ex, regs);
>  	case EX_TYPE_BPF:
>  		return ex_handler_bpf(ex, regs);
>  	case EX_TYPE_UACCESS_ERR_ZERO:
> -- 
> 2.25.1
> 

Re: [PATCH -next v5 4/8] arm64: extable: cleanup redundant extable type EX_TYPE_FIXUP

[Mark Rutland]

On Sat, May 28, 2022 at 06:50:52AM +0000, Tong Tiangen wrote:
> Currently, extable type EX_TYPE_FIXUP is no place to use, We can safely
> remove it.
> 
> Suggested-by: Mark Rutland <mark.rutland@arm.com>
> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>

Acked-by: Mark Rutland <mark.rutland@arm.com>

Mark.

> ---
>  arch/arm64/include/asm/asm-extable.h | 20 ++++----------------
>  arch/arm64/mm/extable.c              |  9 ---------
>  2 files changed, 4 insertions(+), 25 deletions(-)
> 
> diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
> index d01bd94cc4c2..1f2974467273 100644
> --- a/arch/arm64/include/asm/asm-extable.h
> +++ b/arch/arm64/include/asm/asm-extable.h
> @@ -3,11 +3,10 @@
>  #define __ASM_ASM_EXTABLE_H
>  
>  #define EX_TYPE_NONE			0
> -#define EX_TYPE_FIXUP			1
> -#define EX_TYPE_BPF			2
> -#define EX_TYPE_UACCESS_ERR_ZERO	3
> -#define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	4
> -#define EX_TYPE_KACCESS_ERR_ZERO	5
> +#define EX_TYPE_BPF			1
> +#define EX_TYPE_UACCESS_ERR_ZERO	2
> +#define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	3
> +#define EX_TYPE_KACCESS_ERR_ZERO	4
>  
>  #ifdef __ASSEMBLY__
>  
> @@ -20,14 +19,6 @@
>  	.short		(data);				\
>  	.popsection;
>  
> -/*
> - * Create an exception table entry for `insn`, which will branch to `fixup`
> - * when an unhandled fault is taken.
> - */
> -	.macro		_asm_extable, insn, fixup
> -	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
> -	.endm
> -
>  /*
>   * Create an exception table entry for uaccess `insn`, which will branch to `fixup`
>   * when an unhandled fault is taken.
> @@ -62,9 +53,6 @@
>  	".short		(" data ")\n"			\
>  	".popsection\n"
>  
> -#define _ASM_EXTABLE(insn, fixup) \
> -	__ASM_EXTABLE_RAW(#insn, #fixup, __stringify(EX_TYPE_FIXUP), "0")
> -
>  #define EX_DATA_REG_ERR_SHIFT	0
>  #define EX_DATA_REG_ERR		GENMASK(4, 0)
>  #define EX_DATA_REG_ZERO_SHIFT	5
> diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
> index 056591e5ca80..228d681a8715 100644
> --- a/arch/arm64/mm/extable.c
> +++ b/arch/arm64/mm/extable.c
> @@ -16,13 +16,6 @@ get_ex_fixup(const struct exception_table_entry *ex)
>  	return ((unsigned long)&ex->fixup + ex->fixup);
>  }
>  
> -static bool ex_handler_fixup(const struct exception_table_entry *ex,
> -			     struct pt_regs *regs)
> -{
> -	regs->pc = get_ex_fixup(ex);
> -	return true;
> -}
> -
>  static bool ex_handler_uaccess_err_zero(const struct exception_table_entry *ex,
>  					struct pt_regs *regs)
>  {
> @@ -72,8 +65,6 @@ bool fixup_exception(struct pt_regs *regs)
>  		return false;
>  
>  	switch (ex->type) {
> -	case EX_TYPE_FIXUP:
> -		return ex_handler_fixup(ex, regs);
>  	case EX_TYPE_BPF:
>  		return ex_handler_bpf(ex, regs);
>  	case EX_TYPE_UACCESS_ERR_ZERO:
> -- 
> 2.25.1
> 

Re: [PATCH -next v5 4/8] arm64: extable: cleanup redundant extable type EX_TYPE_FIXUP

[Mark Rutland]

On Sat, May 28, 2022 at 06:50:52AM +0000, Tong Tiangen wrote:
> Currently, extable type EX_TYPE_FIXUP is no place to use, We can safely
> remove it.
> 
> Suggested-by: Mark Rutland <mark.rutland@arm.com>
> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>

Acked-by: Mark Rutland <mark.rutland@arm.com>

Mark.

> ---
>  arch/arm64/include/asm/asm-extable.h | 20 ++++----------------
>  arch/arm64/mm/extable.c              |  9 ---------
>  2 files changed, 4 insertions(+), 25 deletions(-)
> 
> diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
> index d01bd94cc4c2..1f2974467273 100644
> --- a/arch/arm64/include/asm/asm-extable.h
> +++ b/arch/arm64/include/asm/asm-extable.h
> @@ -3,11 +3,10 @@
>  #define __ASM_ASM_EXTABLE_H
>  
>  #define EX_TYPE_NONE			0
> -#define EX_TYPE_FIXUP			1
> -#define EX_TYPE_BPF			2
> -#define EX_TYPE_UACCESS_ERR_ZERO	3
> -#define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	4
> -#define EX_TYPE_KACCESS_ERR_ZERO	5
> +#define EX_TYPE_BPF			1
> +#define EX_TYPE_UACCESS_ERR_ZERO	2
> +#define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	3
> +#define EX_TYPE_KACCESS_ERR_ZERO	4
>  
>  #ifdef __ASSEMBLY__
>  
> @@ -20,14 +19,6 @@
>  	.short		(data);				\
>  	.popsection;
>  
> -/*
> - * Create an exception table entry for `insn`, which will branch to `fixup`
> - * when an unhandled fault is taken.
> - */
> -	.macro		_asm_extable, insn, fixup
> -	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
> -	.endm
> -
>  /*
>   * Create an exception table entry for uaccess `insn`, which will branch to `fixup`
>   * when an unhandled fault is taken.
> @@ -62,9 +53,6 @@
>  	".short		(" data ")\n"			\
>  	".popsection\n"
>  
> -#define _ASM_EXTABLE(insn, fixup) \
> -	__ASM_EXTABLE_RAW(#insn, #fixup, __stringify(EX_TYPE_FIXUP), "0")
> -
>  #define EX_DATA_REG_ERR_SHIFT	0
>  #define EX_DATA_REG_ERR		GENMASK(4, 0)
>  #define EX_DATA_REG_ZERO_SHIFT	5
> diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
> index 056591e5ca80..228d681a8715 100644
> --- a/arch/arm64/mm/extable.c
> +++ b/arch/arm64/mm/extable.c
> @@ -16,13 +16,6 @@ get_ex_fixup(const struct exception_table_entry *ex)
>  	return ((unsigned long)&ex->fixup + ex->fixup);
>  }
>  
> -static bool ex_handler_fixup(const struct exception_table_entry *ex,
> -			     struct pt_regs *regs)
> -{
> -	regs->pc = get_ex_fixup(ex);
> -	return true;
> -}
> -
>  static bool ex_handler_uaccess_err_zero(const struct exception_table_entry *ex,
>  					struct pt_regs *regs)
>  {
> @@ -72,8 +65,6 @@ bool fixup_exception(struct pt_regs *regs)
>  		return false;
>  
>  	switch (ex->type) {
> -	case EX_TYPE_FIXUP:
> -		return ex_handler_fixup(ex, regs);
>  	case EX_TYPE_BPF:
>  		return ex_handler_bpf(ex, regs);
>  	case EX_TYPE_UACCESS_ERR_ZERO:
> -- 
> 2.25.1
> 

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH -next v5 6/8] arm64: add support for machine check error safe

[Mark Rutland]

On Sat, May 28, 2022 at 06:50:54AM +0000, Tong Tiangen wrote:
> During the processing of arm64 kernel hardware memory errors(do_sea()), if
> the errors is consumed in the kernel, the current processing is panic.
> However, it is not optimal.
> 
> Take uaccess for example, if the uaccess operation fails due to memory
> error, only the user process will be affected, kill the user process
> and isolate the user page with hardware memory errors is a better choice.
> 
> This patch only enable machine error check framework, it add exception
> fixup before kernel panic in do_sea() and only limit the consumption of
> hardware memory errors in kernel mode triggered by user mode processes.
> If fixup successful, panic can be avoided.
> 
> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
> ---
>  arch/arm64/Kconfig               |  1 +
>  arch/arm64/include/asm/extable.h |  1 +
>  arch/arm64/mm/extable.c          | 17 +++++++++++++++++
>  arch/arm64/mm/fault.c            | 27 ++++++++++++++++++++++++++-
>  4 files changed, 45 insertions(+), 1 deletion(-)
> 
> diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
> index aaeb70358979..a3b12ff0cd7f 100644
> --- a/arch/arm64/Kconfig
> +++ b/arch/arm64/Kconfig
> @@ -19,6 +19,7 @@ config ARM64
>  	select ARCH_ENABLE_SPLIT_PMD_PTLOCK if PGTABLE_LEVELS > 2
>  	select ARCH_ENABLE_THP_MIGRATION if TRANSPARENT_HUGEPAGE
>  	select ARCH_HAS_CACHE_LINE_SIZE
> +	select ARCH_HAS_COPY_MC if ACPI_APEI_GHES
>  	select ARCH_HAS_CURRENT_STACK_POINTER
>  	select ARCH_HAS_DEBUG_VIRTUAL
>  	select ARCH_HAS_DEBUG_VM_PGTABLE
> diff --git a/arch/arm64/include/asm/extable.h b/arch/arm64/include/asm/extable.h
> index 72b0e71cc3de..f80ebd0addfd 100644
> --- a/arch/arm64/include/asm/extable.h
> +++ b/arch/arm64/include/asm/extable.h
> @@ -46,4 +46,5 @@ bool ex_handler_bpf(const struct exception_table_entry *ex,
>  #endif /* !CONFIG_BPF_JIT */
>  
>  bool fixup_exception(struct pt_regs *regs);
> +bool fixup_exception_mc(struct pt_regs *regs);
>  #endif
> diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
> index 228d681a8715..c301dcf6335f 100644
> --- a/arch/arm64/mm/extable.c
> +++ b/arch/arm64/mm/extable.c
> @@ -9,6 +9,7 @@
>  
>  #include <asm/asm-extable.h>
>  #include <asm/ptrace.h>
> +#include <asm/esr.h>
>  
>  static inline unsigned long
>  get_ex_fixup(const struct exception_table_entry *ex)
> @@ -76,3 +77,19 @@ bool fixup_exception(struct pt_regs *regs)
>  
>  	BUG();
>  }
> +
> +bool fixup_exception_mc(struct pt_regs *regs)
> +{
> +	const struct exception_table_entry *ex;
> +
> +	ex = search_exception_tables(instruction_pointer(regs));
> +	if (!ex)
> +		return false;
> +
> +	/*
> +	 * This is not complete, More Machine check safe extable type can
> +	 * be processed here.
> +	 */
> +
> +	return false;
> +}
> diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c
> index c5e11768e5c1..b262bd282a89 100644
> --- a/arch/arm64/mm/fault.c
> +++ b/arch/arm64/mm/fault.c
> @@ -696,6 +696,29 @@ static int do_bad(unsigned long far, unsigned long esr, struct pt_regs *regs)
>  	return 1; /* "fault" */
>  }
>  
> +static bool arm64_do_kernel_sea(unsigned long addr, unsigned int esr,
> +				     struct pt_regs *regs, int sig, int code)
> +{
> +	if (!IS_ENABLED(CONFIG_ARCH_HAS_COPY_MC))
> +		return false;
> +
> +	if (user_mode(regs) || !current->mm)
> +		return false;

What's the `!current->mm` check for?

> +
> +	if (apei_claim_sea(regs) < 0)
> +		return false;
> +
> +	if (!fixup_exception_mc(regs))
> +		return false;

I thought we still wanted to signal the task in this case? Or do you expect to
add that into `fixup_exception_mc()` ?

> +
> +	set_thread_esr(0, esr);

Why are we not setting the address? Is that deliberate, or an oversight?

> +
> +	arm64_force_sig_fault(sig, code, addr,
> +		"Uncorrected hardware memory error in kernel-access\n");

I think the wording here is misleading since we don't expect to recover from
accesses to kernel memory, and would be better as something like:

	"Uncorrected memory error on access to user memory\n"

Thanks,
Mark.

> +
> +	return true;
> +}
> +
>  static int do_sea(unsigned long far, unsigned long esr, struct pt_regs *regs)
>  {
>  	const struct fault_info *inf;
> @@ -721,7 +744,9 @@ static int do_sea(unsigned long far, unsigned long esr, struct pt_regs *regs)
>  		 */
>  		siaddr  = untagged_addr(far);
>  	}
> -	arm64_notify_die(inf->name, regs, inf->sig, inf->code, siaddr, esr);
> +
> +	if (!arm64_do_kernel_sea(siaddr, esr, regs, inf->sig, inf->code))
> +		arm64_notify_die(inf->name, regs, inf->sig, inf->code, siaddr, esr);
>  
>  	return 0;
>  }
> -- 
> 2.25.1
> 

Re: [PATCH -next v5 6/8] arm64: add support for machine check error safe

[Mark Rutland]

On Sat, May 28, 2022 at 06:50:54AM +0000, Tong Tiangen wrote:
> During the processing of arm64 kernel hardware memory errors(do_sea()), if
> the errors is consumed in the kernel, the current processing is panic.
> However, it is not optimal.
> 
> Take uaccess for example, if the uaccess operation fails due to memory
> error, only the user process will be affected, kill the user process
> and isolate the user page with hardware memory errors is a better choice.
> 
> This patch only enable machine error check framework, it add exception
> fixup before kernel panic in do_sea() and only limit the consumption of
> hardware memory errors in kernel mode triggered by user mode processes.
> If fixup successful, panic can be avoided.
> 
> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
> ---
>  arch/arm64/Kconfig               |  1 +
>  arch/arm64/include/asm/extable.h |  1 +
>  arch/arm64/mm/extable.c          | 17 +++++++++++++++++
>  arch/arm64/mm/fault.c            | 27 ++++++++++++++++++++++++++-
>  4 files changed, 45 insertions(+), 1 deletion(-)
> 
> diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
> index aaeb70358979..a3b12ff0cd7f 100644
> --- a/arch/arm64/Kconfig
> +++ b/arch/arm64/Kconfig
> @@ -19,6 +19,7 @@ config ARM64
>  	select ARCH_ENABLE_SPLIT_PMD_PTLOCK if PGTABLE_LEVELS > 2
>  	select ARCH_ENABLE_THP_MIGRATION if TRANSPARENT_HUGEPAGE
>  	select ARCH_HAS_CACHE_LINE_SIZE
> +	select ARCH_HAS_COPY_MC if ACPI_APEI_GHES
>  	select ARCH_HAS_CURRENT_STACK_POINTER
>  	select ARCH_HAS_DEBUG_VIRTUAL
>  	select ARCH_HAS_DEBUG_VM_PGTABLE
> diff --git a/arch/arm64/include/asm/extable.h b/arch/arm64/include/asm/extable.h
> index 72b0e71cc3de..f80ebd0addfd 100644
> --- a/arch/arm64/include/asm/extable.h
> +++ b/arch/arm64/include/asm/extable.h
> @@ -46,4 +46,5 @@ bool ex_handler_bpf(const struct exception_table_entry *ex,
>  #endif /* !CONFIG_BPF_JIT */
>  
>  bool fixup_exception(struct pt_regs *regs);
> +bool fixup_exception_mc(struct pt_regs *regs);
>  #endif
> diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
> index 228d681a8715..c301dcf6335f 100644
> --- a/arch/arm64/mm/extable.c
> +++ b/arch/arm64/mm/extable.c
> @@ -9,6 +9,7 @@
>  
>  #include <asm/asm-extable.h>
>  #include <asm/ptrace.h>
> +#include <asm/esr.h>
>  
>  static inline unsigned long
>  get_ex_fixup(const struct exception_table_entry *ex)
> @@ -76,3 +77,19 @@ bool fixup_exception(struct pt_regs *regs)
>  
>  	BUG();
>  }
> +
> +bool fixup_exception_mc(struct pt_regs *regs)
> +{
> +	const struct exception_table_entry *ex;
> +
> +	ex = search_exception_tables(instruction_pointer(regs));
> +	if (!ex)
> +		return false;
> +
> +	/*
> +	 * This is not complete, More Machine check safe extable type can
> +	 * be processed here.
> +	 */
> +
> +	return false;
> +}
> diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c
> index c5e11768e5c1..b262bd282a89 100644
> --- a/arch/arm64/mm/fault.c
> +++ b/arch/arm64/mm/fault.c
> @@ -696,6 +696,29 @@ static int do_bad(unsigned long far, unsigned long esr, struct pt_regs *regs)
>  	return 1; /* "fault" */
>  }
>  
> +static bool arm64_do_kernel_sea(unsigned long addr, unsigned int esr,
> +				     struct pt_regs *regs, int sig, int code)
> +{
> +	if (!IS_ENABLED(CONFIG_ARCH_HAS_COPY_MC))
> +		return false;
> +
> +	if (user_mode(regs) || !current->mm)
> +		return false;

What's the `!current->mm` check for?

> +
> +	if (apei_claim_sea(regs) < 0)
> +		return false;
> +
> +	if (!fixup_exception_mc(regs))
> +		return false;

I thought we still wanted to signal the task in this case? Or do you expect to
add that into `fixup_exception_mc()` ?

> +
> +	set_thread_esr(0, esr);

Why are we not setting the address? Is that deliberate, or an oversight?

> +
> +	arm64_force_sig_fault(sig, code, addr,
> +		"Uncorrected hardware memory error in kernel-access\n");

I think the wording here is misleading since we don't expect to recover from
accesses to kernel memory, and would be better as something like:

	"Uncorrected memory error on access to user memory\n"

Thanks,
Mark.

> +
> +	return true;
> +}
> +
>  static int do_sea(unsigned long far, unsigned long esr, struct pt_regs *regs)
>  {
>  	const struct fault_info *inf;
> @@ -721,7 +744,9 @@ static int do_sea(unsigned long far, unsigned long esr, struct pt_regs *regs)
>  		 */
>  		siaddr  = untagged_addr(far);
>  	}
> -	arm64_notify_die(inf->name, regs, inf->sig, inf->code, siaddr, esr);
> +
> +	if (!arm64_do_kernel_sea(siaddr, esr, regs, inf->sig, inf->code))
> +		arm64_notify_die(inf->name, regs, inf->sig, inf->code, siaddr, esr);
>  
>  	return 0;
>  }
> -- 
> 2.25.1
> 

Re: [PATCH -next v5 6/8] arm64: add support for machine check error safe

[Mark Rutland]

On Sat, May 28, 2022 at 06:50:54AM +0000, Tong Tiangen wrote:
> During the processing of arm64 kernel hardware memory errors(do_sea()), if
> the errors is consumed in the kernel, the current processing is panic.
> However, it is not optimal.
> 
> Take uaccess for example, if the uaccess operation fails due to memory
> error, only the user process will be affected, kill the user process
> and isolate the user page with hardware memory errors is a better choice.
> 
> This patch only enable machine error check framework, it add exception
> fixup before kernel panic in do_sea() and only limit the consumption of
> hardware memory errors in kernel mode triggered by user mode processes.
> If fixup successful, panic can be avoided.
> 
> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
> ---
>  arch/arm64/Kconfig               |  1 +
>  arch/arm64/include/asm/extable.h |  1 +
>  arch/arm64/mm/extable.c          | 17 +++++++++++++++++
>  arch/arm64/mm/fault.c            | 27 ++++++++++++++++++++++++++-
>  4 files changed, 45 insertions(+), 1 deletion(-)
> 
> diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
> index aaeb70358979..a3b12ff0cd7f 100644
> --- a/arch/arm64/Kconfig
> +++ b/arch/arm64/Kconfig
> @@ -19,6 +19,7 @@ config ARM64
>  	select ARCH_ENABLE_SPLIT_PMD_PTLOCK if PGTABLE_LEVELS > 2
>  	select ARCH_ENABLE_THP_MIGRATION if TRANSPARENT_HUGEPAGE
>  	select ARCH_HAS_CACHE_LINE_SIZE
> +	select ARCH_HAS_COPY_MC if ACPI_APEI_GHES
>  	select ARCH_HAS_CURRENT_STACK_POINTER
>  	select ARCH_HAS_DEBUG_VIRTUAL
>  	select ARCH_HAS_DEBUG_VM_PGTABLE
> diff --git a/arch/arm64/include/asm/extable.h b/arch/arm64/include/asm/extable.h
> index 72b0e71cc3de..f80ebd0addfd 100644
> --- a/arch/arm64/include/asm/extable.h
> +++ b/arch/arm64/include/asm/extable.h
> @@ -46,4 +46,5 @@ bool ex_handler_bpf(const struct exception_table_entry *ex,
>  #endif /* !CONFIG_BPF_JIT */
>  
>  bool fixup_exception(struct pt_regs *regs);
> +bool fixup_exception_mc(struct pt_regs *regs);
>  #endif
> diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
> index 228d681a8715..c301dcf6335f 100644
> --- a/arch/arm64/mm/extable.c
> +++ b/arch/arm64/mm/extable.c
> @@ -9,6 +9,7 @@
>  
>  #include <asm/asm-extable.h>
>  #include <asm/ptrace.h>
> +#include <asm/esr.h>
>  
>  static inline unsigned long
>  get_ex_fixup(const struct exception_table_entry *ex)
> @@ -76,3 +77,19 @@ bool fixup_exception(struct pt_regs *regs)
>  
>  	BUG();
>  }
> +
> +bool fixup_exception_mc(struct pt_regs *regs)
> +{
> +	const struct exception_table_entry *ex;
> +
> +	ex = search_exception_tables(instruction_pointer(regs));
> +	if (!ex)
> +		return false;
> +
> +	/*
> +	 * This is not complete, More Machine check safe extable type can
> +	 * be processed here.
> +	 */
> +
> +	return false;
> +}
> diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c
> index c5e11768e5c1..b262bd282a89 100644
> --- a/arch/arm64/mm/fault.c
> +++ b/arch/arm64/mm/fault.c
> @@ -696,6 +696,29 @@ static int do_bad(unsigned long far, unsigned long esr, struct pt_regs *regs)
>  	return 1; /* "fault" */
>  }
>  
> +static bool arm64_do_kernel_sea(unsigned long addr, unsigned int esr,
> +				     struct pt_regs *regs, int sig, int code)
> +{
> +	if (!IS_ENABLED(CONFIG_ARCH_HAS_COPY_MC))
> +		return false;
> +
> +	if (user_mode(regs) || !current->mm)
> +		return false;

What's the `!current->mm` check for?

> +
> +	if (apei_claim_sea(regs) < 0)
> +		return false;
> +
> +	if (!fixup_exception_mc(regs))
> +		return false;

I thought we still wanted to signal the task in this case? Or do you expect to
add that into `fixup_exception_mc()` ?

> +
> +	set_thread_esr(0, esr);

Why are we not setting the address? Is that deliberate, or an oversight?

> +
> +	arm64_force_sig_fault(sig, code, addr,
> +		"Uncorrected hardware memory error in kernel-access\n");

I think the wording here is misleading since we don't expect to recover from
accesses to kernel memory, and would be better as something like:

	"Uncorrected memory error on access to user memory\n"

Thanks,
Mark.

> +
> +	return true;
> +}
> +
>  static int do_sea(unsigned long far, unsigned long esr, struct pt_regs *regs)
>  {
>  	const struct fault_info *inf;
> @@ -721,7 +744,9 @@ static int do_sea(unsigned long far, unsigned long esr, struct pt_regs *regs)
>  		 */
>  		siaddr  = untagged_addr(far);
>  	}
> -	arm64_notify_die(inf->name, regs, inf->sig, inf->code, siaddr, esr);
> +
> +	if (!arm64_do_kernel_sea(siaddr, esr, regs, inf->sig, inf->code))
> +		arm64_notify_die(inf->name, regs, inf->sig, inf->code, siaddr, esr);
>  
>  	return 0;
>  }
> -- 
> 2.25.1
> 

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH -next v5 7/8] arm64: add uaccess to machine check safe

[Mark Rutland]

On Sat, May 28, 2022 at 06:50:55AM +0000, Tong Tiangen wrote:
> If user access fail due to hardware memory error, only the relevant
> processes are affected, so killing the user process and isolate the
> error page with hardware memory errors is a more reasonable choice
> than kernel panic.
> 
> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>

> ---
>  arch/arm64/lib/copy_from_user.S | 8 ++++----
>  arch/arm64/lib/copy_to_user.S   | 8 ++++----

All of these changes are to the *kernel* accesses performed as part of copy
to/from user, and have nothing to do with userspace, so it does not make sense
to mark these as UACCESS.

Do we *actually* need to recover from failues on these accesses? Looking at
_copy_from_user(), the kernel will immediately follow this up with a memset()
to the same address which will be fatal anyway, so this is only punting the
failure for a few instructions.

If we really need to recover from certain accesses to kernel memory we should
add a new EX_TYPE_KACCESS_ERR_ZERO_MC or similar, but we need a strong
rationale as to why that's useful. As things stand I do not beleive it makes
sense for copy to/from user specifically.

>  arch/arm64/mm/extable.c         | 8 ++++----
>  3 files changed, 12 insertions(+), 12 deletions(-)
> 
> diff --git a/arch/arm64/lib/copy_from_user.S b/arch/arm64/lib/copy_from_user.S
> index 34e317907524..402dd48a4f93 100644
> --- a/arch/arm64/lib/copy_from_user.S
> +++ b/arch/arm64/lib/copy_from_user.S
> @@ -25,7 +25,7 @@
>  	.endm
>  
>  	.macro strb1 reg, ptr, val
> -	strb \reg, [\ptr], \val
> +	USER(9998f, strb \reg, [\ptr], \val)
>  	.endm
>  
>  	.macro ldrh1 reg, ptr, val
> @@ -33,7 +33,7 @@
>  	.endm
>  
>  	.macro strh1 reg, ptr, val
> -	strh \reg, [\ptr], \val
> +	USER(9998f, strh \reg, [\ptr], \val)
>  	.endm
>  
>  	.macro ldr1 reg, ptr, val
> @@ -41,7 +41,7 @@
>  	.endm
>  
>  	.macro str1 reg, ptr, val
> -	str \reg, [\ptr], \val
> +	USER(9998f, str \reg, [\ptr], \val)
>  	.endm
>  
>  	.macro ldp1 reg1, reg2, ptr, val
> @@ -49,7 +49,7 @@
>  	.endm
>  
>  	.macro stp1 reg1, reg2, ptr, val
> -	stp \reg1, \reg2, [\ptr], \val
> +	USER(9998f, stp \reg1, \reg2, [\ptr], \val)
>  	.endm
>  
>  end	.req	x5
> diff --git a/arch/arm64/lib/copy_to_user.S b/arch/arm64/lib/copy_to_user.S
> index 802231772608..4134bdb3a8b0 100644
> --- a/arch/arm64/lib/copy_to_user.S
> +++ b/arch/arm64/lib/copy_to_user.S
> @@ -20,7 +20,7 @@
>   *	x0 - bytes not copied
>   */
>  	.macro ldrb1 reg, ptr, val
> -	ldrb  \reg, [\ptr], \val
> +	USER(9998f, ldrb  \reg, [\ptr], \val)
>  	.endm
>  
>  	.macro strb1 reg, ptr, val
> @@ -28,7 +28,7 @@
>  	.endm
>  
>  	.macro ldrh1 reg, ptr, val
> -	ldrh  \reg, [\ptr], \val
> +	USER(9998f, ldrh  \reg, [\ptr], \val)
>  	.endm
>  
>  	.macro strh1 reg, ptr, val
> @@ -36,7 +36,7 @@
>  	.endm
>  
>  	.macro ldr1 reg, ptr, val
> -	ldr \reg, [\ptr], \val
> +	USER(9998f, ldr \reg, [\ptr], \val)
>  	.endm
>  
>  	.macro str1 reg, ptr, val
> @@ -44,7 +44,7 @@
>  	.endm
>  
>  	.macro ldp1 reg1, reg2, ptr, val
> -	ldp \reg1, \reg2, [\ptr], \val
> +	USER(9998f, ldp \reg1, \reg2, [\ptr], \val)
>  	.endm
>  
>  	.macro stp1 reg1, reg2, ptr, val
> diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
> index c301dcf6335f..8ca8d9639f9f 100644
> --- a/arch/arm64/mm/extable.c
> +++ b/arch/arm64/mm/extable.c
> @@ -86,10 +86,10 @@ bool fixup_exception_mc(struct pt_regs *regs)
>  	if (!ex)
>  		return false;
>  
> -	/*
> -	 * This is not complete, More Machine check safe extable type can
> -	 * be processed here.
> -	 */
> +	switch (ex->type) {
> +	case EX_TYPE_UACCESS_ERR_ZERO:
> +		return ex_handler_uaccess_err_zero(ex, regs);
> +	}

This addition specifically makes sense to me, so can you split this into a separate patch?

Thanks,
Mark.

Re: [PATCH -next v5 7/8] arm64: add uaccess to machine check safe

[Mark Rutland]

On Sat, May 28, 2022 at 06:50:55AM +0000, Tong Tiangen wrote:
> If user access fail due to hardware memory error, only the relevant
> processes are affected, so killing the user process and isolate the
> error page with hardware memory errors is a more reasonable choice
> than kernel panic.
> 
> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>

> ---
>  arch/arm64/lib/copy_from_user.S | 8 ++++----
>  arch/arm64/lib/copy_to_user.S   | 8 ++++----

All of these changes are to the *kernel* accesses performed as part of copy
to/from user, and have nothing to do with userspace, so it does not make sense
to mark these as UACCESS.

Do we *actually* need to recover from failues on these accesses? Looking at
_copy_from_user(), the kernel will immediately follow this up with a memset()
to the same address which will be fatal anyway, so this is only punting the
failure for a few instructions.

If we really need to recover from certain accesses to kernel memory we should
add a new EX_TYPE_KACCESS_ERR_ZERO_MC or similar, but we need a strong
rationale as to why that's useful. As things stand I do not beleive it makes
sense for copy to/from user specifically.

>  arch/arm64/mm/extable.c         | 8 ++++----
>  3 files changed, 12 insertions(+), 12 deletions(-)
> 
> diff --git a/arch/arm64/lib/copy_from_user.S b/arch/arm64/lib/copy_from_user.S
> index 34e317907524..402dd48a4f93 100644
> --- a/arch/arm64/lib/copy_from_user.S
> +++ b/arch/arm64/lib/copy_from_user.S
> @@ -25,7 +25,7 @@
>  	.endm
>  
>  	.macro strb1 reg, ptr, val
> -	strb \reg, [\ptr], \val
> +	USER(9998f, strb \reg, [\ptr], \val)
>  	.endm
>  
>  	.macro ldrh1 reg, ptr, val
> @@ -33,7 +33,7 @@
>  	.endm
>  
>  	.macro strh1 reg, ptr, val
> -	strh \reg, [\ptr], \val
> +	USER(9998f, strh \reg, [\ptr], \val)
>  	.endm
>  
>  	.macro ldr1 reg, ptr, val
> @@ -41,7 +41,7 @@
>  	.endm
>  
>  	.macro str1 reg, ptr, val
> -	str \reg, [\ptr], \val
> +	USER(9998f, str \reg, [\ptr], \val)
>  	.endm
>  
>  	.macro ldp1 reg1, reg2, ptr, val
> @@ -49,7 +49,7 @@
>  	.endm
>  
>  	.macro stp1 reg1, reg2, ptr, val
> -	stp \reg1, \reg2, [\ptr], \val
> +	USER(9998f, stp \reg1, \reg2, [\ptr], \val)
>  	.endm
>  
>  end	.req	x5
> diff --git a/arch/arm64/lib/copy_to_user.S b/arch/arm64/lib/copy_to_user.S
> index 802231772608..4134bdb3a8b0 100644
> --- a/arch/arm64/lib/copy_to_user.S
> +++ b/arch/arm64/lib/copy_to_user.S
> @@ -20,7 +20,7 @@
>   *	x0 - bytes not copied
>   */
>  	.macro ldrb1 reg, ptr, val
> -	ldrb  \reg, [\ptr], \val
> +	USER(9998f, ldrb  \reg, [\ptr], \val)
>  	.endm
>  
>  	.macro strb1 reg, ptr, val
> @@ -28,7 +28,7 @@
>  	.endm
>  
>  	.macro ldrh1 reg, ptr, val
> -	ldrh  \reg, [\ptr], \val
> +	USER(9998f, ldrh  \reg, [\ptr], \val)
>  	.endm
>  
>  	.macro strh1 reg, ptr, val
> @@ -36,7 +36,7 @@
>  	.endm
>  
>  	.macro ldr1 reg, ptr, val
> -	ldr \reg, [\ptr], \val
> +	USER(9998f, ldr \reg, [\ptr], \val)
>  	.endm
>  
>  	.macro str1 reg, ptr, val
> @@ -44,7 +44,7 @@
>  	.endm
>  
>  	.macro ldp1 reg1, reg2, ptr, val
> -	ldp \reg1, \reg2, [\ptr], \val
> +	USER(9998f, ldp \reg1, \reg2, [\ptr], \val)
>  	.endm
>  
>  	.macro stp1 reg1, reg2, ptr, val
> diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
> index c301dcf6335f..8ca8d9639f9f 100644
> --- a/arch/arm64/mm/extable.c
> +++ b/arch/arm64/mm/extable.c
> @@ -86,10 +86,10 @@ bool fixup_exception_mc(struct pt_regs *regs)
>  	if (!ex)
>  		return false;
>  
> -	/*
> -	 * This is not complete, More Machine check safe extable type can
> -	 * be processed here.
> -	 */
> +	switch (ex->type) {
> +	case EX_TYPE_UACCESS_ERR_ZERO:
> +		return ex_handler_uaccess_err_zero(ex, regs);
> +	}

This addition specifically makes sense to me, so can you split this into a separate patch?

Thanks,
Mark.

Re: [PATCH -next v5 7/8] arm64: add uaccess to machine check safe

[Mark Rutland]

On Sat, May 28, 2022 at 06:50:55AM +0000, Tong Tiangen wrote:
> If user access fail due to hardware memory error, only the relevant
> processes are affected, so killing the user process and isolate the
> error page with hardware memory errors is a more reasonable choice
> than kernel panic.
> 
> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>

> ---
>  arch/arm64/lib/copy_from_user.S | 8 ++++----
>  arch/arm64/lib/copy_to_user.S   | 8 ++++----

All of these changes are to the *kernel* accesses performed as part of copy
to/from user, and have nothing to do with userspace, so it does not make sense
to mark these as UACCESS.

Do we *actually* need to recover from failues on these accesses? Looking at
_copy_from_user(), the kernel will immediately follow this up with a memset()
to the same address which will be fatal anyway, so this is only punting the
failure for a few instructions.

If we really need to recover from certain accesses to kernel memory we should
add a new EX_TYPE_KACCESS_ERR_ZERO_MC or similar, but we need a strong
rationale as to why that's useful. As things stand I do not beleive it makes
sense for copy to/from user specifically.

>  arch/arm64/mm/extable.c         | 8 ++++----
>  3 files changed, 12 insertions(+), 12 deletions(-)
> 
> diff --git a/arch/arm64/lib/copy_from_user.S b/arch/arm64/lib/copy_from_user.S
> index 34e317907524..402dd48a4f93 100644
> --- a/arch/arm64/lib/copy_from_user.S
> +++ b/arch/arm64/lib/copy_from_user.S
> @@ -25,7 +25,7 @@
>  	.endm
>  
>  	.macro strb1 reg, ptr, val
> -	strb \reg, [\ptr], \val
> +	USER(9998f, strb \reg, [\ptr], \val)
>  	.endm
>  
>  	.macro ldrh1 reg, ptr, val
> @@ -33,7 +33,7 @@
>  	.endm
>  
>  	.macro strh1 reg, ptr, val
> -	strh \reg, [\ptr], \val
> +	USER(9998f, strh \reg, [\ptr], \val)
>  	.endm
>  
>  	.macro ldr1 reg, ptr, val
> @@ -41,7 +41,7 @@
>  	.endm
>  
>  	.macro str1 reg, ptr, val
> -	str \reg, [\ptr], \val
> +	USER(9998f, str \reg, [\ptr], \val)
>  	.endm
>  
>  	.macro ldp1 reg1, reg2, ptr, val
> @@ -49,7 +49,7 @@
>  	.endm
>  
>  	.macro stp1 reg1, reg2, ptr, val
> -	stp \reg1, \reg2, [\ptr], \val
> +	USER(9998f, stp \reg1, \reg2, [\ptr], \val)
>  	.endm
>  
>  end	.req	x5
> diff --git a/arch/arm64/lib/copy_to_user.S b/arch/arm64/lib/copy_to_user.S
> index 802231772608..4134bdb3a8b0 100644
> --- a/arch/arm64/lib/copy_to_user.S
> +++ b/arch/arm64/lib/copy_to_user.S
> @@ -20,7 +20,7 @@
>   *	x0 - bytes not copied
>   */
>  	.macro ldrb1 reg, ptr, val
> -	ldrb  \reg, [\ptr], \val
> +	USER(9998f, ldrb  \reg, [\ptr], \val)
>  	.endm
>  
>  	.macro strb1 reg, ptr, val
> @@ -28,7 +28,7 @@
>  	.endm
>  
>  	.macro ldrh1 reg, ptr, val
> -	ldrh  \reg, [\ptr], \val
> +	USER(9998f, ldrh  \reg, [\ptr], \val)
>  	.endm
>  
>  	.macro strh1 reg, ptr, val
> @@ -36,7 +36,7 @@
>  	.endm
>  
>  	.macro ldr1 reg, ptr, val
> -	ldr \reg, [\ptr], \val
> +	USER(9998f, ldr \reg, [\ptr], \val)
>  	.endm
>  
>  	.macro str1 reg, ptr, val
> @@ -44,7 +44,7 @@
>  	.endm
>  
>  	.macro ldp1 reg1, reg2, ptr, val
> -	ldp \reg1, \reg2, [\ptr], \val
> +	USER(9998f, ldp \reg1, \reg2, [\ptr], \val)
>  	.endm
>  
>  	.macro stp1 reg1, reg2, ptr, val
> diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
> index c301dcf6335f..8ca8d9639f9f 100644
> --- a/arch/arm64/mm/extable.c
> +++ b/arch/arm64/mm/extable.c
> @@ -86,10 +86,10 @@ bool fixup_exception_mc(struct pt_regs *regs)
>  	if (!ex)
>  		return false;
>  
> -	/*
> -	 * This is not complete, More Machine check safe extable type can
> -	 * be processed here.
> -	 */
> +	switch (ex->type) {
> +	case EX_TYPE_UACCESS_ERR_ZERO:
> +		return ex_handler_uaccess_err_zero(ex, regs);
> +	}

This addition specifically makes sense to me, so can you split this into a separate patch?

Thanks,
Mark.

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH -next v5 1/8] arm64: extable: add new extable type EX_TYPE_KACCESS_ERR_ZERO support

[Tong Tiangen]

在 2022/6/17 16:23, Mark Rutland 写道:
> On Sat, May 28, 2022 at 06:50:49AM +0000, Tong Tiangen wrote:
>> Currently, The extable type EX_TYPE_UACCESS_ERR_ZERO is used by
>> __get/put_kernel_nofault(), but those helpers are not uaccess type, so we
>> add a new extable type EX_TYPE_KACCESS_ERR_ZERO which can be used by
>> __get/put_kernel_no_fault().
>>
>> This is also to prepare for distinguishing the two types in machine check
>> safe process.
>>
>> Suggested-by: Mark Rutland <mark.rutland@arm.com>
>> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
> 
> This looks good to me, so modulo one nit below:
> 
> Acked-by: Mark Rutland <mark.rutland@arm.com>
> 
>> ---
>>   arch/arm64/include/asm/asm-extable.h | 13 ++++
>>   arch/arm64/include/asm/uaccess.h     | 94 ++++++++++++++--------------
>>   arch/arm64/mm/extable.c              |  1 +
>>   3 files changed, 61 insertions(+), 47 deletions(-)
>>
>> diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
>> index c39f2437e08e..56ebe183e78b 100644
>> --- a/arch/arm64/include/asm/asm-extable.h
>> +++ b/arch/arm64/include/asm/asm-extable.h
>> @@ -7,6 +7,7 @@
>>   #define EX_TYPE_BPF			2
>>   #define EX_TYPE_UACCESS_ERR_ZERO	3
>>   #define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	4
>> +#define EX_TYPE_KACCESS_ERR_ZERO	5
> 
> Could we please renumber this so the UACCESS and KACCESS definitions are next
> to one another, i.e.
> 
> #define EX_TYPE_BPF			2
> #define EX_TYPE_UACCESS_ERR_ZERO	3
> #define EX_TYPE_KACCESS_ERR_ZERO	4
> #define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	5
> 
> Thanks,
> Mark.

ok, It's cleaner.

Thanks,
Tong.

> 
>>   
>>   #ifdef __ASSEMBLY__
>>   
>> @@ -73,9 +74,21 @@
>>   			    EX_DATA_REG(ZERO, zero)			\
>>   			  ")")
>>   
>> +#define _ASM_EXTABLE_KACCESS_ERR_ZERO(insn, fixup, err, zero)		\
>> +	__DEFINE_ASM_GPR_NUMS						\
>> +	__ASM_EXTABLE_RAW(#insn, #fixup, 				\
>> +			  __stringify(EX_TYPE_KACCESS_ERR_ZERO),	\
>> +			  "("						\
>> +			    EX_DATA_REG(ERR, err) " | "			\
>> +			    EX_DATA_REG(ZERO, zero)			\
>> +			  ")")
>> +
>>   #define _ASM_EXTABLE_UACCESS_ERR(insn, fixup, err)			\
>>   	_ASM_EXTABLE_UACCESS_ERR_ZERO(insn, fixup, err, wzr)
>>   
>> +#define _ASM_EXTABLE_KACCESS_ERR(insn, fixup, err)			\
>> +	_ASM_EXTABLE_KACCESS_ERR_ZERO(insn, fixup, err, wzr)
>> +
>>   #define EX_DATA_REG_DATA_SHIFT	0
>>   #define EX_DATA_REG_DATA	GENMASK(4, 0)
>>   #define EX_DATA_REG_ADDR_SHIFT	5
>> diff --git a/arch/arm64/include/asm/uaccess.h b/arch/arm64/include/asm/uaccess.h
>> index 63f9c828f1a7..2fc9f0861769 100644
>> --- a/arch/arm64/include/asm/uaccess.h
>> +++ b/arch/arm64/include/asm/uaccess.h
>> @@ -232,34 +232,34 @@ static inline void __user *__uaccess_mask_ptr(const void __user *ptr)
>>    * The "__xxx_error" versions set the third argument to -EFAULT if an error
>>    * occurs, and leave it unchanged on success.
>>    */
>> -#define __get_mem_asm(load, reg, x, addr, err)				\
>> +#define __get_mem_asm(load, reg, x, addr, err, type)			\
>>   	asm volatile(							\
>>   	"1:	" load "	" reg "1, [%2]\n"			\
>>   	"2:\n"								\
>> -	_ASM_EXTABLE_UACCESS_ERR_ZERO(1b, 2b, %w0, %w1)			\
>> +	_ASM_EXTABLE_##type##ACCESS_ERR_ZERO(1b, 2b, %w0, %w1)		\
>>   	: "+r" (err), "=&r" (x)						\
>>   	: "r" (addr))
>>   
>> -#define __raw_get_mem(ldr, x, ptr, err)					\
>> -do {									\
>> -	unsigned long __gu_val;						\
>> -	switch (sizeof(*(ptr))) {					\
>> -	case 1:								\
>> -		__get_mem_asm(ldr "b", "%w", __gu_val, (ptr), (err));	\
>> -		break;							\
>> -	case 2:								\
>> -		__get_mem_asm(ldr "h", "%w", __gu_val, (ptr), (err));	\
>> -		break;							\
>> -	case 4:								\
>> -		__get_mem_asm(ldr, "%w", __gu_val, (ptr), (err));	\
>> -		break;							\
>> -	case 8:								\
>> -		__get_mem_asm(ldr, "%x",  __gu_val, (ptr), (err));	\
>> -		break;							\
>> -	default:							\
>> -		BUILD_BUG();						\
>> -	}								\
>> -	(x) = (__force __typeof__(*(ptr)))__gu_val;			\
>> +#define __raw_get_mem(ldr, x, ptr, err, type)					\
>> +do {										\
>> +	unsigned long __gu_val;							\
>> +	switch (sizeof(*(ptr))) {						\
>> +	case 1:									\
>> +		__get_mem_asm(ldr "b", "%w", __gu_val, (ptr), (err), type);	\
>> +		break;								\
>> +	case 2:									\
>> +		__get_mem_asm(ldr "h", "%w", __gu_val, (ptr), (err), type);	\
>> +		break;								\
>> +	case 4:									\
>> +		__get_mem_asm(ldr, "%w", __gu_val, (ptr), (err), type);		\
>> +		break;								\
>> +	case 8:									\
>> +		__get_mem_asm(ldr, "%x",  __gu_val, (ptr), (err), type);	\
>> +		break;								\
>> +	default:								\
>> +		BUILD_BUG();							\
>> +	}									\
>> +	(x) = (__force __typeof__(*(ptr)))__gu_val;				\
>>   } while (0)
>>   
>>   /*
>> @@ -274,7 +274,7 @@ do {									\
>>   	__chk_user_ptr(ptr);						\
>>   									\
>>   	uaccess_ttbr0_enable();						\
>> -	__raw_get_mem("ldtr", __rgu_val, __rgu_ptr, err);		\
>> +	__raw_get_mem("ldtr", __rgu_val, __rgu_ptr, err, U);		\
>>   	uaccess_ttbr0_disable();					\
>>   									\
>>   	(x) = __rgu_val;						\
>> @@ -314,40 +314,40 @@ do {									\
>>   									\
>>   	__uaccess_enable_tco_async();					\
>>   	__raw_get_mem("ldr", *((type *)(__gkn_dst)),			\
>> -		      (__force type *)(__gkn_src), __gkn_err);		\
>> +		      (__force type *)(__gkn_src), __gkn_err, K);	\
>>   	__uaccess_disable_tco_async();					\
>>   									\
>>   	if (unlikely(__gkn_err))					\
>>   		goto err_label;						\
>>   } while (0)
>>   
>> -#define __put_mem_asm(store, reg, x, addr, err)				\
>> +#define __put_mem_asm(store, reg, x, addr, err, type)			\
>>   	asm volatile(							\
>>   	"1:	" store "	" reg "1, [%2]\n"			\
>>   	"2:\n"								\
>> -	_ASM_EXTABLE_UACCESS_ERR(1b, 2b, %w0)				\
>> +	_ASM_EXTABLE_##type##ACCESS_ERR(1b, 2b, %w0)			\
>>   	: "+r" (err)							\
>>   	: "r" (x), "r" (addr))
>>   
>> -#define __raw_put_mem(str, x, ptr, err)					\
>> -do {									\
>> -	__typeof__(*(ptr)) __pu_val = (x);				\
>> -	switch (sizeof(*(ptr))) {					\
>> -	case 1:								\
>> -		__put_mem_asm(str "b", "%w", __pu_val, (ptr), (err));	\
>> -		break;							\
>> -	case 2:								\
>> -		__put_mem_asm(str "h", "%w", __pu_val, (ptr), (err));	\
>> -		break;							\
>> -	case 4:								\
>> -		__put_mem_asm(str, "%w", __pu_val, (ptr), (err));	\
>> -		break;							\
>> -	case 8:								\
>> -		__put_mem_asm(str, "%x", __pu_val, (ptr), (err));	\
>> -		break;							\
>> -	default:							\
>> -		BUILD_BUG();						\
>> -	}								\
>> +#define __raw_put_mem(str, x, ptr, err, type)					\
>> +do {										\
>> +	__typeof__(*(ptr)) __pu_val = (x);					\
>> +	switch (sizeof(*(ptr))) {						\
>> +	case 1:									\
>> +		__put_mem_asm(str "b", "%w", __pu_val, (ptr), (err), type);	\
>> +		break;								\
>> +	case 2:									\
>> +		__put_mem_asm(str "h", "%w", __pu_val, (ptr), (err), type);	\
>> +		break;								\
>> +	case 4:									\
>> +		__put_mem_asm(str, "%w", __pu_val, (ptr), (err), type);		\
>> +		break;								\
>> +	case 8:									\
>> +		__put_mem_asm(str, "%x", __pu_val, (ptr), (err), type);		\
>> +		break;								\
>> +	default:								\
>> +		BUILD_BUG();							\
>> +	}									\
>>   } while (0)
>>   
>>   /*
>> @@ -362,7 +362,7 @@ do {									\
>>   	__chk_user_ptr(__rpu_ptr);					\
>>   									\
>>   	uaccess_ttbr0_enable();						\
>> -	__raw_put_mem("sttr", __rpu_val, __rpu_ptr, err);		\
>> +	__raw_put_mem("sttr", __rpu_val, __rpu_ptr, err, U);		\
>>   	uaccess_ttbr0_disable();					\
>>   } while (0)
>>   
>> @@ -400,7 +400,7 @@ do {									\
>>   									\
>>   	__uaccess_enable_tco_async();					\
>>   	__raw_put_mem("str", *((type *)(__pkn_src)),			\
>> -		      (__force type *)(__pkn_dst), __pkn_err);		\
>> +		      (__force type *)(__pkn_dst), __pkn_err, K);	\
>>   	__uaccess_disable_tco_async();					\
>>   									\
>>   	if (unlikely(__pkn_err))					\
>> diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
>> index 489455309695..056591e5ca80 100644
>> --- a/arch/arm64/mm/extable.c
>> +++ b/arch/arm64/mm/extable.c
>> @@ -77,6 +77,7 @@ bool fixup_exception(struct pt_regs *regs)
>>   	case EX_TYPE_BPF:
>>   		return ex_handler_bpf(ex, regs);
>>   	case EX_TYPE_UACCESS_ERR_ZERO:
>> +	case EX_TYPE_KACCESS_ERR_ZERO:
>>   		return ex_handler_uaccess_err_zero(ex, regs);
>>   	case EX_TYPE_LOAD_UNALIGNED_ZEROPAD:
>>   		return ex_handler_load_unaligned_zeropad(ex, regs);
>> -- 
>> 2.25.1
>>
> 
> .

Re: [PATCH -next v5 1/8] arm64: extable: add new extable type EX_TYPE_KACCESS_ERR_ZERO support

[Tong Tiangen]

在 2022/6/17 16:23, Mark Rutland 写道:
> On Sat, May 28, 2022 at 06:50:49AM +0000, Tong Tiangen wrote:
>> Currently, The extable type EX_TYPE_UACCESS_ERR_ZERO is used by
>> __get/put_kernel_nofault(), but those helpers are not uaccess type, so we
>> add a new extable type EX_TYPE_KACCESS_ERR_ZERO which can be used by
>> __get/put_kernel_no_fault().
>>
>> This is also to prepare for distinguishing the two types in machine check
>> safe process.
>>
>> Suggested-by: Mark Rutland <mark.rutland@arm.com>
>> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
> 
> This looks good to me, so modulo one nit below:
> 
> Acked-by: Mark Rutland <mark.rutland@arm.com>
> 
>> ---
>>   arch/arm64/include/asm/asm-extable.h | 13 ++++
>>   arch/arm64/include/asm/uaccess.h     | 94 ++++++++++++++--------------
>>   arch/arm64/mm/extable.c              |  1 +
>>   3 files changed, 61 insertions(+), 47 deletions(-)
>>
>> diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
>> index c39f2437e08e..56ebe183e78b 100644
>> --- a/arch/arm64/include/asm/asm-extable.h
>> +++ b/arch/arm64/include/asm/asm-extable.h
>> @@ -7,6 +7,7 @@
>>   #define EX_TYPE_BPF			2
>>   #define EX_TYPE_UACCESS_ERR_ZERO	3
>>   #define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	4
>> +#define EX_TYPE_KACCESS_ERR_ZERO	5
> 
> Could we please renumber this so the UACCESS and KACCESS definitions are next
> to one another, i.e.
> 
> #define EX_TYPE_BPF			2
> #define EX_TYPE_UACCESS_ERR_ZERO	3
> #define EX_TYPE_KACCESS_ERR_ZERO	4
> #define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	5
> 
> Thanks,
> Mark.

ok, It's cleaner.

Thanks,
Tong.

> 
>>   
>>   #ifdef __ASSEMBLY__
>>   
>> @@ -73,9 +74,21 @@
>>   			    EX_DATA_REG(ZERO, zero)			\
>>   			  ")")
>>   
>> +#define _ASM_EXTABLE_KACCESS_ERR_ZERO(insn, fixup, err, zero)		\
>> +	__DEFINE_ASM_GPR_NUMS						\
>> +	__ASM_EXTABLE_RAW(#insn, #fixup, 				\
>> +			  __stringify(EX_TYPE_KACCESS_ERR_ZERO),	\
>> +			  "("						\
>> +			    EX_DATA_REG(ERR, err) " | "			\
>> +			    EX_DATA_REG(ZERO, zero)			\
>> +			  ")")
>> +
>>   #define _ASM_EXTABLE_UACCESS_ERR(insn, fixup, err)			\
>>   	_ASM_EXTABLE_UACCESS_ERR_ZERO(insn, fixup, err, wzr)
>>   
>> +#define _ASM_EXTABLE_KACCESS_ERR(insn, fixup, err)			\
>> +	_ASM_EXTABLE_KACCESS_ERR_ZERO(insn, fixup, err, wzr)
>> +
>>   #define EX_DATA_REG_DATA_SHIFT	0
>>   #define EX_DATA_REG_DATA	GENMASK(4, 0)
>>   #define EX_DATA_REG_ADDR_SHIFT	5
>> diff --git a/arch/arm64/include/asm/uaccess.h b/arch/arm64/include/asm/uaccess.h
>> index 63f9c828f1a7..2fc9f0861769 100644
>> --- a/arch/arm64/include/asm/uaccess.h
>> +++ b/arch/arm64/include/asm/uaccess.h
>> @@ -232,34 +232,34 @@ static inline void __user *__uaccess_mask_ptr(const void __user *ptr)
>>    * The "__xxx_error" versions set the third argument to -EFAULT if an error
>>    * occurs, and leave it unchanged on success.
>>    */
>> -#define __get_mem_asm(load, reg, x, addr, err)				\
>> +#define __get_mem_asm(load, reg, x, addr, err, type)			\
>>   	asm volatile(							\
>>   	"1:	" load "	" reg "1, [%2]\n"			\
>>   	"2:\n"								\
>> -	_ASM_EXTABLE_UACCESS_ERR_ZERO(1b, 2b, %w0, %w1)			\
>> +	_ASM_EXTABLE_##type##ACCESS_ERR_ZERO(1b, 2b, %w0, %w1)		\
>>   	: "+r" (err), "=&r" (x)						\
>>   	: "r" (addr))
>>   
>> -#define __raw_get_mem(ldr, x, ptr, err)					\
>> -do {									\
>> -	unsigned long __gu_val;						\
>> -	switch (sizeof(*(ptr))) {					\
>> -	case 1:								\
>> -		__get_mem_asm(ldr "b", "%w", __gu_val, (ptr), (err));	\
>> -		break;							\
>> -	case 2:								\
>> -		__get_mem_asm(ldr "h", "%w", __gu_val, (ptr), (err));	\
>> -		break;							\
>> -	case 4:								\
>> -		__get_mem_asm(ldr, "%w", __gu_val, (ptr), (err));	\
>> -		break;							\
>> -	case 8:								\
>> -		__get_mem_asm(ldr, "%x",  __gu_val, (ptr), (err));	\
>> -		break;							\
>> -	default:							\
>> -		BUILD_BUG();						\
>> -	}								\
>> -	(x) = (__force __typeof__(*(ptr)))__gu_val;			\
>> +#define __raw_get_mem(ldr, x, ptr, err, type)					\
>> +do {										\
>> +	unsigned long __gu_val;							\
>> +	switch (sizeof(*(ptr))) {						\
>> +	case 1:									\
>> +		__get_mem_asm(ldr "b", "%w", __gu_val, (ptr), (err), type);	\
>> +		break;								\
>> +	case 2:									\
>> +		__get_mem_asm(ldr "h", "%w", __gu_val, (ptr), (err), type);	\
>> +		break;								\
>> +	case 4:									\
>> +		__get_mem_asm(ldr, "%w", __gu_val, (ptr), (err), type);		\
>> +		break;								\
>> +	case 8:									\
>> +		__get_mem_asm(ldr, "%x",  __gu_val, (ptr), (err), type);	\
>> +		break;								\
>> +	default:								\
>> +		BUILD_BUG();							\
>> +	}									\
>> +	(x) = (__force __typeof__(*(ptr)))__gu_val;				\
>>   } while (0)
>>   
>>   /*
>> @@ -274,7 +274,7 @@ do {									\
>>   	__chk_user_ptr(ptr);						\
>>   									\
>>   	uaccess_ttbr0_enable();						\
>> -	__raw_get_mem("ldtr", __rgu_val, __rgu_ptr, err);		\
>> +	__raw_get_mem("ldtr", __rgu_val, __rgu_ptr, err, U);		\
>>   	uaccess_ttbr0_disable();					\
>>   									\
>>   	(x) = __rgu_val;						\
>> @@ -314,40 +314,40 @@ do {									\
>>   									\
>>   	__uaccess_enable_tco_async();					\
>>   	__raw_get_mem("ldr", *((type *)(__gkn_dst)),			\
>> -		      (__force type *)(__gkn_src), __gkn_err);		\
>> +		      (__force type *)(__gkn_src), __gkn_err, K);	\
>>   	__uaccess_disable_tco_async();					\
>>   									\
>>   	if (unlikely(__gkn_err))					\
>>   		goto err_label;						\
>>   } while (0)
>>   
>> -#define __put_mem_asm(store, reg, x, addr, err)				\
>> +#define __put_mem_asm(store, reg, x, addr, err, type)			\
>>   	asm volatile(							\
>>   	"1:	" store "	" reg "1, [%2]\n"			\
>>   	"2:\n"								\
>> -	_ASM_EXTABLE_UACCESS_ERR(1b, 2b, %w0)				\
>> +	_ASM_EXTABLE_##type##ACCESS_ERR(1b, 2b, %w0)			\
>>   	: "+r" (err)							\
>>   	: "r" (x), "r" (addr))
>>   
>> -#define __raw_put_mem(str, x, ptr, err)					\
>> -do {									\
>> -	__typeof__(*(ptr)) __pu_val = (x);				\
>> -	switch (sizeof(*(ptr))) {					\
>> -	case 1:								\
>> -		__put_mem_asm(str "b", "%w", __pu_val, (ptr), (err));	\
>> -		break;							\
>> -	case 2:								\
>> -		__put_mem_asm(str "h", "%w", __pu_val, (ptr), (err));	\
>> -		break;							\
>> -	case 4:								\
>> -		__put_mem_asm(str, "%w", __pu_val, (ptr), (err));	\
>> -		break;							\
>> -	case 8:								\
>> -		__put_mem_asm(str, "%x", __pu_val, (ptr), (err));	\
>> -		break;							\
>> -	default:							\
>> -		BUILD_BUG();						\
>> -	}								\
>> +#define __raw_put_mem(str, x, ptr, err, type)					\
>> +do {										\
>> +	__typeof__(*(ptr)) __pu_val = (x);					\
>> +	switch (sizeof(*(ptr))) {						\
>> +	case 1:									\
>> +		__put_mem_asm(str "b", "%w", __pu_val, (ptr), (err), type);	\
>> +		break;								\
>> +	case 2:									\
>> +		__put_mem_asm(str "h", "%w", __pu_val, (ptr), (err), type);	\
>> +		break;								\
>> +	case 4:									\
>> +		__put_mem_asm(str, "%w", __pu_val, (ptr), (err), type);		\
>> +		break;								\
>> +	case 8:									\
>> +		__put_mem_asm(str, "%x", __pu_val, (ptr), (err), type);		\
>> +		break;								\
>> +	default:								\
>> +		BUILD_BUG();							\
>> +	}									\
>>   } while (0)
>>   
>>   /*
>> @@ -362,7 +362,7 @@ do {									\
>>   	__chk_user_ptr(__rpu_ptr);					\
>>   									\
>>   	uaccess_ttbr0_enable();						\
>> -	__raw_put_mem("sttr", __rpu_val, __rpu_ptr, err);		\
>> +	__raw_put_mem("sttr", __rpu_val, __rpu_ptr, err, U);		\
>>   	uaccess_ttbr0_disable();					\
>>   } while (0)
>>   
>> @@ -400,7 +400,7 @@ do {									\
>>   									\
>>   	__uaccess_enable_tco_async();					\
>>   	__raw_put_mem("str", *((type *)(__pkn_src)),			\
>> -		      (__force type *)(__pkn_dst), __pkn_err);		\
>> +		      (__force type *)(__pkn_dst), __pkn_err, K);	\
>>   	__uaccess_disable_tco_async();					\
>>   									\
>>   	if (unlikely(__pkn_err))					\
>> diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
>> index 489455309695..056591e5ca80 100644
>> --- a/arch/arm64/mm/extable.c
>> +++ b/arch/arm64/mm/extable.c
>> @@ -77,6 +77,7 @@ bool fixup_exception(struct pt_regs *regs)
>>   	case EX_TYPE_BPF:
>>   		return ex_handler_bpf(ex, regs);
>>   	case EX_TYPE_UACCESS_ERR_ZERO:
>> +	case EX_TYPE_KACCESS_ERR_ZERO:
>>   		return ex_handler_uaccess_err_zero(ex, regs);
>>   	case EX_TYPE_LOAD_UNALIGNED_ZEROPAD:
>>   		return ex_handler_load_unaligned_zeropad(ex, regs);
>> -- 
>> 2.25.1
>>
> 
> .

Re: [PATCH -next v5 1/8] arm64: extable: add new extable type EX_TYPE_KACCESS_ERR_ZERO support

[Tong Tiangen]

在 2022/6/17 16:23, Mark Rutland 写道:
> On Sat, May 28, 2022 at 06:50:49AM +0000, Tong Tiangen wrote:
>> Currently, The extable type EX_TYPE_UACCESS_ERR_ZERO is used by
>> __get/put_kernel_nofault(), but those helpers are not uaccess type, so we
>> add a new extable type EX_TYPE_KACCESS_ERR_ZERO which can be used by
>> __get/put_kernel_no_fault().
>>
>> This is also to prepare for distinguishing the two types in machine check
>> safe process.
>>
>> Suggested-by: Mark Rutland <mark.rutland@arm.com>
>> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
> 
> This looks good to me, so modulo one nit below:
> 
> Acked-by: Mark Rutland <mark.rutland@arm.com>
> 
>> ---
>>   arch/arm64/include/asm/asm-extable.h | 13 ++++
>>   arch/arm64/include/asm/uaccess.h     | 94 ++++++++++++++--------------
>>   arch/arm64/mm/extable.c              |  1 +
>>   3 files changed, 61 insertions(+), 47 deletions(-)
>>
>> diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
>> index c39f2437e08e..56ebe183e78b 100644
>> --- a/arch/arm64/include/asm/asm-extable.h
>> +++ b/arch/arm64/include/asm/asm-extable.h
>> @@ -7,6 +7,7 @@
>>   #define EX_TYPE_BPF			2
>>   #define EX_TYPE_UACCESS_ERR_ZERO	3
>>   #define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	4
>> +#define EX_TYPE_KACCESS_ERR_ZERO	5
> 
> Could we please renumber this so the UACCESS and KACCESS definitions are next
> to one another, i.e.
> 
> #define EX_TYPE_BPF			2
> #define EX_TYPE_UACCESS_ERR_ZERO	3
> #define EX_TYPE_KACCESS_ERR_ZERO	4
> #define EX_TYPE_LOAD_UNALIGNED_ZEROPAD	5
> 
> Thanks,
> Mark.

ok, It's cleaner.

Thanks,
Tong.

> 
>>   
>>   #ifdef __ASSEMBLY__
>>   
>> @@ -73,9 +74,21 @@
>>   			    EX_DATA_REG(ZERO, zero)			\
>>   			  ")")
>>   
>> +#define _ASM_EXTABLE_KACCESS_ERR_ZERO(insn, fixup, err, zero)		\
>> +	__DEFINE_ASM_GPR_NUMS						\
>> +	__ASM_EXTABLE_RAW(#insn, #fixup, 				\
>> +			  __stringify(EX_TYPE_KACCESS_ERR_ZERO),	\
>> +			  "("						\
>> +			    EX_DATA_REG(ERR, err) " | "			\
>> +			    EX_DATA_REG(ZERO, zero)			\
>> +			  ")")
>> +
>>   #define _ASM_EXTABLE_UACCESS_ERR(insn, fixup, err)			\
>>   	_ASM_EXTABLE_UACCESS_ERR_ZERO(insn, fixup, err, wzr)
>>   
>> +#define _ASM_EXTABLE_KACCESS_ERR(insn, fixup, err)			\
>> +	_ASM_EXTABLE_KACCESS_ERR_ZERO(insn, fixup, err, wzr)
>> +
>>   #define EX_DATA_REG_DATA_SHIFT	0
>>   #define EX_DATA_REG_DATA	GENMASK(4, 0)
>>   #define EX_DATA_REG_ADDR_SHIFT	5
>> diff --git a/arch/arm64/include/asm/uaccess.h b/arch/arm64/include/asm/uaccess.h
>> index 63f9c828f1a7..2fc9f0861769 100644
>> --- a/arch/arm64/include/asm/uaccess.h
>> +++ b/arch/arm64/include/asm/uaccess.h
>> @@ -232,34 +232,34 @@ static inline void __user *__uaccess_mask_ptr(const void __user *ptr)
>>    * The "__xxx_error" versions set the third argument to -EFAULT if an error
>>    * occurs, and leave it unchanged on success.
>>    */
>> -#define __get_mem_asm(load, reg, x, addr, err)				\
>> +#define __get_mem_asm(load, reg, x, addr, err, type)			\
>>   	asm volatile(							\
>>   	"1:	" load "	" reg "1, [%2]\n"			\
>>   	"2:\n"								\
>> -	_ASM_EXTABLE_UACCESS_ERR_ZERO(1b, 2b, %w0, %w1)			\
>> +	_ASM_EXTABLE_##type##ACCESS_ERR_ZERO(1b, 2b, %w0, %w1)		\
>>   	: "+r" (err), "=&r" (x)						\
>>   	: "r" (addr))
>>   
>> -#define __raw_get_mem(ldr, x, ptr, err)					\
>> -do {									\
>> -	unsigned long __gu_val;						\
>> -	switch (sizeof(*(ptr))) {					\
>> -	case 1:								\
>> -		__get_mem_asm(ldr "b", "%w", __gu_val, (ptr), (err));	\
>> -		break;							\
>> -	case 2:								\
>> -		__get_mem_asm(ldr "h", "%w", __gu_val, (ptr), (err));	\
>> -		break;							\
>> -	case 4:								\
>> -		__get_mem_asm(ldr, "%w", __gu_val, (ptr), (err));	\
>> -		break;							\
>> -	case 8:								\
>> -		__get_mem_asm(ldr, "%x",  __gu_val, (ptr), (err));	\
>> -		break;							\
>> -	default:							\
>> -		BUILD_BUG();						\
>> -	}								\
>> -	(x) = (__force __typeof__(*(ptr)))__gu_val;			\
>> +#define __raw_get_mem(ldr, x, ptr, err, type)					\
>> +do {										\
>> +	unsigned long __gu_val;							\
>> +	switch (sizeof(*(ptr))) {						\
>> +	case 1:									\
>> +		__get_mem_asm(ldr "b", "%w", __gu_val, (ptr), (err), type);	\
>> +		break;								\
>> +	case 2:									\
>> +		__get_mem_asm(ldr "h", "%w", __gu_val, (ptr), (err), type);	\
>> +		break;								\
>> +	case 4:									\
>> +		__get_mem_asm(ldr, "%w", __gu_val, (ptr), (err), type);		\
>> +		break;								\
>> +	case 8:									\
>> +		__get_mem_asm(ldr, "%x",  __gu_val, (ptr), (err), type);	\
>> +		break;								\
>> +	default:								\
>> +		BUILD_BUG();							\
>> +	}									\
>> +	(x) = (__force __typeof__(*(ptr)))__gu_val;				\
>>   } while (0)
>>   
>>   /*
>> @@ -274,7 +274,7 @@ do {									\
>>   	__chk_user_ptr(ptr);						\
>>   									\
>>   	uaccess_ttbr0_enable();						\
>> -	__raw_get_mem("ldtr", __rgu_val, __rgu_ptr, err);		\
>> +	__raw_get_mem("ldtr", __rgu_val, __rgu_ptr, err, U);		\
>>   	uaccess_ttbr0_disable();					\
>>   									\
>>   	(x) = __rgu_val;						\
>> @@ -314,40 +314,40 @@ do {									\
>>   									\
>>   	__uaccess_enable_tco_async();					\
>>   	__raw_get_mem("ldr", *((type *)(__gkn_dst)),			\
>> -		      (__force type *)(__gkn_src), __gkn_err);		\
>> +		      (__force type *)(__gkn_src), __gkn_err, K);	\
>>   	__uaccess_disable_tco_async();					\
>>   									\
>>   	if (unlikely(__gkn_err))					\
>>   		goto err_label;						\
>>   } while (0)
>>   
>> -#define __put_mem_asm(store, reg, x, addr, err)				\
>> +#define __put_mem_asm(store, reg, x, addr, err, type)			\
>>   	asm volatile(							\
>>   	"1:	" store "	" reg "1, [%2]\n"			\
>>   	"2:\n"								\
>> -	_ASM_EXTABLE_UACCESS_ERR(1b, 2b, %w0)				\
>> +	_ASM_EXTABLE_##type##ACCESS_ERR(1b, 2b, %w0)			\
>>   	: "+r" (err)							\
>>   	: "r" (x), "r" (addr))
>>   
>> -#define __raw_put_mem(str, x, ptr, err)					\
>> -do {									\
>> -	__typeof__(*(ptr)) __pu_val = (x);				\
>> -	switch (sizeof(*(ptr))) {					\
>> -	case 1:								\
>> -		__put_mem_asm(str "b", "%w", __pu_val, (ptr), (err));	\
>> -		break;							\
>> -	case 2:								\
>> -		__put_mem_asm(str "h", "%w", __pu_val, (ptr), (err));	\
>> -		break;							\
>> -	case 4:								\
>> -		__put_mem_asm(str, "%w", __pu_val, (ptr), (err));	\
>> -		break;							\
>> -	case 8:								\
>> -		__put_mem_asm(str, "%x", __pu_val, (ptr), (err));	\
>> -		break;							\
>> -	default:							\
>> -		BUILD_BUG();						\
>> -	}								\
>> +#define __raw_put_mem(str, x, ptr, err, type)					\
>> +do {										\
>> +	__typeof__(*(ptr)) __pu_val = (x);					\
>> +	switch (sizeof(*(ptr))) {						\
>> +	case 1:									\
>> +		__put_mem_asm(str "b", "%w", __pu_val, (ptr), (err), type);	\
>> +		break;								\
>> +	case 2:									\
>> +		__put_mem_asm(str "h", "%w", __pu_val, (ptr), (err), type);	\
>> +		break;								\
>> +	case 4:									\
>> +		__put_mem_asm(str, "%w", __pu_val, (ptr), (err), type);		\
>> +		break;								\
>> +	case 8:									\
>> +		__put_mem_asm(str, "%x", __pu_val, (ptr), (err), type);		\
>> +		break;								\
>> +	default:								\
>> +		BUILD_BUG();							\
>> +	}									\
>>   } while (0)
>>   
>>   /*
>> @@ -362,7 +362,7 @@ do {									\
>>   	__chk_user_ptr(__rpu_ptr);					\
>>   									\
>>   	uaccess_ttbr0_enable();						\
>> -	__raw_put_mem("sttr", __rpu_val, __rpu_ptr, err);		\
>> +	__raw_put_mem("sttr", __rpu_val, __rpu_ptr, err, U);		\
>>   	uaccess_ttbr0_disable();					\
>>   } while (0)
>>   
>> @@ -400,7 +400,7 @@ do {									\
>>   									\
>>   	__uaccess_enable_tco_async();					\
>>   	__raw_put_mem("str", *((type *)(__pkn_src)),			\
>> -		      (__force type *)(__pkn_dst), __pkn_err);		\
>> +		      (__force type *)(__pkn_dst), __pkn_err, K);	\
>>   	__uaccess_disable_tco_async();					\
>>   									\
>>   	if (unlikely(__pkn_err))					\
>> diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
>> index 489455309695..056591e5ca80 100644
>> --- a/arch/arm64/mm/extable.c
>> +++ b/arch/arm64/mm/extable.c
>> @@ -77,6 +77,7 @@ bool fixup_exception(struct pt_regs *regs)
>>   	case EX_TYPE_BPF:
>>   		return ex_handler_bpf(ex, regs);
>>   	case EX_TYPE_UACCESS_ERR_ZERO:
>> +	case EX_TYPE_KACCESS_ERR_ZERO:
>>   		return ex_handler_uaccess_err_zero(ex, regs);
>>   	case EX_TYPE_LOAD_UNALIGNED_ZEROPAD:
>>   		return ex_handler_load_unaligned_zeropad(ex, regs);
>> -- 
>> 2.25.1
>>
> 
> .

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Tong Tiangen]

在 2022/6/17 16:24, Mark Rutland 写道:
> On Sat, May 28, 2022 at 06:50:50AM +0000, Tong Tiangen wrote:
>> Currnetly, the extable type used by __arch_copy_from/to_user() is
>> EX_TYPE_FIXUP. In fact, It is more clearly to use meaningful
>> EX_TYPE_UACCESS_*.
>>
>> Suggested-by: Mark Rutland <mark.rutland@arm.com>
>> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
>> ---
>>   arch/arm64/include/asm/asm-extable.h |  8 ++++++++
>>   arch/arm64/include/asm/asm-uaccess.h | 12 ++++++------
>>   2 files changed, 14 insertions(+), 6 deletions(-)
>>
>> diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
>> index 56ebe183e78b..9c94ac1f082c 100644
>> --- a/arch/arm64/include/asm/asm-extable.h
>> +++ b/arch/arm64/include/asm/asm-extable.h
>> @@ -28,6 +28,14 @@
>>   	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
>>   	.endm
>>   
>> +/*
>> + * Create an exception table entry for uaccess `insn`, which will branch to `fixup`
>> + * when an unhandled fault is taken.
>> + * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
>> + */
>> +	.macro          _asm_extable_uaccess, insn, fixup
>> +	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
>> +	.endm
> 
> I'm not too keen on using `~0` here, since that also sets other bits in the
> data field, and its somewhat opaque.
> 
> How painful is it to generate the data fields as with the C version of this
> macro, so that we can pass in wzr explciitly for the two sub-fields?
> 
> Other than that, this looks good to me.
> 
> Thanks,
> Mark.

ok, will fix next version.

Thanks,
Tong.

> 
>>   /*
>>    * Create an exception table entry for `insn` if `fixup` is provided. Otherwise
>>    * do nothing.
>> diff --git a/arch/arm64/include/asm/asm-uaccess.h b/arch/arm64/include/asm/asm-uaccess.h
>> index 0557af834e03..75b211c98dea 100644
>> --- a/arch/arm64/include/asm/asm-uaccess.h
>> +++ b/arch/arm64/include/asm/asm-uaccess.h
>> @@ -61,7 +61,7 @@ alternative_else_nop_endif
>>   
>>   #define USER(l, x...)				\
>>   9999:	x;					\
>> -	_asm_extable	9999b, l
>> +	_asm_extable_uaccess	9999b, l
>>   
>>   /*
>>    * Generate the assembly for LDTR/STTR with exception table entries.
>> @@ -73,8 +73,8 @@ alternative_else_nop_endif
>>   8889:		ldtr	\reg2, [\addr, #8];
>>   		add	\addr, \addr, \post_inc;
>>   
>> -		_asm_extable	8888b,\l;
>> -		_asm_extable	8889b,\l;
>> +		_asm_extable_uaccess	8888b, \l;
>> +		_asm_extable_uaccess	8889b, \l;
>>   	.endm
>>   
>>   	.macro user_stp l, reg1, reg2, addr, post_inc
>> @@ -82,14 +82,14 @@ alternative_else_nop_endif
>>   8889:		sttr	\reg2, [\addr, #8];
>>   		add	\addr, \addr, \post_inc;
>>   
>> -		_asm_extable	8888b,\l;
>> -		_asm_extable	8889b,\l;
>> +		_asm_extable_uaccess	8888b,\l;
>> +		_asm_extable_uaccess	8889b,\l;
>>   	.endm
>>   
>>   	.macro user_ldst l, inst, reg, addr, post_inc
>>   8888:		\inst		\reg, [\addr];
>>   		add		\addr, \addr, \post_inc;
>>   
>> -		_asm_extable	8888b,\l;
>> +		_asm_extable_uaccess	8888b, \l;
>>   	.endm
>>   #endif
>> -- 
>> 2.25.1
>>
> .

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Tong Tiangen]

在 2022/6/17 16:24, Mark Rutland 写道:
> On Sat, May 28, 2022 at 06:50:50AM +0000, Tong Tiangen wrote:
>> Currnetly, the extable type used by __arch_copy_from/to_user() is
>> EX_TYPE_FIXUP. In fact, It is more clearly to use meaningful
>> EX_TYPE_UACCESS_*.
>>
>> Suggested-by: Mark Rutland <mark.rutland@arm.com>
>> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
>> ---
>>   arch/arm64/include/asm/asm-extable.h |  8 ++++++++
>>   arch/arm64/include/asm/asm-uaccess.h | 12 ++++++------
>>   2 files changed, 14 insertions(+), 6 deletions(-)
>>
>> diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
>> index 56ebe183e78b..9c94ac1f082c 100644
>> --- a/arch/arm64/include/asm/asm-extable.h
>> +++ b/arch/arm64/include/asm/asm-extable.h
>> @@ -28,6 +28,14 @@
>>   	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
>>   	.endm
>>   
>> +/*
>> + * Create an exception table entry for uaccess `insn`, which will branch to `fixup`
>> + * when an unhandled fault is taken.
>> + * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
>> + */
>> +	.macro          _asm_extable_uaccess, insn, fixup
>> +	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
>> +	.endm
> 
> I'm not too keen on using `~0` here, since that also sets other bits in the
> data field, and its somewhat opaque.
> 
> How painful is it to generate the data fields as with the C version of this
> macro, so that we can pass in wzr explciitly for the two sub-fields?
> 
> Other than that, this looks good to me.
> 
> Thanks,
> Mark.

ok, will fix next version.

Thanks,
Tong.

> 
>>   /*
>>    * Create an exception table entry for `insn` if `fixup` is provided. Otherwise
>>    * do nothing.
>> diff --git a/arch/arm64/include/asm/asm-uaccess.h b/arch/arm64/include/asm/asm-uaccess.h
>> index 0557af834e03..75b211c98dea 100644
>> --- a/arch/arm64/include/asm/asm-uaccess.h
>> +++ b/arch/arm64/include/asm/asm-uaccess.h
>> @@ -61,7 +61,7 @@ alternative_else_nop_endif
>>   
>>   #define USER(l, x...)				\
>>   9999:	x;					\
>> -	_asm_extable	9999b, l
>> +	_asm_extable_uaccess	9999b, l
>>   
>>   /*
>>    * Generate the assembly for LDTR/STTR with exception table entries.
>> @@ -73,8 +73,8 @@ alternative_else_nop_endif
>>   8889:		ldtr	\reg2, [\addr, #8];
>>   		add	\addr, \addr, \post_inc;
>>   
>> -		_asm_extable	8888b,\l;
>> -		_asm_extable	8889b,\l;
>> +		_asm_extable_uaccess	8888b, \l;
>> +		_asm_extable_uaccess	8889b, \l;
>>   	.endm
>>   
>>   	.macro user_stp l, reg1, reg2, addr, post_inc
>> @@ -82,14 +82,14 @@ alternative_else_nop_endif
>>   8889:		sttr	\reg2, [\addr, #8];
>>   		add	\addr, \addr, \post_inc;
>>   
>> -		_asm_extable	8888b,\l;
>> -		_asm_extable	8889b,\l;
>> +		_asm_extable_uaccess	8888b,\l;
>> +		_asm_extable_uaccess	8889b,\l;
>>   	.endm
>>   
>>   	.macro user_ldst l, inst, reg, addr, post_inc
>>   8888:		\inst		\reg, [\addr];
>>   		add		\addr, \addr, \post_inc;
>>   
>> -		_asm_extable	8888b,\l;
>> +		_asm_extable_uaccess	8888b, \l;
>>   	.endm
>>   #endif
>> -- 
>> 2.25.1
>>
> .

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Tong Tiangen]

在 2022/6/17 16:24, Mark Rutland 写道:
> On Sat, May 28, 2022 at 06:50:50AM +0000, Tong Tiangen wrote:
>> Currnetly, the extable type used by __arch_copy_from/to_user() is
>> EX_TYPE_FIXUP. In fact, It is more clearly to use meaningful
>> EX_TYPE_UACCESS_*.
>>
>> Suggested-by: Mark Rutland <mark.rutland@arm.com>
>> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
>> ---
>>   arch/arm64/include/asm/asm-extable.h |  8 ++++++++
>>   arch/arm64/include/asm/asm-uaccess.h | 12 ++++++------
>>   2 files changed, 14 insertions(+), 6 deletions(-)
>>
>> diff --git a/arch/arm64/include/asm/asm-extable.h b/arch/arm64/include/asm/asm-extable.h
>> index 56ebe183e78b..9c94ac1f082c 100644
>> --- a/arch/arm64/include/asm/asm-extable.h
>> +++ b/arch/arm64/include/asm/asm-extable.h
>> @@ -28,6 +28,14 @@
>>   	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
>>   	.endm
>>   
>> +/*
>> + * Create an exception table entry for uaccess `insn`, which will branch to `fixup`
>> + * when an unhandled fault is taken.
>> + * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
>> + */
>> +	.macro          _asm_extable_uaccess, insn, fixup
>> +	__ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
>> +	.endm
> 
> I'm not too keen on using `~0` here, since that also sets other bits in the
> data field, and its somewhat opaque.
> 
> How painful is it to generate the data fields as with the C version of this
> macro, so that we can pass in wzr explciitly for the two sub-fields?
> 
> Other than that, this looks good to me.
> 
> Thanks,
> Mark.

ok, will fix next version.

Thanks,
Tong.

> 
>>   /*
>>    * Create an exception table entry for `insn` if `fixup` is provided. Otherwise
>>    * do nothing.
>> diff --git a/arch/arm64/include/asm/asm-uaccess.h b/arch/arm64/include/asm/asm-uaccess.h
>> index 0557af834e03..75b211c98dea 100644
>> --- a/arch/arm64/include/asm/asm-uaccess.h
>> +++ b/arch/arm64/include/asm/asm-uaccess.h
>> @@ -61,7 +61,7 @@ alternative_else_nop_endif
>>   
>>   #define USER(l, x...)				\
>>   9999:	x;					\
>> -	_asm_extable	9999b, l
>> +	_asm_extable_uaccess	9999b, l
>>   
>>   /*
>>    * Generate the assembly for LDTR/STTR with exception table entries.
>> @@ -73,8 +73,8 @@ alternative_else_nop_endif
>>   8889:		ldtr	\reg2, [\addr, #8];
>>   		add	\addr, \addr, \post_inc;
>>   
>> -		_asm_extable	8888b,\l;
>> -		_asm_extable	8889b,\l;
>> +		_asm_extable_uaccess	8888b, \l;
>> +		_asm_extable_uaccess	8889b, \l;
>>   	.endm
>>   
>>   	.macro user_stp l, reg1, reg2, addr, post_inc
>> @@ -82,14 +82,14 @@ alternative_else_nop_endif
>>   8889:		sttr	\reg2, [\addr, #8];
>>   		add	\addr, \addr, \post_inc;
>>   
>> -		_asm_extable	8888b,\l;
>> -		_asm_extable	8889b,\l;
>> +		_asm_extable_uaccess	8888b,\l;
>> +		_asm_extable_uaccess	8889b,\l;
>>   	.endm
>>   
>>   	.macro user_ldst l, inst, reg, addr, post_inc
>>   8888:		\inst		\reg, [\addr];
>>   		add		\addr, \addr, \post_inc;
>>   
>> -		_asm_extable	8888b,\l;
>> +		_asm_extable_uaccess	8888b, \l;
>>   	.endm
>>   #endif
>> -- 
>> 2.25.1
>>
> .

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Tong Tiangen]

在 2022/6/18 11:26, Tong Tiangen 写道:
> 
> 
> 在 2022/6/17 16:24, Mark Rutland 写道:
>> On Sat, May 28, 2022 at 06:50:50AM +0000, Tong Tiangen wrote:
>>> Currnetly, the extable type used by __arch_copy_from/to_user() is
>>> EX_TYPE_FIXUP. In fact, It is more clearly to use meaningful
>>> EX_TYPE_UACCESS_*.
>>>
>>> Suggested-by: Mark Rutland <mark.rutland@arm.com>
>>> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
>>> ---
>>>   arch/arm64/include/asm/asm-extable.h |  8 ++++++++
>>>   arch/arm64/include/asm/asm-uaccess.h | 12 ++++++------
>>>   2 files changed, 14 insertions(+), 6 deletions(-)
>>>
>>> diff --git a/arch/arm64/include/asm/asm-extable.h 
>>> b/arch/arm64/include/asm/asm-extable.h
>>> index 56ebe183e78b..9c94ac1f082c 100644
>>> --- a/arch/arm64/include/asm/asm-extable.h
>>> +++ b/arch/arm64/include/asm/asm-extable.h
>>> @@ -28,6 +28,14 @@
>>>       __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
>>>       .endm
>>> +/*
>>> + * Create an exception table entry for uaccess `insn`, which will 
>>> branch to `fixup`
>>> + * when an unhandled fault is taken.
>>> + * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
>>> + */
>>> +    .macro          _asm_extable_uaccess, insn, fixup
>>> +    __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
>>> +    .endm
>>
>> I'm not too keen on using `~0` here, since that also sets other bits 
>> in the
>> data field, and its somewhat opaque.
>>
>> How painful is it to generate the data fields as with the C version of 
>> this
>> macro, so that we can pass in wzr explciitly for the two sub-fields?
>>
>> Other than that, this looks good to me.
>>
>> Thanks,
>> Mark.
> 
> ok, will fix next version.
> 
> Thanks,
> Tong.

I tried to using data filelds as with C version, but here assembly code 
we can not using operator such as << and |, if we use lsl and orr 
instructions, the gpr will be occupied.

So how about using 0x3ff directly here? it means err register and zero 
register both set to x31.

Thanks,
Tong.

> 
>>
>>>   /*
>>>    * Create an exception table entry for `insn` if `fixup` is 
>>> provided. Otherwise
>>>    * do nothing.
>>> diff --git a/arch/arm64/include/asm/asm-uaccess.h 
>>> b/arch/arm64/include/asm/asm-uaccess.h
>>> index 0557af834e03..75b211c98dea 100644
>>> --- a/arch/arm64/include/asm/asm-uaccess.h
>>> +++ b/arch/arm64/include/asm/asm-uaccess.h
>>> @@ -61,7 +61,7 @@ alternative_else_nop_endif
>>>   #define USER(l, x...)                \
>>>   9999:    x;                    \
>>> -    _asm_extable    9999b, l
>>> +    _asm_extable_uaccess    9999b, l
>>>   /*
>>>    * Generate the assembly for LDTR/STTR with exception table entries.
>>> @@ -73,8 +73,8 @@ alternative_else_nop_endif
>>>   8889:        ldtr    \reg2, [\addr, #8];
>>>           add    \addr, \addr, \post_inc;
>>> -        _asm_extable    8888b,\l;
>>> -        _asm_extable    8889b,\l;
>>> +        _asm_extable_uaccess    8888b, \l;
>>> +        _asm_extable_uaccess    8889b, \l;
>>>       .endm
>>>       .macro user_stp l, reg1, reg2, addr, post_inc
>>> @@ -82,14 +82,14 @@ alternative_else_nop_endif
>>>   8889:        sttr    \reg2, [\addr, #8];
>>>           add    \addr, \addr, \post_inc;
>>> -        _asm_extable    8888b,\l;
>>> -        _asm_extable    8889b,\l;
>>> +        _asm_extable_uaccess    8888b,\l;
>>> +        _asm_extable_uaccess    8889b,\l;
>>>       .endm
>>>       .macro user_ldst l, inst, reg, addr, post_inc
>>>   8888:        \inst        \reg, [\addr];
>>>           add        \addr, \addr, \post_inc;
>>> -        _asm_extable    8888b,\l;
>>> +        _asm_extable_uaccess    8888b, \l;
>>>       .endm
>>>   #endif
>>> -- 
>>> 2.25.1
>>>
>> .
> 
> _______________________________________________
> linux-arm-kernel mailing list
> linux-arm-kernel@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Tong Tiangen]

在 2022/6/18 11:26, Tong Tiangen 写道:
> 
> 
> 在 2022/6/17 16:24, Mark Rutland 写道:
>> On Sat, May 28, 2022 at 06:50:50AM +0000, Tong Tiangen wrote:
>>> Currnetly, the extable type used by __arch_copy_from/to_user() is
>>> EX_TYPE_FIXUP. In fact, It is more clearly to use meaningful
>>> EX_TYPE_UACCESS_*.
>>>
>>> Suggested-by: Mark Rutland <mark.rutland@arm.com>
>>> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
>>> ---
>>>   arch/arm64/include/asm/asm-extable.h |  8 ++++++++
>>>   arch/arm64/include/asm/asm-uaccess.h | 12 ++++++------
>>>   2 files changed, 14 insertions(+), 6 deletions(-)
>>>
>>> diff --git a/arch/arm64/include/asm/asm-extable.h 
>>> b/arch/arm64/include/asm/asm-extable.h
>>> index 56ebe183e78b..9c94ac1f082c 100644
>>> --- a/arch/arm64/include/asm/asm-extable.h
>>> +++ b/arch/arm64/include/asm/asm-extable.h
>>> @@ -28,6 +28,14 @@
>>>       __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
>>>       .endm
>>> +/*
>>> + * Create an exception table entry for uaccess `insn`, which will 
>>> branch to `fixup`
>>> + * when an unhandled fault is taken.
>>> + * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
>>> + */
>>> +    .macro          _asm_extable_uaccess, insn, fixup
>>> +    __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
>>> +    .endm
>>
>> I'm not too keen on using `~0` here, since that also sets other bits 
>> in the
>> data field, and its somewhat opaque.
>>
>> How painful is it to generate the data fields as with the C version of 
>> this
>> macro, so that we can pass in wzr explciitly for the two sub-fields?
>>
>> Other than that, this looks good to me.
>>
>> Thanks,
>> Mark.
> 
> ok, will fix next version.
> 
> Thanks,
> Tong.

I tried to using data filelds as with C version, but here assembly code 
we can not using operator such as << and |, if we use lsl and orr 
instructions, the gpr will be occupied.

So how about using 0x3ff directly here? it means err register and zero 
register both set to x31.

Thanks,
Tong.

> 
>>
>>>   /*
>>>    * Create an exception table entry for `insn` if `fixup` is 
>>> provided. Otherwise
>>>    * do nothing.
>>> diff --git a/arch/arm64/include/asm/asm-uaccess.h 
>>> b/arch/arm64/include/asm/asm-uaccess.h
>>> index 0557af834e03..75b211c98dea 100644
>>> --- a/arch/arm64/include/asm/asm-uaccess.h
>>> +++ b/arch/arm64/include/asm/asm-uaccess.h
>>> @@ -61,7 +61,7 @@ alternative_else_nop_endif
>>>   #define USER(l, x...)                \
>>>   9999:    x;                    \
>>> -    _asm_extable    9999b, l
>>> +    _asm_extable_uaccess    9999b, l
>>>   /*
>>>    * Generate the assembly for LDTR/STTR with exception table entries.
>>> @@ -73,8 +73,8 @@ alternative_else_nop_endif
>>>   8889:        ldtr    \reg2, [\addr, #8];
>>>           add    \addr, \addr, \post_inc;
>>> -        _asm_extable    8888b,\l;
>>> -        _asm_extable    8889b,\l;
>>> +        _asm_extable_uaccess    8888b, \l;
>>> +        _asm_extable_uaccess    8889b, \l;
>>>       .endm
>>>       .macro user_stp l, reg1, reg2, addr, post_inc
>>> @@ -82,14 +82,14 @@ alternative_else_nop_endif
>>>   8889:        sttr    \reg2, [\addr, #8];
>>>           add    \addr, \addr, \post_inc;
>>> -        _asm_extable    8888b,\l;
>>> -        _asm_extable    8889b,\l;
>>> +        _asm_extable_uaccess    8888b,\l;
>>> +        _asm_extable_uaccess    8889b,\l;
>>>       .endm
>>>       .macro user_ldst l, inst, reg, addr, post_inc
>>>   8888:        \inst        \reg, [\addr];
>>>           add        \addr, \addr, \post_inc;
>>> -        _asm_extable    8888b,\l;
>>> +        _asm_extable_uaccess    8888b, \l;
>>>       .endm
>>>   #endif
>>> -- 
>>> 2.25.1
>>>
>> .
> 
> _______________________________________________
> linux-arm-kernel mailing list
> linux-arm-kernel@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Tong Tiangen]

在 2022/6/18 11:26, Tong Tiangen 写道:
> 
> 
> 在 2022/6/17 16:24, Mark Rutland 写道:
>> On Sat, May 28, 2022 at 06:50:50AM +0000, Tong Tiangen wrote:
>>> Currnetly, the extable type used by __arch_copy_from/to_user() is
>>> EX_TYPE_FIXUP. In fact, It is more clearly to use meaningful
>>> EX_TYPE_UACCESS_*.
>>>
>>> Suggested-by: Mark Rutland <mark.rutland@arm.com>
>>> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
>>> ---
>>>   arch/arm64/include/asm/asm-extable.h |  8 ++++++++
>>>   arch/arm64/include/asm/asm-uaccess.h | 12 ++++++------
>>>   2 files changed, 14 insertions(+), 6 deletions(-)
>>>
>>> diff --git a/arch/arm64/include/asm/asm-extable.h 
>>> b/arch/arm64/include/asm/asm-extable.h
>>> index 56ebe183e78b..9c94ac1f082c 100644
>>> --- a/arch/arm64/include/asm/asm-extable.h
>>> +++ b/arch/arm64/include/asm/asm-extable.h
>>> @@ -28,6 +28,14 @@
>>>       __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
>>>       .endm
>>> +/*
>>> + * Create an exception table entry for uaccess `insn`, which will 
>>> branch to `fixup`
>>> + * when an unhandled fault is taken.
>>> + * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
>>> + */
>>> +    .macro          _asm_extable_uaccess, insn, fixup
>>> +    __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
>>> +    .endm
>>
>> I'm not too keen on using `~0` here, since that also sets other bits 
>> in the
>> data field, and its somewhat opaque.
>>
>> How painful is it to generate the data fields as with the C version of 
>> this
>> macro, so that we can pass in wzr explciitly for the two sub-fields?
>>
>> Other than that, this looks good to me.
>>
>> Thanks,
>> Mark.
> 
> ok, will fix next version.
> 
> Thanks,
> Tong.

I tried to using data filelds as with C version, but here assembly code 
we can not using operator such as << and |, if we use lsl and orr 
instructions, the gpr will be occupied.

So how about using 0x3ff directly here? it means err register and zero 
register both set to x31.

Thanks,
Tong.

> 
>>
>>>   /*
>>>    * Create an exception table entry for `insn` if `fixup` is 
>>> provided. Otherwise
>>>    * do nothing.
>>> diff --git a/arch/arm64/include/asm/asm-uaccess.h 
>>> b/arch/arm64/include/asm/asm-uaccess.h
>>> index 0557af834e03..75b211c98dea 100644
>>> --- a/arch/arm64/include/asm/asm-uaccess.h
>>> +++ b/arch/arm64/include/asm/asm-uaccess.h
>>> @@ -61,7 +61,7 @@ alternative_else_nop_endif
>>>   #define USER(l, x...)                \
>>>   9999:    x;                    \
>>> -    _asm_extable    9999b, l
>>> +    _asm_extable_uaccess    9999b, l
>>>   /*
>>>    * Generate the assembly for LDTR/STTR with exception table entries.
>>> @@ -73,8 +73,8 @@ alternative_else_nop_endif
>>>   8889:        ldtr    \reg2, [\addr, #8];
>>>           add    \addr, \addr, \post_inc;
>>> -        _asm_extable    8888b,\l;
>>> -        _asm_extable    8889b,\l;
>>> +        _asm_extable_uaccess    8888b, \l;
>>> +        _asm_extable_uaccess    8889b, \l;
>>>       .endm
>>>       .macro user_stp l, reg1, reg2, addr, post_inc
>>> @@ -82,14 +82,14 @@ alternative_else_nop_endif
>>>   8889:        sttr    \reg2, [\addr, #8];
>>>           add    \addr, \addr, \post_inc;
>>> -        _asm_extable    8888b,\l;
>>> -        _asm_extable    8889b,\l;
>>> +        _asm_extable_uaccess    8888b,\l;
>>> +        _asm_extable_uaccess    8889b,\l;
>>>       .endm
>>>       .macro user_ldst l, inst, reg, addr, post_inc
>>>   8888:        \inst        \reg, [\addr];
>>>           add        \addr, \addr, \post_inc;
>>> -        _asm_extable    8888b,\l;
>>> +        _asm_extable_uaccess    8888b, \l;
>>>       .endm
>>>   #endif
>>> -- 
>>> 2.25.1
>>>
>> .
> 
> _______________________________________________
> linux-arm-kernel mailing list
> linux-arm-kernel@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH -next v5 6/8] arm64: add support for machine check error safe

[Tong Tiangen]

在 2022/6/17 16:55, Mark Rutland 写道:
> On Sat, May 28, 2022 at 06:50:54AM +0000, Tong Tiangen wrote:
>> During the processing of arm64 kernel hardware memory errors(do_sea()), if
>> the errors is consumed in the kernel, the current processing is panic.
>> However, it is not optimal.
>>
>> Take uaccess for example, if the uaccess operation fails due to memory
>> error, only the user process will be affected, kill the user process
>> and isolate the user page with hardware memory errors is a better choice.
>>
>> This patch only enable machine error check framework, it add exception
>> fixup before kernel panic in do_sea() and only limit the consumption of
>> hardware memory errors in kernel mode triggered by user mode processes.
>> If fixup successful, panic can be avoided.
>>
>> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
>> ---
>>   arch/arm64/Kconfig               |  1 +
>>   arch/arm64/include/asm/extable.h |  1 +
>>   arch/arm64/mm/extable.c          | 17 +++++++++++++++++
>>   arch/arm64/mm/fault.c            | 27 ++++++++++++++++++++++++++-
>>   4 files changed, 45 insertions(+), 1 deletion(-)
>>
>> diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
>> index aaeb70358979..a3b12ff0cd7f 100644
>> --- a/arch/arm64/Kconfig
>> +++ b/arch/arm64/Kconfig
>> @@ -19,6 +19,7 @@ config ARM64
>>   	select ARCH_ENABLE_SPLIT_PMD_PTLOCK if PGTABLE_LEVELS > 2
>>   	select ARCH_ENABLE_THP_MIGRATION if TRANSPARENT_HUGEPAGE
>>   	select ARCH_HAS_CACHE_LINE_SIZE
>> +	select ARCH_HAS_COPY_MC if ACPI_APEI_GHES
>>   	select ARCH_HAS_CURRENT_STACK_POINTER
>>   	select ARCH_HAS_DEBUG_VIRTUAL
>>   	select ARCH_HAS_DEBUG_VM_PGTABLE
>> diff --git a/arch/arm64/include/asm/extable.h b/arch/arm64/include/asm/extable.h
>> index 72b0e71cc3de..f80ebd0addfd 100644
>> --- a/arch/arm64/include/asm/extable.h
>> +++ b/arch/arm64/include/asm/extable.h
>> @@ -46,4 +46,5 @@ bool ex_handler_bpf(const struct exception_table_entry *ex,
>>   #endif /* !CONFIG_BPF_JIT */
>>   
>>   bool fixup_exception(struct pt_regs *regs);
>> +bool fixup_exception_mc(struct pt_regs *regs);
>>   #endif
>> diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
>> index 228d681a8715..c301dcf6335f 100644
>> --- a/arch/arm64/mm/extable.c
>> +++ b/arch/arm64/mm/extable.c
>> @@ -9,6 +9,7 @@
>>   
>>   #include <asm/asm-extable.h>
>>   #include <asm/ptrace.h>
>> +#include <asm/esr.h>
>>   
>>   static inline unsigned long
>>   get_ex_fixup(const struct exception_table_entry *ex)
>> @@ -76,3 +77,19 @@ bool fixup_exception(struct pt_regs *regs)
>>   
>>   	BUG();
>>   }
>> +
>> +bool fixup_exception_mc(struct pt_regs *regs)
>> +{
>> +	const struct exception_table_entry *ex;
>> +
>> +	ex = search_exception_tables(instruction_pointer(regs));
>> +	if (!ex)
>> +		return false;
>> +
>> +	/*
>> +	 * This is not complete, More Machine check safe extable type can
>> +	 * be processed here.
>> +	 */
>> +
>> +	return false;
>> +}
>> diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c
>> index c5e11768e5c1..b262bd282a89 100644
>> --- a/arch/arm64/mm/fault.c
>> +++ b/arch/arm64/mm/fault.c
>> @@ -696,6 +696,29 @@ static int do_bad(unsigned long far, unsigned long esr, struct pt_regs *regs)
>>   	return 1; /* "fault" */
>>   }
>>   
>> +static bool arm64_do_kernel_sea(unsigned long addr, unsigned int esr,
>> +				     struct pt_regs *regs, int sig, int code)
>> +{
>> +	if (!IS_ENABLED(CONFIG_ARCH_HAS_COPY_MC))
>> +		return false;
>> +
>> +	if (user_mode(regs) || !current->mm)
>> +		return false;
> 
> What's the `!current->mm` check for?

At first, I considered that only user processes have the opportunity to 
recover when they trigger memory error.

But it seems that this restriction is unreasonable. When the kernel 
thread triggers memory error, it can also be recovered. for instance:

https://lore.kernel.org/linux-mm/20220527190731.322722-1-jiaqiyan@google.com/

And i think if(!current->mm) shoud be added below:

if(!current->mm) {
	set_thread_esr(0, esr);
	arm64_force_sig_fault(...);
}
return true;

> 
>> +
>> +	if (apei_claim_sea(regs) < 0)
>> +		return false;
>> +
>> +	if (!fixup_exception_mc(regs))
>> +		return false;
> 
> I thought we still wanted to signal the task in this case? Or do you expect to
> add that into `fixup_exception_mc()` ?

Yeah, here return false and will signal to task in do_sea() -> 
arm64_notify_die().

> 
>> +
>> +	set_thread_esr(0, esr);
> 
> Why are we not setting the address? Is that deliberate, or an oversight?

Here set fault_address to 0, i refer to the logic of arm64_notify_die().

void arm64_notify_die(...)
{
          if (user_mode(regs)) {
                  WARN_ON(regs != current_pt_regs());
                  current->thread.fault_address = 0;
                  current->thread.fault_code = err;

                  arm64_force_sig_fault(signo, sicode, far, str);
          } else {
                  die(str, regs, err);
          }
}

I don't know exactly why and do you know why arm64_notify_die() did this? :)

> 
>> +
>> +	arm64_force_sig_fault(sig, code, addr,
>> +		"Uncorrected hardware memory error in kernel-access\n");
> 
> I think the wording here is misleading since we don't expect to recover from
> accesses to kernel memory, and would be better as something like:
> 
> 	"Uncorrected memory error on access to user memory\n"

OK, agreed.

Thanks,
Tong.

> 
> Thanks,
> Mark.
> 
>> +
>> +	return true;
>> +}
>> +
>>   static int do_sea(unsigned long far, unsigned long esr, struct pt_regs *regs)
>>   {
>>   	const struct fault_info *inf;
>> @@ -721,7 +744,9 @@ static int do_sea(unsigned long far, unsigned long esr, struct pt_regs *regs)
>>   		 */
>>   		siaddr  = untagged_addr(far);
>>   	}
>> -	arm64_notify_die(inf->name, regs, inf->sig, inf->code, siaddr, esr);
>> +
>> +	if (!arm64_do_kernel_sea(siaddr, esr, regs, inf->sig, inf->code))
>> +		arm64_notify_die(inf->name, regs, inf->sig, inf->code, siaddr, esr);
>>   
>>   	return 0;
>>   }
>> -- 
>> 2.25.1
>>
> 
> .

Re: [PATCH -next v5 6/8] arm64: add support for machine check error safe

[Tong Tiangen]

在 2022/6/17 16:55, Mark Rutland 写道:
> On Sat, May 28, 2022 at 06:50:54AM +0000, Tong Tiangen wrote:
>> During the processing of arm64 kernel hardware memory errors(do_sea()), if
>> the errors is consumed in the kernel, the current processing is panic.
>> However, it is not optimal.
>>
>> Take uaccess for example, if the uaccess operation fails due to memory
>> error, only the user process will be affected, kill the user process
>> and isolate the user page with hardware memory errors is a better choice.
>>
>> This patch only enable machine error check framework, it add exception
>> fixup before kernel panic in do_sea() and only limit the consumption of
>> hardware memory errors in kernel mode triggered by user mode processes.
>> If fixup successful, panic can be avoided.
>>
>> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
>> ---
>>   arch/arm64/Kconfig               |  1 +
>>   arch/arm64/include/asm/extable.h |  1 +
>>   arch/arm64/mm/extable.c          | 17 +++++++++++++++++
>>   arch/arm64/mm/fault.c            | 27 ++++++++++++++++++++++++++-
>>   4 files changed, 45 insertions(+), 1 deletion(-)
>>
>> diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
>> index aaeb70358979..a3b12ff0cd7f 100644
>> --- a/arch/arm64/Kconfig
>> +++ b/arch/arm64/Kconfig
>> @@ -19,6 +19,7 @@ config ARM64
>>   	select ARCH_ENABLE_SPLIT_PMD_PTLOCK if PGTABLE_LEVELS > 2
>>   	select ARCH_ENABLE_THP_MIGRATION if TRANSPARENT_HUGEPAGE
>>   	select ARCH_HAS_CACHE_LINE_SIZE
>> +	select ARCH_HAS_COPY_MC if ACPI_APEI_GHES
>>   	select ARCH_HAS_CURRENT_STACK_POINTER
>>   	select ARCH_HAS_DEBUG_VIRTUAL
>>   	select ARCH_HAS_DEBUG_VM_PGTABLE
>> diff --git a/arch/arm64/include/asm/extable.h b/arch/arm64/include/asm/extable.h
>> index 72b0e71cc3de..f80ebd0addfd 100644
>> --- a/arch/arm64/include/asm/extable.h
>> +++ b/arch/arm64/include/asm/extable.h
>> @@ -46,4 +46,5 @@ bool ex_handler_bpf(const struct exception_table_entry *ex,
>>   #endif /* !CONFIG_BPF_JIT */
>>   
>>   bool fixup_exception(struct pt_regs *regs);
>> +bool fixup_exception_mc(struct pt_regs *regs);
>>   #endif
>> diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
>> index 228d681a8715..c301dcf6335f 100644
>> --- a/arch/arm64/mm/extable.c
>> +++ b/arch/arm64/mm/extable.c
>> @@ -9,6 +9,7 @@
>>   
>>   #include <asm/asm-extable.h>
>>   #include <asm/ptrace.h>
>> +#include <asm/esr.h>
>>   
>>   static inline unsigned long
>>   get_ex_fixup(const struct exception_table_entry *ex)
>> @@ -76,3 +77,19 @@ bool fixup_exception(struct pt_regs *regs)
>>   
>>   	BUG();
>>   }
>> +
>> +bool fixup_exception_mc(struct pt_regs *regs)
>> +{
>> +	const struct exception_table_entry *ex;
>> +
>> +	ex = search_exception_tables(instruction_pointer(regs));
>> +	if (!ex)
>> +		return false;
>> +
>> +	/*
>> +	 * This is not complete, More Machine check safe extable type can
>> +	 * be processed here.
>> +	 */
>> +
>> +	return false;
>> +}
>> diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c
>> index c5e11768e5c1..b262bd282a89 100644
>> --- a/arch/arm64/mm/fault.c
>> +++ b/arch/arm64/mm/fault.c
>> @@ -696,6 +696,29 @@ static int do_bad(unsigned long far, unsigned long esr, struct pt_regs *regs)
>>   	return 1; /* "fault" */
>>   }
>>   
>> +static bool arm64_do_kernel_sea(unsigned long addr, unsigned int esr,
>> +				     struct pt_regs *regs, int sig, int code)
>> +{
>> +	if (!IS_ENABLED(CONFIG_ARCH_HAS_COPY_MC))
>> +		return false;
>> +
>> +	if (user_mode(regs) || !current->mm)
>> +		return false;
> 
> What's the `!current->mm` check for?

At first, I considered that only user processes have the opportunity to 
recover when they trigger memory error.

But it seems that this restriction is unreasonable. When the kernel 
thread triggers memory error, it can also be recovered. for instance:

https://lore.kernel.org/linux-mm/20220527190731.322722-1-jiaqiyan@google.com/

And i think if(!current->mm) shoud be added below:

if(!current->mm) {
	set_thread_esr(0, esr);
	arm64_force_sig_fault(...);
}
return true;

> 
>> +
>> +	if (apei_claim_sea(regs) < 0)
>> +		return false;
>> +
>> +	if (!fixup_exception_mc(regs))
>> +		return false;
> 
> I thought we still wanted to signal the task in this case? Or do you expect to
> add that into `fixup_exception_mc()` ?

Yeah, here return false and will signal to task in do_sea() -> 
arm64_notify_die().

> 
>> +
>> +	set_thread_esr(0, esr);
> 
> Why are we not setting the address? Is that deliberate, or an oversight?

Here set fault_address to 0, i refer to the logic of arm64_notify_die().

void arm64_notify_die(...)
{
          if (user_mode(regs)) {
                  WARN_ON(regs != current_pt_regs());
                  current->thread.fault_address = 0;
                  current->thread.fault_code = err;

                  arm64_force_sig_fault(signo, sicode, far, str);
          } else {
                  die(str, regs, err);
          }
}

I don't know exactly why and do you know why arm64_notify_die() did this? :)

> 
>> +
>> +	arm64_force_sig_fault(sig, code, addr,
>> +		"Uncorrected hardware memory error in kernel-access\n");
> 
> I think the wording here is misleading since we don't expect to recover from
> accesses to kernel memory, and would be better as something like:
> 
> 	"Uncorrected memory error on access to user memory\n"

OK, agreed.

Thanks,
Tong.

> 
> Thanks,
> Mark.
> 
>> +
>> +	return true;
>> +}
>> +
>>   static int do_sea(unsigned long far, unsigned long esr, struct pt_regs *regs)
>>   {
>>   	const struct fault_info *inf;
>> @@ -721,7 +744,9 @@ static int do_sea(unsigned long far, unsigned long esr, struct pt_regs *regs)
>>   		 */
>>   		siaddr  = untagged_addr(far);
>>   	}
>> -	arm64_notify_die(inf->name, regs, inf->sig, inf->code, siaddr, esr);
>> +
>> +	if (!arm64_do_kernel_sea(siaddr, esr, regs, inf->sig, inf->code))
>> +		arm64_notify_die(inf->name, regs, inf->sig, inf->code, siaddr, esr);
>>   
>>   	return 0;
>>   }
>> -- 
>> 2.25.1
>>
> 
> .

Re: [PATCH -next v5 6/8] arm64: add support for machine check error safe

[Tong Tiangen]

在 2022/6/17 16:55, Mark Rutland 写道:
> On Sat, May 28, 2022 at 06:50:54AM +0000, Tong Tiangen wrote:
>> During the processing of arm64 kernel hardware memory errors(do_sea()), if
>> the errors is consumed in the kernel, the current processing is panic.
>> However, it is not optimal.
>>
>> Take uaccess for example, if the uaccess operation fails due to memory
>> error, only the user process will be affected, kill the user process
>> and isolate the user page with hardware memory errors is a better choice.
>>
>> This patch only enable machine error check framework, it add exception
>> fixup before kernel panic in do_sea() and only limit the consumption of
>> hardware memory errors in kernel mode triggered by user mode processes.
>> If fixup successful, panic can be avoided.
>>
>> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
>> ---
>>   arch/arm64/Kconfig               |  1 +
>>   arch/arm64/include/asm/extable.h |  1 +
>>   arch/arm64/mm/extable.c          | 17 +++++++++++++++++
>>   arch/arm64/mm/fault.c            | 27 ++++++++++++++++++++++++++-
>>   4 files changed, 45 insertions(+), 1 deletion(-)
>>
>> diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
>> index aaeb70358979..a3b12ff0cd7f 100644
>> --- a/arch/arm64/Kconfig
>> +++ b/arch/arm64/Kconfig
>> @@ -19,6 +19,7 @@ config ARM64
>>   	select ARCH_ENABLE_SPLIT_PMD_PTLOCK if PGTABLE_LEVELS > 2
>>   	select ARCH_ENABLE_THP_MIGRATION if TRANSPARENT_HUGEPAGE
>>   	select ARCH_HAS_CACHE_LINE_SIZE
>> +	select ARCH_HAS_COPY_MC if ACPI_APEI_GHES
>>   	select ARCH_HAS_CURRENT_STACK_POINTER
>>   	select ARCH_HAS_DEBUG_VIRTUAL
>>   	select ARCH_HAS_DEBUG_VM_PGTABLE
>> diff --git a/arch/arm64/include/asm/extable.h b/arch/arm64/include/asm/extable.h
>> index 72b0e71cc3de..f80ebd0addfd 100644
>> --- a/arch/arm64/include/asm/extable.h
>> +++ b/arch/arm64/include/asm/extable.h
>> @@ -46,4 +46,5 @@ bool ex_handler_bpf(const struct exception_table_entry *ex,
>>   #endif /* !CONFIG_BPF_JIT */
>>   
>>   bool fixup_exception(struct pt_regs *regs);
>> +bool fixup_exception_mc(struct pt_regs *regs);
>>   #endif
>> diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
>> index 228d681a8715..c301dcf6335f 100644
>> --- a/arch/arm64/mm/extable.c
>> +++ b/arch/arm64/mm/extable.c
>> @@ -9,6 +9,7 @@
>>   
>>   #include <asm/asm-extable.h>
>>   #include <asm/ptrace.h>
>> +#include <asm/esr.h>
>>   
>>   static inline unsigned long
>>   get_ex_fixup(const struct exception_table_entry *ex)
>> @@ -76,3 +77,19 @@ bool fixup_exception(struct pt_regs *regs)
>>   
>>   	BUG();
>>   }
>> +
>> +bool fixup_exception_mc(struct pt_regs *regs)
>> +{
>> +	const struct exception_table_entry *ex;
>> +
>> +	ex = search_exception_tables(instruction_pointer(regs));
>> +	if (!ex)
>> +		return false;
>> +
>> +	/*
>> +	 * This is not complete, More Machine check safe extable type can
>> +	 * be processed here.
>> +	 */
>> +
>> +	return false;
>> +}
>> diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c
>> index c5e11768e5c1..b262bd282a89 100644
>> --- a/arch/arm64/mm/fault.c
>> +++ b/arch/arm64/mm/fault.c
>> @@ -696,6 +696,29 @@ static int do_bad(unsigned long far, unsigned long esr, struct pt_regs *regs)
>>   	return 1; /* "fault" */
>>   }
>>   
>> +static bool arm64_do_kernel_sea(unsigned long addr, unsigned int esr,
>> +				     struct pt_regs *regs, int sig, int code)
>> +{
>> +	if (!IS_ENABLED(CONFIG_ARCH_HAS_COPY_MC))
>> +		return false;
>> +
>> +	if (user_mode(regs) || !current->mm)
>> +		return false;
> 
> What's the `!current->mm` check for?

At first, I considered that only user processes have the opportunity to 
recover when they trigger memory error.

But it seems that this restriction is unreasonable. When the kernel 
thread triggers memory error, it can also be recovered. for instance:

https://lore.kernel.org/linux-mm/20220527190731.322722-1-jiaqiyan@google.com/

And i think if(!current->mm) shoud be added below:

if(!current->mm) {
	set_thread_esr(0, esr);
	arm64_force_sig_fault(...);
}
return true;

> 
>> +
>> +	if (apei_claim_sea(regs) < 0)
>> +		return false;
>> +
>> +	if (!fixup_exception_mc(regs))
>> +		return false;
> 
> I thought we still wanted to signal the task in this case? Or do you expect to
> add that into `fixup_exception_mc()` ?

Yeah, here return false and will signal to task in do_sea() -> 
arm64_notify_die().

> 
>> +
>> +	set_thread_esr(0, esr);
> 
> Why are we not setting the address? Is that deliberate, or an oversight?

Here set fault_address to 0, i refer to the logic of arm64_notify_die().

void arm64_notify_die(...)
{
          if (user_mode(regs)) {
                  WARN_ON(regs != current_pt_regs());
                  current->thread.fault_address = 0;
                  current->thread.fault_code = err;

                  arm64_force_sig_fault(signo, sicode, far, str);
          } else {
                  die(str, regs, err);
          }
}

I don't know exactly why and do you know why arm64_notify_die() did this? :)

> 
>> +
>> +	arm64_force_sig_fault(sig, code, addr,
>> +		"Uncorrected hardware memory error in kernel-access\n");
> 
> I think the wording here is misleading since we don't expect to recover from
> accesses to kernel memory, and would be better as something like:
> 
> 	"Uncorrected memory error on access to user memory\n"

OK, agreed.

Thanks,
Tong.

> 
> Thanks,
> Mark.
> 
>> +
>> +	return true;
>> +}
>> +
>>   static int do_sea(unsigned long far, unsigned long esr, struct pt_regs *regs)
>>   {
>>   	const struct fault_info *inf;
>> @@ -721,7 +744,9 @@ static int do_sea(unsigned long far, unsigned long esr, struct pt_regs *regs)
>>   		 */
>>   		siaddr  = untagged_addr(far);
>>   	}
>> -	arm64_notify_die(inf->name, regs, inf->sig, inf->code, siaddr, esr);
>> +
>> +	if (!arm64_do_kernel_sea(siaddr, esr, regs, inf->sig, inf->code))
>> +		arm64_notify_die(inf->name, regs, inf->sig, inf->code, siaddr, esr);
>>   
>>   	return 0;
>>   }
>> -- 
>> 2.25.1
>>
> 
> .

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH -next v5 7/8] arm64: add uaccess to machine check safe

[Tong Tiangen]

在 2022/6/17 17:06, Mark Rutland 写道:
> On Sat, May 28, 2022 at 06:50:55AM +0000, Tong Tiangen wrote:
>> If user access fail due to hardware memory error, only the relevant
>> processes are affected, so killing the user process and isolate the
>> error page with hardware memory errors is a more reasonable choice
>> than kernel panic.
>>
>> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
> 
>> ---
>>   arch/arm64/lib/copy_from_user.S | 8 ++++----
>>   arch/arm64/lib/copy_to_user.S   | 8 ++++----
> 
> All of these changes are to the *kernel* accesses performed as part of copy
> to/from user, and have nothing to do with userspace, so it does not make sense
> to mark these as UACCESS.

You have a point. so there is no need to modify copy_from/to_user.S in 
this patch set.

> 
> Do we *actually* need to recover from failues on these accesses? Looking at
> _copy_from_user(), the kernel will immediately follow this up with a memset()
> to the same address which will be fatal anyway, so this is only punting the
> failure for a few instructions.

If recovery success, The task will be killed and there will be no 
subsequent memset().

> 
> If we really need to recover from certain accesses to kernel memory we should
> add a new EX_TYPE_KACCESS_ERR_ZERO_MC or similar, but we need a strong
> rationale as to why that's useful. As things stand I do not beleive it makes
> sense for copy to/from user specifically.
> 
>>   arch/arm64/mm/extable.c         | 8 ++++----
>>   3 files changed, 12 insertions(+), 12 deletions(-)
>>
>> diff --git a/arch/arm64/lib/copy_from_user.S b/arch/arm64/lib/copy_from_user.S
>> index 34e317907524..402dd48a4f93 100644
>> --- a/arch/arm64/lib/copy_from_user.S
>> +++ b/arch/arm64/lib/copy_from_user.S
>> @@ -25,7 +25,7 @@
>>   	.endm
>>   
>>   	.macro strb1 reg, ptr, val
>> -	strb \reg, [\ptr], \val
>> +	USER(9998f, strb \reg, [\ptr], \val)
>>   	.endm
>>   
>>   	.macro ldrh1 reg, ptr, val
>> @@ -33,7 +33,7 @@
>>   	.endm
>>   
>>   	.macro strh1 reg, ptr, val
>> -	strh \reg, [\ptr], \val
>> +	USER(9998f, strh \reg, [\ptr], \val)
>>   	.endm
>>   
>>   	.macro ldr1 reg, ptr, val
>> @@ -41,7 +41,7 @@
>>   	.endm
>>   
>>   	.macro str1 reg, ptr, val
>> -	str \reg, [\ptr], \val
>> +	USER(9998f, str \reg, [\ptr], \val)
>>   	.endm
>>   
>>   	.macro ldp1 reg1, reg2, ptr, val
>> @@ -49,7 +49,7 @@
>>   	.endm
>>   
>>   	.macro stp1 reg1, reg2, ptr, val
>> -	stp \reg1, \reg2, [\ptr], \val
>> +	USER(9998f, stp \reg1, \reg2, [\ptr], \val)
>>   	.endm
>>   
>>   end	.req	x5
>> diff --git a/arch/arm64/lib/copy_to_user.S b/arch/arm64/lib/copy_to_user.S
>> index 802231772608..4134bdb3a8b0 100644
>> --- a/arch/arm64/lib/copy_to_user.S
>> +++ b/arch/arm64/lib/copy_to_user.S
>> @@ -20,7 +20,7 @@
>>    *	x0 - bytes not copied
>>    */
>>   	.macro ldrb1 reg, ptr, val
>> -	ldrb  \reg, [\ptr], \val
>> +	USER(9998f, ldrb  \reg, [\ptr], \val)
>>   	.endm
>>   
>>   	.macro strb1 reg, ptr, val
>> @@ -28,7 +28,7 @@
>>   	.endm
>>   
>>   	.macro ldrh1 reg, ptr, val
>> -	ldrh  \reg, [\ptr], \val
>> +	USER(9998f, ldrh  \reg, [\ptr], \val)
>>   	.endm
>>   
>>   	.macro strh1 reg, ptr, val
>> @@ -36,7 +36,7 @@
>>   	.endm
>>   
>>   	.macro ldr1 reg, ptr, val
>> -	ldr \reg, [\ptr], \val
>> +	USER(9998f, ldr \reg, [\ptr], \val)
>>   	.endm
>>   
>>   	.macro str1 reg, ptr, val
>> @@ -44,7 +44,7 @@
>>   	.endm
>>   
>>   	.macro ldp1 reg1, reg2, ptr, val
>> -	ldp \reg1, \reg2, [\ptr], \val
>> +	USER(9998f, ldp \reg1, \reg2, [\ptr], \val)
>>   	.endm
>>   
>>   	.macro stp1 reg1, reg2, ptr, val
>> diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
>> index c301dcf6335f..8ca8d9639f9f 100644
>> --- a/arch/arm64/mm/extable.c
>> +++ b/arch/arm64/mm/extable.c
>> @@ -86,10 +86,10 @@ bool fixup_exception_mc(struct pt_regs *regs)
>>   	if (!ex)
>>   		return false;
>>   
>> -	/*
>> -	 * This is not complete, More Machine check safe extable type can
>> -	 * be processed here.
>> -	 */
>> +	switch (ex->type) {
>> +	case EX_TYPE_UACCESS_ERR_ZERO:
>> +		return ex_handler_uaccess_err_zero(ex, regs);
>> +	}
> 
> This addition specifically makes sense to me, so can you split this into a separate patch?

According to my understanding of the above, only the modification of 
extable.c is retained.

So what do you mean which part is made into a separate patch?

Thanks,
Tong.
> 
> Thanks,
> Mark.
> 
> .

Re: [PATCH -next v5 7/8] arm64: add uaccess to machine check safe

[Tong Tiangen]

在 2022/6/17 17:06, Mark Rutland 写道:
> On Sat, May 28, 2022 at 06:50:55AM +0000, Tong Tiangen wrote:
>> If user access fail due to hardware memory error, only the relevant
>> processes are affected, so killing the user process and isolate the
>> error page with hardware memory errors is a more reasonable choice
>> than kernel panic.
>>
>> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
> 
>> ---
>>   arch/arm64/lib/copy_from_user.S | 8 ++++----
>>   arch/arm64/lib/copy_to_user.S   | 8 ++++----
> 
> All of these changes are to the *kernel* accesses performed as part of copy
> to/from user, and have nothing to do with userspace, so it does not make sense
> to mark these as UACCESS.

You have a point. so there is no need to modify copy_from/to_user.S in 
this patch set.

> 
> Do we *actually* need to recover from failues on these accesses? Looking at
> _copy_from_user(), the kernel will immediately follow this up with a memset()
> to the same address which will be fatal anyway, so this is only punting the
> failure for a few instructions.

If recovery success, The task will be killed and there will be no 
subsequent memset().

> 
> If we really need to recover from certain accesses to kernel memory we should
> add a new EX_TYPE_KACCESS_ERR_ZERO_MC or similar, but we need a strong
> rationale as to why that's useful. As things stand I do not beleive it makes
> sense for copy to/from user specifically.
> 
>>   arch/arm64/mm/extable.c         | 8 ++++----
>>   3 files changed, 12 insertions(+), 12 deletions(-)
>>
>> diff --git a/arch/arm64/lib/copy_from_user.S b/arch/arm64/lib/copy_from_user.S
>> index 34e317907524..402dd48a4f93 100644
>> --- a/arch/arm64/lib/copy_from_user.S
>> +++ b/arch/arm64/lib/copy_from_user.S
>> @@ -25,7 +25,7 @@
>>   	.endm
>>   
>>   	.macro strb1 reg, ptr, val
>> -	strb \reg, [\ptr], \val
>> +	USER(9998f, strb \reg, [\ptr], \val)
>>   	.endm
>>   
>>   	.macro ldrh1 reg, ptr, val
>> @@ -33,7 +33,7 @@
>>   	.endm
>>   
>>   	.macro strh1 reg, ptr, val
>> -	strh \reg, [\ptr], \val
>> +	USER(9998f, strh \reg, [\ptr], \val)
>>   	.endm
>>   
>>   	.macro ldr1 reg, ptr, val
>> @@ -41,7 +41,7 @@
>>   	.endm
>>   
>>   	.macro str1 reg, ptr, val
>> -	str \reg, [\ptr], \val
>> +	USER(9998f, str \reg, [\ptr], \val)
>>   	.endm
>>   
>>   	.macro ldp1 reg1, reg2, ptr, val
>> @@ -49,7 +49,7 @@
>>   	.endm
>>   
>>   	.macro stp1 reg1, reg2, ptr, val
>> -	stp \reg1, \reg2, [\ptr], \val
>> +	USER(9998f, stp \reg1, \reg2, [\ptr], \val)
>>   	.endm
>>   
>>   end	.req	x5
>> diff --git a/arch/arm64/lib/copy_to_user.S b/arch/arm64/lib/copy_to_user.S
>> index 802231772608..4134bdb3a8b0 100644
>> --- a/arch/arm64/lib/copy_to_user.S
>> +++ b/arch/arm64/lib/copy_to_user.S
>> @@ -20,7 +20,7 @@
>>    *	x0 - bytes not copied
>>    */
>>   	.macro ldrb1 reg, ptr, val
>> -	ldrb  \reg, [\ptr], \val
>> +	USER(9998f, ldrb  \reg, [\ptr], \val)
>>   	.endm
>>   
>>   	.macro strb1 reg, ptr, val
>> @@ -28,7 +28,7 @@
>>   	.endm
>>   
>>   	.macro ldrh1 reg, ptr, val
>> -	ldrh  \reg, [\ptr], \val
>> +	USER(9998f, ldrh  \reg, [\ptr], \val)
>>   	.endm
>>   
>>   	.macro strh1 reg, ptr, val
>> @@ -36,7 +36,7 @@
>>   	.endm
>>   
>>   	.macro ldr1 reg, ptr, val
>> -	ldr \reg, [\ptr], \val
>> +	USER(9998f, ldr \reg, [\ptr], \val)
>>   	.endm
>>   
>>   	.macro str1 reg, ptr, val
>> @@ -44,7 +44,7 @@
>>   	.endm
>>   
>>   	.macro ldp1 reg1, reg2, ptr, val
>> -	ldp \reg1, \reg2, [\ptr], \val
>> +	USER(9998f, ldp \reg1, \reg2, [\ptr], \val)
>>   	.endm
>>   
>>   	.macro stp1 reg1, reg2, ptr, val
>> diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
>> index c301dcf6335f..8ca8d9639f9f 100644
>> --- a/arch/arm64/mm/extable.c
>> +++ b/arch/arm64/mm/extable.c
>> @@ -86,10 +86,10 @@ bool fixup_exception_mc(struct pt_regs *regs)
>>   	if (!ex)
>>   		return false;
>>   
>> -	/*
>> -	 * This is not complete, More Machine check safe extable type can
>> -	 * be processed here.
>> -	 */
>> +	switch (ex->type) {
>> +	case EX_TYPE_UACCESS_ERR_ZERO:
>> +		return ex_handler_uaccess_err_zero(ex, regs);
>> +	}
> 
> This addition specifically makes sense to me, so can you split this into a separate patch?

According to my understanding of the above, only the modification of 
extable.c is retained.

So what do you mean which part is made into a separate patch?

Thanks,
Tong.
> 
> Thanks,
> Mark.
> 
> .

Re: [PATCH -next v5 7/8] arm64: add uaccess to machine check safe

[Tong Tiangen]

在 2022/6/17 17:06, Mark Rutland 写道:
> On Sat, May 28, 2022 at 06:50:55AM +0000, Tong Tiangen wrote:
>> If user access fail due to hardware memory error, only the relevant
>> processes are affected, so killing the user process and isolate the
>> error page with hardware memory errors is a more reasonable choice
>> than kernel panic.
>>
>> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
> 
>> ---
>>   arch/arm64/lib/copy_from_user.S | 8 ++++----
>>   arch/arm64/lib/copy_to_user.S   | 8 ++++----
> 
> All of these changes are to the *kernel* accesses performed as part of copy
> to/from user, and have nothing to do with userspace, so it does not make sense
> to mark these as UACCESS.

You have a point. so there is no need to modify copy_from/to_user.S in 
this patch set.

> 
> Do we *actually* need to recover from failues on these accesses? Looking at
> _copy_from_user(), the kernel will immediately follow this up with a memset()
> to the same address which will be fatal anyway, so this is only punting the
> failure for a few instructions.

If recovery success, The task will be killed and there will be no 
subsequent memset().

> 
> If we really need to recover from certain accesses to kernel memory we should
> add a new EX_TYPE_KACCESS_ERR_ZERO_MC or similar, but we need a strong
> rationale as to why that's useful. As things stand I do not beleive it makes
> sense for copy to/from user specifically.
> 
>>   arch/arm64/mm/extable.c         | 8 ++++----
>>   3 files changed, 12 insertions(+), 12 deletions(-)
>>
>> diff --git a/arch/arm64/lib/copy_from_user.S b/arch/arm64/lib/copy_from_user.S
>> index 34e317907524..402dd48a4f93 100644
>> --- a/arch/arm64/lib/copy_from_user.S
>> +++ b/arch/arm64/lib/copy_from_user.S
>> @@ -25,7 +25,7 @@
>>   	.endm
>>   
>>   	.macro strb1 reg, ptr, val
>> -	strb \reg, [\ptr], \val
>> +	USER(9998f, strb \reg, [\ptr], \val)
>>   	.endm
>>   
>>   	.macro ldrh1 reg, ptr, val
>> @@ -33,7 +33,7 @@
>>   	.endm
>>   
>>   	.macro strh1 reg, ptr, val
>> -	strh \reg, [\ptr], \val
>> +	USER(9998f, strh \reg, [\ptr], \val)
>>   	.endm
>>   
>>   	.macro ldr1 reg, ptr, val
>> @@ -41,7 +41,7 @@
>>   	.endm
>>   
>>   	.macro str1 reg, ptr, val
>> -	str \reg, [\ptr], \val
>> +	USER(9998f, str \reg, [\ptr], \val)
>>   	.endm
>>   
>>   	.macro ldp1 reg1, reg2, ptr, val
>> @@ -49,7 +49,7 @@
>>   	.endm
>>   
>>   	.macro stp1 reg1, reg2, ptr, val
>> -	stp \reg1, \reg2, [\ptr], \val
>> +	USER(9998f, stp \reg1, \reg2, [\ptr], \val)
>>   	.endm
>>   
>>   end	.req	x5
>> diff --git a/arch/arm64/lib/copy_to_user.S b/arch/arm64/lib/copy_to_user.S
>> index 802231772608..4134bdb3a8b0 100644
>> --- a/arch/arm64/lib/copy_to_user.S
>> +++ b/arch/arm64/lib/copy_to_user.S
>> @@ -20,7 +20,7 @@
>>    *	x0 - bytes not copied
>>    */
>>   	.macro ldrb1 reg, ptr, val
>> -	ldrb  \reg, [\ptr], \val
>> +	USER(9998f, ldrb  \reg, [\ptr], \val)
>>   	.endm
>>   
>>   	.macro strb1 reg, ptr, val
>> @@ -28,7 +28,7 @@
>>   	.endm
>>   
>>   	.macro ldrh1 reg, ptr, val
>> -	ldrh  \reg, [\ptr], \val
>> +	USER(9998f, ldrh  \reg, [\ptr], \val)
>>   	.endm
>>   
>>   	.macro strh1 reg, ptr, val
>> @@ -36,7 +36,7 @@
>>   	.endm
>>   
>>   	.macro ldr1 reg, ptr, val
>> -	ldr \reg, [\ptr], \val
>> +	USER(9998f, ldr \reg, [\ptr], \val)
>>   	.endm
>>   
>>   	.macro str1 reg, ptr, val
>> @@ -44,7 +44,7 @@
>>   	.endm
>>   
>>   	.macro ldp1 reg1, reg2, ptr, val
>> -	ldp \reg1, \reg2, [\ptr], \val
>> +	USER(9998f, ldp \reg1, \reg2, [\ptr], \val)
>>   	.endm
>>   
>>   	.macro stp1 reg1, reg2, ptr, val
>> diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
>> index c301dcf6335f..8ca8d9639f9f 100644
>> --- a/arch/arm64/mm/extable.c
>> +++ b/arch/arm64/mm/extable.c
>> @@ -86,10 +86,10 @@ bool fixup_exception_mc(struct pt_regs *regs)
>>   	if (!ex)
>>   		return false;
>>   
>> -	/*
>> -	 * This is not complete, More Machine check safe extable type can
>> -	 * be processed here.
>> -	 */
>> +	switch (ex->type) {
>> +	case EX_TYPE_UACCESS_ERR_ZERO:
>> +		return ex_handler_uaccess_err_zero(ex, regs);
>> +	}
> 
> This addition specifically makes sense to me, so can you split this into a separate patch?

According to my understanding of the above, only the modification of 
extable.c is retained.

So what do you mean which part is made into a separate patch?

Thanks,
Tong.
> 
> Thanks,
> Mark.
> 
> .

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH -next v5 7/8] arm64: add uaccess to machine check safe

[Mark Rutland]

On Sat, Jun 18, 2022 at 05:27:45PM +0800, Tong Tiangen wrote:
> 
> 
> 在 2022/6/17 17:06, Mark Rutland 写道:
> > On Sat, May 28, 2022 at 06:50:55AM +0000, Tong Tiangen wrote:
> > > If user access fail due to hardware memory error, only the relevant
> > > processes are affected, so killing the user process and isolate the
> > > error page with hardware memory errors is a more reasonable choice
> > > than kernel panic.
> > > 
> > > Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
> > 
> > > ---
> > >   arch/arm64/lib/copy_from_user.S | 8 ++++----
> > >   arch/arm64/lib/copy_to_user.S   | 8 ++++----
> > 
> > All of these changes are to the *kernel* accesses performed as part of copy
> > to/from user, and have nothing to do with userspace, so it does not make sense
> > to mark these as UACCESS.
> 
> You have a point. so there is no need to modify copy_from/to_user.S in this
> patch set.

Cool, thanks. If this patch just has the extable change, that's fine by me.

> > Do we *actually* need to recover from failues on these accesses? Looking at
> > _copy_from_user(), the kernel will immediately follow this up with a memset()
> > to the same address which will be fatal anyway, so this is only punting the
> > failure for a few instructions.
> 
> If recovery success, The task will be killed and there will be no subsequent
> memset().

I don't think that's true.

IIUC per the last patch, in the exception handler we'll apply the fixup then
force a signal. That doesn't kill the task immediately, and we'll return from
the exception handler back into the original context (with the fixup applied).

The structure of copy_from_user() is 

	copy_from_user(to, from, n) {
		_copy_from_user(to, from, n) {
			res = n;
			res = raw_copy_from_user(to, from, n);
			if (res) 
				memset(to + (n - res), 0, res);
		}
	}

So when the fixup is applied and res indicates that the copy terminated early,
there is an unconditinal memset() before the fatal signal is handled in the
return to userspace path.

> > If we really need to recover from certain accesses to kernel memory we should
> > add a new EX_TYPE_KACCESS_ERR_ZERO_MC or similar, but we need a strong
> > rationale as to why that's useful. As things stand I do not beleive it makes
> > sense for copy to/from user specifically.

[...]

> > > diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
> > > index c301dcf6335f..8ca8d9639f9f 100644
> > > --- a/arch/arm64/mm/extable.c
> > > +++ b/arch/arm64/mm/extable.c
> > > @@ -86,10 +86,10 @@ bool fixup_exception_mc(struct pt_regs *regs)
> > >   	if (!ex)
> > >   		return false;
> > > -	/*
> > > -	 * This is not complete, More Machine check safe extable type can
> > > -	 * be processed here.
> > > -	 */
> > > +	switch (ex->type) {
> > > +	case EX_TYPE_UACCESS_ERR_ZERO:
> > > +		return ex_handler_uaccess_err_zero(ex, regs);
> > > +	}
> > 
> > This addition specifically makes sense to me, so can you split this into a separate patch?
> 
> According to my understanding of the above, only the modification of
> extable.c is retained.
> 
> So what do you mean which part is made into a separate patch?

As above, if you just retain the extable.c changes, that's fine by me.

Thanks,
Mark.

Re: [PATCH -next v5 7/8] arm64: add uaccess to machine check safe

[Mark Rutland]

On Sat, Jun 18, 2022 at 05:27:45PM +0800, Tong Tiangen wrote:
> 
> 
> 在 2022/6/17 17:06, Mark Rutland 写道:
> > On Sat, May 28, 2022 at 06:50:55AM +0000, Tong Tiangen wrote:
> > > If user access fail due to hardware memory error, only the relevant
> > > processes are affected, so killing the user process and isolate the
> > > error page with hardware memory errors is a more reasonable choice
> > > than kernel panic.
> > > 
> > > Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
> > 
> > > ---
> > >   arch/arm64/lib/copy_from_user.S | 8 ++++----
> > >   arch/arm64/lib/copy_to_user.S   | 8 ++++----
> > 
> > All of these changes are to the *kernel* accesses performed as part of copy
> > to/from user, and have nothing to do with userspace, so it does not make sense
> > to mark these as UACCESS.
> 
> You have a point. so there is no need to modify copy_from/to_user.S in this
> patch set.

Cool, thanks. If this patch just has the extable change, that's fine by me.

> > Do we *actually* need to recover from failues on these accesses? Looking at
> > _copy_from_user(), the kernel will immediately follow this up with a memset()
> > to the same address which will be fatal anyway, so this is only punting the
> > failure for a few instructions.
> 
> If recovery success, The task will be killed and there will be no subsequent
> memset().

I don't think that's true.

IIUC per the last patch, in the exception handler we'll apply the fixup then
force a signal. That doesn't kill the task immediately, and we'll return from
the exception handler back into the original context (with the fixup applied).

The structure of copy_from_user() is 

	copy_from_user(to, from, n) {
		_copy_from_user(to, from, n) {
			res = n;
			res = raw_copy_from_user(to, from, n);
			if (res) 
				memset(to + (n - res), 0, res);
		}
	}

So when the fixup is applied and res indicates that the copy terminated early,
there is an unconditinal memset() before the fatal signal is handled in the
return to userspace path.

> > If we really need to recover from certain accesses to kernel memory we should
> > add a new EX_TYPE_KACCESS_ERR_ZERO_MC or similar, but we need a strong
> > rationale as to why that's useful. As things stand I do not beleive it makes
> > sense for copy to/from user specifically.

[...]

> > > diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
> > > index c301dcf6335f..8ca8d9639f9f 100644
> > > --- a/arch/arm64/mm/extable.c
> > > +++ b/arch/arm64/mm/extable.c
> > > @@ -86,10 +86,10 @@ bool fixup_exception_mc(struct pt_regs *regs)
> > >   	if (!ex)
> > >   		return false;
> > > -	/*
> > > -	 * This is not complete, More Machine check safe extable type can
> > > -	 * be processed here.
> > > -	 */
> > > +	switch (ex->type) {
> > > +	case EX_TYPE_UACCESS_ERR_ZERO:
> > > +		return ex_handler_uaccess_err_zero(ex, regs);
> > > +	}
> > 
> > This addition specifically makes sense to me, so can you split this into a separate patch?
> 
> According to my understanding of the above, only the modification of
> extable.c is retained.
> 
> So what do you mean which part is made into a separate patch?

As above, if you just retain the extable.c changes, that's fine by me.

Thanks,
Mark.

Re: [PATCH -next v5 7/8] arm64: add uaccess to machine check safe

[Mark Rutland]

On Sat, Jun 18, 2022 at 05:27:45PM +0800, Tong Tiangen wrote:
> 
> 
> 在 2022/6/17 17:06, Mark Rutland 写道:
> > On Sat, May 28, 2022 at 06:50:55AM +0000, Tong Tiangen wrote:
> > > If user access fail due to hardware memory error, only the relevant
> > > processes are affected, so killing the user process and isolate the
> > > error page with hardware memory errors is a more reasonable choice
> > > than kernel panic.
> > > 
> > > Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
> > 
> > > ---
> > >   arch/arm64/lib/copy_from_user.S | 8 ++++----
> > >   arch/arm64/lib/copy_to_user.S   | 8 ++++----
> > 
> > All of these changes are to the *kernel* accesses performed as part of copy
> > to/from user, and have nothing to do with userspace, so it does not make sense
> > to mark these as UACCESS.
> 
> You have a point. so there is no need to modify copy_from/to_user.S in this
> patch set.

Cool, thanks. If this patch just has the extable change, that's fine by me.

> > Do we *actually* need to recover from failues on these accesses? Looking at
> > _copy_from_user(), the kernel will immediately follow this up with a memset()
> > to the same address which will be fatal anyway, so this is only punting the
> > failure for a few instructions.
> 
> If recovery success, The task will be killed and there will be no subsequent
> memset().

I don't think that's true.

IIUC per the last patch, in the exception handler we'll apply the fixup then
force a signal. That doesn't kill the task immediately, and we'll return from
the exception handler back into the original context (with the fixup applied).

The structure of copy_from_user() is 

	copy_from_user(to, from, n) {
		_copy_from_user(to, from, n) {
			res = n;
			res = raw_copy_from_user(to, from, n);
			if (res) 
				memset(to + (n - res), 0, res);
		}
	}

So when the fixup is applied and res indicates that the copy terminated early,
there is an unconditinal memset() before the fatal signal is handled in the
return to userspace path.

> > If we really need to recover from certain accesses to kernel memory we should
> > add a new EX_TYPE_KACCESS_ERR_ZERO_MC or similar, but we need a strong
> > rationale as to why that's useful. As things stand I do not beleive it makes
> > sense for copy to/from user specifically.

[...]

> > > diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
> > > index c301dcf6335f..8ca8d9639f9f 100644
> > > --- a/arch/arm64/mm/extable.c
> > > +++ b/arch/arm64/mm/extable.c
> > > @@ -86,10 +86,10 @@ bool fixup_exception_mc(struct pt_regs *regs)
> > >   	if (!ex)
> > >   		return false;
> > > -	/*
> > > -	 * This is not complete, More Machine check safe extable type can
> > > -	 * be processed here.
> > > -	 */
> > > +	switch (ex->type) {
> > > +	case EX_TYPE_UACCESS_ERR_ZERO:
> > > +		return ex_handler_uaccess_err_zero(ex, regs);
> > > +	}
> > 
> > This addition specifically makes sense to me, so can you split this into a separate patch?
> 
> According to my understanding of the above, only the modification of
> extable.c is retained.
> 
> So what do you mean which part is made into a separate patch?

As above, if you just retain the extable.c changes, that's fine by me.

Thanks,
Mark.

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Mark Rutland]

On Sat, Jun 18, 2022 at 04:42:06PM +0800, Tong Tiangen wrote:
> > > > diff --git a/arch/arm64/include/asm/asm-extable.h
> > > > b/arch/arm64/include/asm/asm-extable.h
> > > > index 56ebe183e78b..9c94ac1f082c 100644
> > > > --- a/arch/arm64/include/asm/asm-extable.h
> > > > +++ b/arch/arm64/include/asm/asm-extable.h
> > > > @@ -28,6 +28,14 @@
> > > >       __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
> > > >       .endm
> > > > +/*
> > > > + * Create an exception table entry for uaccess `insn`, which
> > > > will branch to `fixup`
> > > > + * when an unhandled fault is taken.
> > > > + * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
> > > > + */
> > > > +    .macro          _asm_extable_uaccess, insn, fixup
> > > > +    __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
> > > > +    .endm
> > > 
> > > I'm not too keen on using `~0` here, since that also sets other bits
> > > in the
> > > data field, and its somewhat opaque.
> > > 
> > > How painful is it to generate the data fields as with the C version
> > > of this
> > > macro, so that we can pass in wzr explciitly for the two sub-fields?
> > > 
> > > Other than that, this looks good to me.
> > > 
> > > Thanks,
> > > Mark.
> > 
> > ok, will fix next version.
> > 
> > Thanks,
> > Tong.
> 
> I tried to using data filelds as with C version, but here assembly code we
> can not using operator such as << and |, if we use lsl and orr instructions,
> the gpr will be occupied.
> 
> So how about using 0x3ff directly here? it means err register and zero
> register both set to x31.

I had a go at implementing this, and it seems simple enough. Please see:

  https://git.kernel.org/pub/scm/linux/kernel/git/mark/linux.git/log/?h=arm64/extable/asm-uaccess

Mark.

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Mark Rutland]

On Sat, Jun 18, 2022 at 04:42:06PM +0800, Tong Tiangen wrote:
> > > > diff --git a/arch/arm64/include/asm/asm-extable.h
> > > > b/arch/arm64/include/asm/asm-extable.h
> > > > index 56ebe183e78b..9c94ac1f082c 100644
> > > > --- a/arch/arm64/include/asm/asm-extable.h
> > > > +++ b/arch/arm64/include/asm/asm-extable.h
> > > > @@ -28,6 +28,14 @@
> > > >       __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
> > > >       .endm
> > > > +/*
> > > > + * Create an exception table entry for uaccess `insn`, which
> > > > will branch to `fixup`
> > > > + * when an unhandled fault is taken.
> > > > + * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
> > > > + */
> > > > +    .macro          _asm_extable_uaccess, insn, fixup
> > > > +    __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
> > > > +    .endm
> > > 
> > > I'm not too keen on using `~0` here, since that also sets other bits
> > > in the
> > > data field, and its somewhat opaque.
> > > 
> > > How painful is it to generate the data fields as with the C version
> > > of this
> > > macro, so that we can pass in wzr explciitly for the two sub-fields?
> > > 
> > > Other than that, this looks good to me.
> > > 
> > > Thanks,
> > > Mark.
> > 
> > ok, will fix next version.
> > 
> > Thanks,
> > Tong.
> 
> I tried to using data filelds as with C version, but here assembly code we
> can not using operator such as << and |, if we use lsl and orr instructions,
> the gpr will be occupied.
> 
> So how about using 0x3ff directly here? it means err register and zero
> register both set to x31.

I had a go at implementing this, and it seems simple enough. Please see:

  https://git.kernel.org/pub/scm/linux/kernel/git/mark/linux.git/log/?h=arm64/extable/asm-uaccess

Mark.

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Mark Rutland]

On Sat, Jun 18, 2022 at 04:42:06PM +0800, Tong Tiangen wrote:
> > > > diff --git a/arch/arm64/include/asm/asm-extable.h
> > > > b/arch/arm64/include/asm/asm-extable.h
> > > > index 56ebe183e78b..9c94ac1f082c 100644
> > > > --- a/arch/arm64/include/asm/asm-extable.h
> > > > +++ b/arch/arm64/include/asm/asm-extable.h
> > > > @@ -28,6 +28,14 @@
> > > >       __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
> > > >       .endm
> > > > +/*
> > > > + * Create an exception table entry for uaccess `insn`, which
> > > > will branch to `fixup`
> > > > + * when an unhandled fault is taken.
> > > > + * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
> > > > + */
> > > > +    .macro          _asm_extable_uaccess, insn, fixup
> > > > +    __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
> > > > +    .endm
> > > 
> > > I'm not too keen on using `~0` here, since that also sets other bits
> > > in the
> > > data field, and its somewhat opaque.
> > > 
> > > How painful is it to generate the data fields as with the C version
> > > of this
> > > macro, so that we can pass in wzr explciitly for the two sub-fields?
> > > 
> > > Other than that, this looks good to me.
> > > 
> > > Thanks,
> > > Mark.
> > 
> > ok, will fix next version.
> > 
> > Thanks,
> > Tong.
> 
> I tried to using data filelds as with C version, but here assembly code we
> can not using operator such as << and |, if we use lsl and orr instructions,
> the gpr will be occupied.
> 
> So how about using 0x3ff directly here? it means err register and zero
> register both set to x31.

I had a go at implementing this, and it seems simple enough. Please see:

  https://git.kernel.org/pub/scm/linux/kernel/git/mark/linux.git/log/?h=arm64/extable/asm-uaccess

Mark.

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH -next v5 6/8] arm64: add support for machine check error safe

[Mark Rutland]

On Sat, Jun 18, 2022 at 05:18:55PM +0800, Tong Tiangen wrote:
> 在 2022/6/17 16:55, Mark Rutland 写道:
> > On Sat, May 28, 2022 at 06:50:54AM +0000, Tong Tiangen wrote:
> > > +static bool arm64_do_kernel_sea(unsigned long addr, unsigned int esr,
> > > +				     struct pt_regs *regs, int sig, int code)
> > > +{
> > > +	if (!IS_ENABLED(CONFIG_ARCH_HAS_COPY_MC))
> > > +		return false;
> > > +
> > > +	if (user_mode(regs) || !current->mm)
> > > +		return false;
> > 
> > What's the `!current->mm` check for?
> 
> At first, I considered that only user processes have the opportunity to
> recover when they trigger memory error.
> 
> But it seems that this restriction is unreasonable. When the kernel thread
> triggers memory error, it can also be recovered. for instance:
> 
> https://lore.kernel.org/linux-mm/20220527190731.322722-1-jiaqiyan@google.com/
> 
> And i think if(!current->mm) shoud be added below:
> 
> if(!current->mm) {
> 	set_thread_esr(0, esr);
> 	arm64_force_sig_fault(...);
> }
> return true;

Why does 'current->mm' have anything to do with this, though?

There can be kernel threads with `current->mm` set in unusual circumstances
(and there's a lot of kernel code out there which handles that wrong), so if
you want to treat user tasks differently, we should be doing something like
checking PF_KTHREAD, or adding something like an is_user_task() helper.

[...]

> > > +
> > > +	if (apei_claim_sea(regs) < 0)
> > > +		return false;
> > > +
> > > +	if (!fixup_exception_mc(regs))
> > > +		return false;
> > 
> > I thought we still wanted to signal the task in this case? Or do you expect to
> > add that into `fixup_exception_mc()` ?
> 
> Yeah, here return false and will signal to task in do_sea() ->
> arm64_notify_die().

I mean when we do the fixup.

I thought the idea was to apply the fixup (to stop the kernel from crashing),
but still to deliver a fatal signal to the user task since we can't do what the
user task asked us to.

> > > +
> > > +	set_thread_esr(0, esr);
> > 
> > Why are we not setting the address? Is that deliberate, or an oversight?
> 
> Here set fault_address to 0, i refer to the logic of arm64_notify_die().
> 
> void arm64_notify_die(...)
> {
>          if (user_mode(regs)) {
>                  WARN_ON(regs != current_pt_regs());
>                  current->thread.fault_address = 0;
>                  current->thread.fault_code = err;
> 
>                  arm64_force_sig_fault(signo, sicode, far, str);
>          } else {
>                  die(str, regs, err);
>          }
> }
> 
> I don't know exactly why and do you know why arm64_notify_die() did this? :)

To be honest, I don't know, and that looks equally suspicious to me.

Looking at the git history, that was added in commit:

  9141300a5884b57c ("arm64: Provide read/write fault information in compat signal handlers")

... so maybe Catalin recalls why.

Perhaps the assumption is just that this will be fatal and so unimportant? ...
but in that case the same logic would apply to the ESR value, so it's not clear
to me.

Mark.

Re: [PATCH -next v5 6/8] arm64: add support for machine check error safe

[Mark Rutland]

On Sat, Jun 18, 2022 at 05:18:55PM +0800, Tong Tiangen wrote:
> 在 2022/6/17 16:55, Mark Rutland 写道:
> > On Sat, May 28, 2022 at 06:50:54AM +0000, Tong Tiangen wrote:
> > > +static bool arm64_do_kernel_sea(unsigned long addr, unsigned int esr,
> > > +				     struct pt_regs *regs, int sig, int code)
> > > +{
> > > +	if (!IS_ENABLED(CONFIG_ARCH_HAS_COPY_MC))
> > > +		return false;
> > > +
> > > +	if (user_mode(regs) || !current->mm)
> > > +		return false;
> > 
> > What's the `!current->mm` check for?
> 
> At first, I considered that only user processes have the opportunity to
> recover when they trigger memory error.
> 
> But it seems that this restriction is unreasonable. When the kernel thread
> triggers memory error, it can also be recovered. for instance:
> 
> https://lore.kernel.org/linux-mm/20220527190731.322722-1-jiaqiyan@google.com/
> 
> And i think if(!current->mm) shoud be added below:
> 
> if(!current->mm) {
> 	set_thread_esr(0, esr);
> 	arm64_force_sig_fault(...);
> }
> return true;

Why does 'current->mm' have anything to do with this, though?

There can be kernel threads with `current->mm` set in unusual circumstances
(and there's a lot of kernel code out there which handles that wrong), so if
you want to treat user tasks differently, we should be doing something like
checking PF_KTHREAD, or adding something like an is_user_task() helper.

[...]

> > > +
> > > +	if (apei_claim_sea(regs) < 0)
> > > +		return false;
> > > +
> > > +	if (!fixup_exception_mc(regs))
> > > +		return false;
> > 
> > I thought we still wanted to signal the task in this case? Or do you expect to
> > add that into `fixup_exception_mc()` ?
> 
> Yeah, here return false and will signal to task in do_sea() ->
> arm64_notify_die().

I mean when we do the fixup.

I thought the idea was to apply the fixup (to stop the kernel from crashing),
but still to deliver a fatal signal to the user task since we can't do what the
user task asked us to.

> > > +
> > > +	set_thread_esr(0, esr);
> > 
> > Why are we not setting the address? Is that deliberate, or an oversight?
> 
> Here set fault_address to 0, i refer to the logic of arm64_notify_die().
> 
> void arm64_notify_die(...)
> {
>          if (user_mode(regs)) {
>                  WARN_ON(regs != current_pt_regs());
>                  current->thread.fault_address = 0;
>                  current->thread.fault_code = err;
> 
>                  arm64_force_sig_fault(signo, sicode, far, str);
>          } else {
>                  die(str, regs, err);
>          }
> }
> 
> I don't know exactly why and do you know why arm64_notify_die() did this? :)

To be honest, I don't know, and that looks equally suspicious to me.

Looking at the git history, that was added in commit:

  9141300a5884b57c ("arm64: Provide read/write fault information in compat signal handlers")

... so maybe Catalin recalls why.

Perhaps the assumption is just that this will be fatal and so unimportant? ...
but in that case the same logic would apply to the ESR value, so it's not clear
to me.

Mark.

Re: [PATCH -next v5 6/8] arm64: add support for machine check error safe

[Mark Rutland]

On Sat, Jun 18, 2022 at 05:18:55PM +0800, Tong Tiangen wrote:
> 在 2022/6/17 16:55, Mark Rutland 写道:
> > On Sat, May 28, 2022 at 06:50:54AM +0000, Tong Tiangen wrote:
> > > +static bool arm64_do_kernel_sea(unsigned long addr, unsigned int esr,
> > > +				     struct pt_regs *regs, int sig, int code)
> > > +{
> > > +	if (!IS_ENABLED(CONFIG_ARCH_HAS_COPY_MC))
> > > +		return false;
> > > +
> > > +	if (user_mode(regs) || !current->mm)
> > > +		return false;
> > 
> > What's the `!current->mm` check for?
> 
> At first, I considered that only user processes have the opportunity to
> recover when they trigger memory error.
> 
> But it seems that this restriction is unreasonable. When the kernel thread
> triggers memory error, it can also be recovered. for instance:
> 
> https://lore.kernel.org/linux-mm/20220527190731.322722-1-jiaqiyan@google.com/
> 
> And i think if(!current->mm) shoud be added below:
> 
> if(!current->mm) {
> 	set_thread_esr(0, esr);
> 	arm64_force_sig_fault(...);
> }
> return true;

Why does 'current->mm' have anything to do with this, though?

There can be kernel threads with `current->mm` set in unusual circumstances
(and there's a lot of kernel code out there which handles that wrong), so if
you want to treat user tasks differently, we should be doing something like
checking PF_KTHREAD, or adding something like an is_user_task() helper.

[...]

> > > +
> > > +	if (apei_claim_sea(regs) < 0)
> > > +		return false;
> > > +
> > > +	if (!fixup_exception_mc(regs))
> > > +		return false;
> > 
> > I thought we still wanted to signal the task in this case? Or do you expect to
> > add that into `fixup_exception_mc()` ?
> 
> Yeah, here return false and will signal to task in do_sea() ->
> arm64_notify_die().

I mean when we do the fixup.

I thought the idea was to apply the fixup (to stop the kernel from crashing),
but still to deliver a fatal signal to the user task since we can't do what the
user task asked us to.

> > > +
> > > +	set_thread_esr(0, esr);
> > 
> > Why are we not setting the address? Is that deliberate, or an oversight?
> 
> Here set fault_address to 0, i refer to the logic of arm64_notify_die().
> 
> void arm64_notify_die(...)
> {
>          if (user_mode(regs)) {
>                  WARN_ON(regs != current_pt_regs());
>                  current->thread.fault_address = 0;
>                  current->thread.fault_code = err;
> 
>                  arm64_force_sig_fault(signo, sicode, far, str);
>          } else {
>                  die(str, regs, err);
>          }
> }
> 
> I don't know exactly why and do you know why arm64_notify_die() did this? :)

To be honest, I don't know, and that looks equally suspicious to me.

Looking at the git history, that was added in commit:

  9141300a5884b57c ("arm64: Provide read/write fault information in compat signal handlers")

... so maybe Catalin recalls why.

Perhaps the assumption is just that this will be fatal and so unimportant? ...
but in that case the same logic would apply to the ESR value, so it's not clear
to me.

Mark.

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH -next v5 6/8] arm64: add support for machine check error safe

[Tong Tiangen]

在 2022/6/18 20:52, Mark Rutland 写道:
> On Sat, Jun 18, 2022 at 05:18:55PM +0800, Tong Tiangen wrote:
>> 在 2022/6/17 16:55, Mark Rutland 写道:
>>> On Sat, May 28, 2022 at 06:50:54AM +0000, Tong Tiangen wrote:
>>>> +static bool arm64_do_kernel_sea(unsigned long addr, unsigned int esr,
>>>> +				     struct pt_regs *regs, int sig, int code)
>>>> +{
>>>> +	if (!IS_ENABLED(CONFIG_ARCH_HAS_COPY_MC))
>>>> +		return false;
>>>> +
>>>> +	if (user_mode(regs) || !current->mm)
>>>> +		return false;
>>>
>>> What's the `!current->mm` check for? >>
>> At first, I considered that only user processes have the opportunity to
>> recover when they trigger memory error.
>>
>> But it seems that this restriction is unreasonable. When the kernel thread
>> triggers memory error, it can also be recovered. for instance:
>>
>> https://lore.kernel.org/linux-mm/20220527190731.322722-1-jiaqiyan@google.com/
>>
>> And i think if(!current->mm) shoud be added below:
>>
>> if(!current->mm) {
>> 	set_thread_esr(0, esr);
>> 	arm64_force_sig_fault(...);
>> }
>> return true;
> 
> Why does 'current->mm' have anything to do with this, though?

Sorry, typo, my original logic was:
if(current->mm) {
	[...]
}

> 
> There can be kernel threads with `current->mm` set in unusual circumstances
> (and there's a lot of kernel code out there which handles that wrong), so if
> you want to treat user tasks differently, we should be doing something like
> checking PF_KTHREAD, or adding something like an is_user_task() helper.
> 

OK, i do want to treat user tasks differently here and didn't take into 
account what you said. will be fixed next version according to your 
suggestiong.

As follows:
if (!(current->flags & PF_KTHREAD)) {
   set_thread_esr(0, esr);
   arm64_force_sig_fault(...);
}
return true;


> [...]
> 
>>>> +
>>>> +	if (apei_claim_sea(regs) < 0)
>>>> +		return false;
>>>> +
>>>> +	if (!fixup_exception_mc(regs))
>>>> +		return false;
>>>
>>> I thought we still wanted to signal the task in this case? Or do you expect to
>>> add that into `fixup_exception_mc()` ?
>>
>> Yeah, here return false and will signal to task in do_sea() ->
>> arm64_notify_die().
> 
> I mean when we do the fixup.
> 
> I thought the idea was to apply the fixup (to stop the kernel from crashing),
> but still to deliver a fatal signal to the user task since we can't do what the
> user task asked us to.
> 

Yes, that's what i mean. :)

>>>> +
>>>> +	set_thread_esr(0, esr);
>>>
>>> Why are we not setting the address? Is that deliberate, or an oversight?
>>
>> Here set fault_address to 0, i refer to the logic of arm64_notify_die().
>>
>> void arm64_notify_die(...)
>> {
>>           if (user_mode(regs)) {
>>                   WARN_ON(regs != current_pt_regs());
>>                   current->thread.fault_address = 0;
>>                   current->thread.fault_code = err;
>>
>>                   arm64_force_sig_fault(signo, sicode, far, str);
>>           } else {
>>                   die(str, regs, err);
>>           }
>> }
>>
>> I don't know exactly why and do you know why arm64_notify_die() did this? :)
> 
> To be honest, I don't know, and that looks equally suspicious to me.
> 
> Looking at the git history, that was added in commit:
> 
>    9141300a5884b57c ("arm64: Provide read/write fault information in compat signal handlers")
> 
> ... so maybe Catalin recalls why.
> 
> Perhaps the assumption is just that this will be fatal and so unimportant? ...
> but in that case the same logic would apply to the ESR value, so it's not clear
> to me.

OK, let's proceed as set to 0, if there is any change later, the two 
positions shall be changed together.

Thanks,
Tong.

> 
> Mark.
> 
> .

Re: [PATCH -next v5 6/8] arm64: add support for machine check error safe

[Tong Tiangen]

在 2022/6/18 20:52, Mark Rutland 写道:
> On Sat, Jun 18, 2022 at 05:18:55PM +0800, Tong Tiangen wrote:
>> 在 2022/6/17 16:55, Mark Rutland 写道:
>>> On Sat, May 28, 2022 at 06:50:54AM +0000, Tong Tiangen wrote:
>>>> +static bool arm64_do_kernel_sea(unsigned long addr, unsigned int esr,
>>>> +				     struct pt_regs *regs, int sig, int code)
>>>> +{
>>>> +	if (!IS_ENABLED(CONFIG_ARCH_HAS_COPY_MC))
>>>> +		return false;
>>>> +
>>>> +	if (user_mode(regs) || !current->mm)
>>>> +		return false;
>>>
>>> What's the `!current->mm` check for? >>
>> At first, I considered that only user processes have the opportunity to
>> recover when they trigger memory error.
>>
>> But it seems that this restriction is unreasonable. When the kernel thread
>> triggers memory error, it can also be recovered. for instance:
>>
>> https://lore.kernel.org/linux-mm/20220527190731.322722-1-jiaqiyan@google.com/
>>
>> And i think if(!current->mm) shoud be added below:
>>
>> if(!current->mm) {
>> 	set_thread_esr(0, esr);
>> 	arm64_force_sig_fault(...);
>> }
>> return true;
> 
> Why does 'current->mm' have anything to do with this, though?

Sorry, typo, my original logic was:
if(current->mm) {
	[...]
}

> 
> There can be kernel threads with `current->mm` set in unusual circumstances
> (and there's a lot of kernel code out there which handles that wrong), so if
> you want to treat user tasks differently, we should be doing something like
> checking PF_KTHREAD, or adding something like an is_user_task() helper.
> 

OK, i do want to treat user tasks differently here and didn't take into 
account what you said. will be fixed next version according to your 
suggestiong.

As follows:
if (!(current->flags & PF_KTHREAD)) {
   set_thread_esr(0, esr);
   arm64_force_sig_fault(...);
}
return true;


> [...]
> 
>>>> +
>>>> +	if (apei_claim_sea(regs) < 0)
>>>> +		return false;
>>>> +
>>>> +	if (!fixup_exception_mc(regs))
>>>> +		return false;
>>>
>>> I thought we still wanted to signal the task in this case? Or do you expect to
>>> add that into `fixup_exception_mc()` ?
>>
>> Yeah, here return false and will signal to task in do_sea() ->
>> arm64_notify_die().
> 
> I mean when we do the fixup.
> 
> I thought the idea was to apply the fixup (to stop the kernel from crashing),
> but still to deliver a fatal signal to the user task since we can't do what the
> user task asked us to.
> 

Yes, that's what i mean. :)

>>>> +
>>>> +	set_thread_esr(0, esr);
>>>
>>> Why are we not setting the address? Is that deliberate, or an oversight?
>>
>> Here set fault_address to 0, i refer to the logic of arm64_notify_die().
>>
>> void arm64_notify_die(...)
>> {
>>           if (user_mode(regs)) {
>>                   WARN_ON(regs != current_pt_regs());
>>                   current->thread.fault_address = 0;
>>                   current->thread.fault_code = err;
>>
>>                   arm64_force_sig_fault(signo, sicode, far, str);
>>           } else {
>>                   die(str, regs, err);
>>           }
>> }
>>
>> I don't know exactly why and do you know why arm64_notify_die() did this? :)
> 
> To be honest, I don't know, and that looks equally suspicious to me.
> 
> Looking at the git history, that was added in commit:
> 
>    9141300a5884b57c ("arm64: Provide read/write fault information in compat signal handlers")
> 
> ... so maybe Catalin recalls why.
> 
> Perhaps the assumption is just that this will be fatal and so unimportant? ...
> but in that case the same logic would apply to the ESR value, so it's not clear
> to me.

OK, let's proceed as set to 0, if there is any change later, the two 
positions shall be changed together.

Thanks,
Tong.

> 
> Mark.
> 
> .

Re: [PATCH -next v5 6/8] arm64: add support for machine check error safe

[Tong Tiangen]

在 2022/6/18 20:52, Mark Rutland 写道:
> On Sat, Jun 18, 2022 at 05:18:55PM +0800, Tong Tiangen wrote:
>> 在 2022/6/17 16:55, Mark Rutland 写道:
>>> On Sat, May 28, 2022 at 06:50:54AM +0000, Tong Tiangen wrote:
>>>> +static bool arm64_do_kernel_sea(unsigned long addr, unsigned int esr,
>>>> +				     struct pt_regs *regs, int sig, int code)
>>>> +{
>>>> +	if (!IS_ENABLED(CONFIG_ARCH_HAS_COPY_MC))
>>>> +		return false;
>>>> +
>>>> +	if (user_mode(regs) || !current->mm)
>>>> +		return false;
>>>
>>> What's the `!current->mm` check for? >>
>> At first, I considered that only user processes have the opportunity to
>> recover when they trigger memory error.
>>
>> But it seems that this restriction is unreasonable. When the kernel thread
>> triggers memory error, it can also be recovered. for instance:
>>
>> https://lore.kernel.org/linux-mm/20220527190731.322722-1-jiaqiyan@google.com/
>>
>> And i think if(!current->mm) shoud be added below:
>>
>> if(!current->mm) {
>> 	set_thread_esr(0, esr);
>> 	arm64_force_sig_fault(...);
>> }
>> return true;
> 
> Why does 'current->mm' have anything to do with this, though?

Sorry, typo, my original logic was:
if(current->mm) {
	[...]
}

> 
> There can be kernel threads with `current->mm` set in unusual circumstances
> (and there's a lot of kernel code out there which handles that wrong), so if
> you want to treat user tasks differently, we should be doing something like
> checking PF_KTHREAD, or adding something like an is_user_task() helper.
> 

OK, i do want to treat user tasks differently here and didn't take into 
account what you said. will be fixed next version according to your 
suggestiong.

As follows:
if (!(current->flags & PF_KTHREAD)) {
   set_thread_esr(0, esr);
   arm64_force_sig_fault(...);
}
return true;


> [...]
> 
>>>> +
>>>> +	if (apei_claim_sea(regs) < 0)
>>>> +		return false;
>>>> +
>>>> +	if (!fixup_exception_mc(regs))
>>>> +		return false;
>>>
>>> I thought we still wanted to signal the task in this case? Or do you expect to
>>> add that into `fixup_exception_mc()` ?
>>
>> Yeah, here return false and will signal to task in do_sea() ->
>> arm64_notify_die().
> 
> I mean when we do the fixup.
> 
> I thought the idea was to apply the fixup (to stop the kernel from crashing),
> but still to deliver a fatal signal to the user task since we can't do what the
> user task asked us to.
> 

Yes, that's what i mean. :)

>>>> +
>>>> +	set_thread_esr(0, esr);
>>>
>>> Why are we not setting the address? Is that deliberate, or an oversight?
>>
>> Here set fault_address to 0, i refer to the logic of arm64_notify_die().
>>
>> void arm64_notify_die(...)
>> {
>>           if (user_mode(regs)) {
>>                   WARN_ON(regs != current_pt_regs());
>>                   current->thread.fault_address = 0;
>>                   current->thread.fault_code = err;
>>
>>                   arm64_force_sig_fault(signo, sicode, far, str);
>>           } else {
>>                   die(str, regs, err);
>>           }
>> }
>>
>> I don't know exactly why and do you know why arm64_notify_die() did this? :)
> 
> To be honest, I don't know, and that looks equally suspicious to me.
> 
> Looking at the git history, that was added in commit:
> 
>    9141300a5884b57c ("arm64: Provide read/write fault information in compat signal handlers")
> 
> ... so maybe Catalin recalls why.
> 
> Perhaps the assumption is just that this will be fatal and so unimportant? ...
> but in that case the same logic would apply to the ESR value, so it's not clear
> to me.

OK, let's proceed as set to 0, if there is any change later, the two 
positions shall be changed together.

Thanks,
Tong.

> 
> Mark.
> 
> .

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH -next v5 7/8] arm64: add uaccess to machine check safe

[Tong Tiangen]

在 2022/6/18 19:35, Mark Rutland 写道:
> On Sat, Jun 18, 2022 at 05:27:45PM +0800, Tong Tiangen wrote:
>>
>>
>> 在 2022/6/17 17:06, Mark Rutland 写道:
>>> On Sat, May 28, 2022 at 06:50:55AM +0000, Tong Tiangen wrote:
>>>> If user access fail due to hardware memory error, only the relevant
>>>> processes are affected, so killing the user process and isolate the
>>>> error page with hardware memory errors is a more reasonable choice
>>>> than kernel panic.
>>>>
>>>> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
>>>
>>>> ---
>>>>    arch/arm64/lib/copy_from_user.S | 8 ++++----
>>>>    arch/arm64/lib/copy_to_user.S   | 8 ++++----
>>>
>>> All of these changes are to the *kernel* accesses performed as part of copy
>>> to/from user, and have nothing to do with userspace, so it does not make sense
>>> to mark these as UACCESS.
>>
>> You have a point. so there is no need to modify copy_from/to_user.S in this
>> patch set.
> 
> Cool, thanks. If this patch just has the extable change, that's fine by me.
> 
>>> Do we *actually* need to recover from failues on these accesses? Looking at
>>> _copy_from_user(), the kernel will immediately follow this up with a memset()
>>> to the same address which will be fatal anyway, so this is only punting the
>>> failure for a few instructions.
>>
>> If recovery success, The task will be killed and there will be no subsequent
>> memset().
> 
> I don't think that's true.
> 
> IIUC per the last patch, in the exception handler we'll apply the fixup then
> force a signal. That doesn't kill the task immediately, and we'll return from
> the exception handler back into the original context (with the fixup applied).
> 

correct.

> The structure of copy_from_user() is
> 
> 	copy_from_user(to, from, n) {
> 		_copy_from_user(to, from, n) {
> 			res = n;
> 			res = raw_copy_from_user(to, from, n);
> 			if (res)
> 				memset(to + (n - res), 0, res);
> 		}
> 	}
> 
> So when the fixup is applied and res indicates that the copy terminated early,
> there is an unconditinal memset() before the fatal signal is handled in the
> return to userspace path.

correct in this scenario.

My idea is also valuable in many other scenarios.

> 
>>> If we really need to recover from certain accesses to kernel memory we should
>>> add a new EX_TYPE_KACCESS_ERR_ZERO_MC or similar, but we need a strong
>>> rationale as to why that's useful. As things stand I do not beleive it makes
>>> sense for copy to/from user specifically.
> 
> [...]
> 
>>>> diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
>>>> index c301dcf6335f..8ca8d9639f9f 100644
>>>> --- a/arch/arm64/mm/extable.c
>>>> +++ b/arch/arm64/mm/extable.c
>>>> @@ -86,10 +86,10 @@ bool fixup_exception_mc(struct pt_regs *regs)
>>>>    	if (!ex)
>>>>    		return false;
>>>> -	/*
>>>> -	 * This is not complete, More Machine check safe extable type can
>>>> -	 * be processed here.
>>>> -	 */
>>>> +	switch (ex->type) {
>>>> +	case EX_TYPE_UACCESS_ERR_ZERO:
>>>> +		return ex_handler_uaccess_err_zero(ex, regs);
>>>> +	}
>>>
>>> This addition specifically makes sense to me, so can you split this into a separate patch?
>>
>> According to my understanding of the above, only the modification of
>> extable.c is retained.
>>
>> So what do you mean which part is made into a separate patch?
> 
> As above, if you just retain the extable.c changes, that's fine by me.

Thanks,
Tong.
> 
> Thanks,
> Mark.
> .

Re: [PATCH -next v5 7/8] arm64: add uaccess to machine check safe

[Tong Tiangen]

在 2022/6/18 19:35, Mark Rutland 写道:
> On Sat, Jun 18, 2022 at 05:27:45PM +0800, Tong Tiangen wrote:
>>
>>
>> 在 2022/6/17 17:06, Mark Rutland 写道:
>>> On Sat, May 28, 2022 at 06:50:55AM +0000, Tong Tiangen wrote:
>>>> If user access fail due to hardware memory error, only the relevant
>>>> processes are affected, so killing the user process and isolate the
>>>> error page with hardware memory errors is a more reasonable choice
>>>> than kernel panic.
>>>>
>>>> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
>>>
>>>> ---
>>>>    arch/arm64/lib/copy_from_user.S | 8 ++++----
>>>>    arch/arm64/lib/copy_to_user.S   | 8 ++++----
>>>
>>> All of these changes are to the *kernel* accesses performed as part of copy
>>> to/from user, and have nothing to do with userspace, so it does not make sense
>>> to mark these as UACCESS.
>>
>> You have a point. so there is no need to modify copy_from/to_user.S in this
>> patch set.
> 
> Cool, thanks. If this patch just has the extable change, that's fine by me.
> 
>>> Do we *actually* need to recover from failues on these accesses? Looking at
>>> _copy_from_user(), the kernel will immediately follow this up with a memset()
>>> to the same address which will be fatal anyway, so this is only punting the
>>> failure for a few instructions.
>>
>> If recovery success, The task will be killed and there will be no subsequent
>> memset().
> 
> I don't think that's true.
> 
> IIUC per the last patch, in the exception handler we'll apply the fixup then
> force a signal. That doesn't kill the task immediately, and we'll return from
> the exception handler back into the original context (with the fixup applied).
> 

correct.

> The structure of copy_from_user() is
> 
> 	copy_from_user(to, from, n) {
> 		_copy_from_user(to, from, n) {
> 			res = n;
> 			res = raw_copy_from_user(to, from, n);
> 			if (res)
> 				memset(to + (n - res), 0, res);
> 		}
> 	}
> 
> So when the fixup is applied and res indicates that the copy terminated early,
> there is an unconditinal memset() before the fatal signal is handled in the
> return to userspace path.

correct in this scenario.

My idea is also valuable in many other scenarios.

> 
>>> If we really need to recover from certain accesses to kernel memory we should
>>> add a new EX_TYPE_KACCESS_ERR_ZERO_MC or similar, but we need a strong
>>> rationale as to why that's useful. As things stand I do not beleive it makes
>>> sense for copy to/from user specifically.
> 
> [...]
> 
>>>> diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
>>>> index c301dcf6335f..8ca8d9639f9f 100644
>>>> --- a/arch/arm64/mm/extable.c
>>>> +++ b/arch/arm64/mm/extable.c
>>>> @@ -86,10 +86,10 @@ bool fixup_exception_mc(struct pt_regs *regs)
>>>>    	if (!ex)
>>>>    		return false;
>>>> -	/*
>>>> -	 * This is not complete, More Machine check safe extable type can
>>>> -	 * be processed here.
>>>> -	 */
>>>> +	switch (ex->type) {
>>>> +	case EX_TYPE_UACCESS_ERR_ZERO:
>>>> +		return ex_handler_uaccess_err_zero(ex, regs);
>>>> +	}
>>>
>>> This addition specifically makes sense to me, so can you split this into a separate patch?
>>
>> According to my understanding of the above, only the modification of
>> extable.c is retained.
>>
>> So what do you mean which part is made into a separate patch?
> 
> As above, if you just retain the extable.c changes, that's fine by me.

Thanks,
Tong.
> 
> Thanks,
> Mark.
> .

Re: [PATCH -next v5 7/8] arm64: add uaccess to machine check safe

[Tong Tiangen]

在 2022/6/18 19:35, Mark Rutland 写道:
> On Sat, Jun 18, 2022 at 05:27:45PM +0800, Tong Tiangen wrote:
>>
>>
>> 在 2022/6/17 17:06, Mark Rutland 写道:
>>> On Sat, May 28, 2022 at 06:50:55AM +0000, Tong Tiangen wrote:
>>>> If user access fail due to hardware memory error, only the relevant
>>>> processes are affected, so killing the user process and isolate the
>>>> error page with hardware memory errors is a more reasonable choice
>>>> than kernel panic.
>>>>
>>>> Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
>>>
>>>> ---
>>>>    arch/arm64/lib/copy_from_user.S | 8 ++++----
>>>>    arch/arm64/lib/copy_to_user.S   | 8 ++++----
>>>
>>> All of these changes are to the *kernel* accesses performed as part of copy
>>> to/from user, and have nothing to do with userspace, so it does not make sense
>>> to mark these as UACCESS.
>>
>> You have a point. so there is no need to modify copy_from/to_user.S in this
>> patch set.
> 
> Cool, thanks. If this patch just has the extable change, that's fine by me.
> 
>>> Do we *actually* need to recover from failues on these accesses? Looking at
>>> _copy_from_user(), the kernel will immediately follow this up with a memset()
>>> to the same address which will be fatal anyway, so this is only punting the
>>> failure for a few instructions.
>>
>> If recovery success, The task will be killed and there will be no subsequent
>> memset().
> 
> I don't think that's true.
> 
> IIUC per the last patch, in the exception handler we'll apply the fixup then
> force a signal. That doesn't kill the task immediately, and we'll return from
> the exception handler back into the original context (with the fixup applied).
> 

correct.

> The structure of copy_from_user() is
> 
> 	copy_from_user(to, from, n) {
> 		_copy_from_user(to, from, n) {
> 			res = n;
> 			res = raw_copy_from_user(to, from, n);
> 			if (res)
> 				memset(to + (n - res), 0, res);
> 		}
> 	}
> 
> So when the fixup is applied and res indicates that the copy terminated early,
> there is an unconditinal memset() before the fatal signal is handled in the
> return to userspace path.

correct in this scenario.

My idea is also valuable in many other scenarios.

> 
>>> If we really need to recover from certain accesses to kernel memory we should
>>> add a new EX_TYPE_KACCESS_ERR_ZERO_MC or similar, but we need a strong
>>> rationale as to why that's useful. As things stand I do not beleive it makes
>>> sense for copy to/from user specifically.
> 
> [...]
> 
>>>> diff --git a/arch/arm64/mm/extable.c b/arch/arm64/mm/extable.c
>>>> index c301dcf6335f..8ca8d9639f9f 100644
>>>> --- a/arch/arm64/mm/extable.c
>>>> +++ b/arch/arm64/mm/extable.c
>>>> @@ -86,10 +86,10 @@ bool fixup_exception_mc(struct pt_regs *regs)
>>>>    	if (!ex)
>>>>    		return false;
>>>> -	/*
>>>> -	 * This is not complete, More Machine check safe extable type can
>>>> -	 * be processed here.
>>>> -	 */
>>>> +	switch (ex->type) {
>>>> +	case EX_TYPE_UACCESS_ERR_ZERO:
>>>> +		return ex_handler_uaccess_err_zero(ex, regs);
>>>> +	}
>>>
>>> This addition specifically makes sense to me, so can you split this into a separate patch?
>>
>> According to my understanding of the above, only the modification of
>> extable.c is retained.
>>
>> So what do you mean which part is made into a separate patch?
> 
> As above, if you just retain the extable.c changes, that's fine by me.

Thanks,
Tong.
> 
> Thanks,
> Mark.
> .

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Tong Tiangen]

在 2022/6/18 20:40, Mark Rutland 写道:
> On Sat, Jun 18, 2022 at 04:42:06PM +0800, Tong Tiangen wrote:
>>>>> diff --git a/arch/arm64/include/asm/asm-extable.h
>>>>> b/arch/arm64/include/asm/asm-extable.h
>>>>> index 56ebe183e78b..9c94ac1f082c 100644
>>>>> --- a/arch/arm64/include/asm/asm-extable.h
>>>>> +++ b/arch/arm64/include/asm/asm-extable.h
>>>>> @@ -28,6 +28,14 @@
>>>>>        __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
>>>>>        .endm
>>>>> +/*
>>>>> + * Create an exception table entry for uaccess `insn`, which
>>>>> will branch to `fixup`
>>>>> + * when an unhandled fault is taken.
>>>>> + * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
>>>>> + */
>>>>> +    .macro          _asm_extable_uaccess, insn, fixup
>>>>> +    __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
>>>>> +    .endm
>>>>
>>>> I'm not too keen on using `~0` here, since that also sets other bits
>>>> in the
>>>> data field, and its somewhat opaque.
>>>>
>>>> How painful is it to generate the data fields as with the C version
>>>> of this
>>>> macro, so that we can pass in wzr explciitly for the two sub-fields?
>>>>
>>>> Other than that, this looks good to me.
>>>>
>>>> Thanks,
>>>> Mark.
>>>
>>> ok, will fix next version.
>>>
>>> Thanks,
>>> Tong.
>>
>> I tried to using data filelds as with C version, but here assembly code we
>> can not using operator such as << and |, if we use lsl and orr instructions,
>> the gpr will be occupied.
>>
>> So how about using 0x3ff directly here? it means err register and zero
>> register both set to x31.
> 
> I had a go at implementing this, and it seems simple enough. Please see:
> 
>    https://git.kernel.org/pub/scm/linux/kernel/git/mark/linux.git/log/?h=arm64/extable/asm-uaccess
> 

I made the following modifications, and the other parts are based on 
your implementation:

arch/arm64/include/asm/asm-extable.h
[...]
.macro          _asm_extable_uaccess, insn, fixup
_ASM_EXTABLE_UACCESS(\insn, \fixup)
.endm
[...]


The following errors are reported during compilation:
[...]
arch/arm64/lib/clear_user.S:45: Error: invalid operands (*ABS* and *UND* 
sections) for `<<'
[...]

"<<" is invalid operands in assembly, is there something wrong with me?

Thanks,
Tong.
> Mark.
> 
> .

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Tong Tiangen]

在 2022/6/18 20:40, Mark Rutland 写道:
> On Sat, Jun 18, 2022 at 04:42:06PM +0800, Tong Tiangen wrote:
>>>>> diff --git a/arch/arm64/include/asm/asm-extable.h
>>>>> b/arch/arm64/include/asm/asm-extable.h
>>>>> index 56ebe183e78b..9c94ac1f082c 100644
>>>>> --- a/arch/arm64/include/asm/asm-extable.h
>>>>> +++ b/arch/arm64/include/asm/asm-extable.h
>>>>> @@ -28,6 +28,14 @@
>>>>>        __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
>>>>>        .endm
>>>>> +/*
>>>>> + * Create an exception table entry for uaccess `insn`, which
>>>>> will branch to `fixup`
>>>>> + * when an unhandled fault is taken.
>>>>> + * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
>>>>> + */
>>>>> +    .macro          _asm_extable_uaccess, insn, fixup
>>>>> +    __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
>>>>> +    .endm
>>>>
>>>> I'm not too keen on using `~0` here, since that also sets other bits
>>>> in the
>>>> data field, and its somewhat opaque.
>>>>
>>>> How painful is it to generate the data fields as with the C version
>>>> of this
>>>> macro, so that we can pass in wzr explciitly for the two sub-fields?
>>>>
>>>> Other than that, this looks good to me.
>>>>
>>>> Thanks,
>>>> Mark.
>>>
>>> ok, will fix next version.
>>>
>>> Thanks,
>>> Tong.
>>
>> I tried to using data filelds as with C version, but here assembly code we
>> can not using operator such as << and |, if we use lsl and orr instructions,
>> the gpr will be occupied.
>>
>> So how about using 0x3ff directly here? it means err register and zero
>> register both set to x31.
> 
> I had a go at implementing this, and it seems simple enough. Please see:
> 
>    https://git.kernel.org/pub/scm/linux/kernel/git/mark/linux.git/log/?h=arm64/extable/asm-uaccess
> 

I made the following modifications, and the other parts are based on 
your implementation:

arch/arm64/include/asm/asm-extable.h
[...]
.macro          _asm_extable_uaccess, insn, fixup
_ASM_EXTABLE_UACCESS(\insn, \fixup)
.endm
[...]


The following errors are reported during compilation:
[...]
arch/arm64/lib/clear_user.S:45: Error: invalid operands (*ABS* and *UND* 
sections) for `<<'
[...]

"<<" is invalid operands in assembly, is there something wrong with me?

Thanks,
Tong.
> Mark.
> 
> .

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Tong Tiangen]

在 2022/6/18 20:40, Mark Rutland 写道:
> On Sat, Jun 18, 2022 at 04:42:06PM +0800, Tong Tiangen wrote:
>>>>> diff --git a/arch/arm64/include/asm/asm-extable.h
>>>>> b/arch/arm64/include/asm/asm-extable.h
>>>>> index 56ebe183e78b..9c94ac1f082c 100644
>>>>> --- a/arch/arm64/include/asm/asm-extable.h
>>>>> +++ b/arch/arm64/include/asm/asm-extable.h
>>>>> @@ -28,6 +28,14 @@
>>>>>        __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
>>>>>        .endm
>>>>> +/*
>>>>> + * Create an exception table entry for uaccess `insn`, which
>>>>> will branch to `fixup`
>>>>> + * when an unhandled fault is taken.
>>>>> + * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
>>>>> + */
>>>>> +    .macro          _asm_extable_uaccess, insn, fixup
>>>>> +    __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
>>>>> +    .endm
>>>>
>>>> I'm not too keen on using `~0` here, since that also sets other bits
>>>> in the
>>>> data field, and its somewhat opaque.
>>>>
>>>> How painful is it to generate the data fields as with the C version
>>>> of this
>>>> macro, so that we can pass in wzr explciitly for the two sub-fields?
>>>>
>>>> Other than that, this looks good to me.
>>>>
>>>> Thanks,
>>>> Mark.
>>>
>>> ok, will fix next version.
>>>
>>> Thanks,
>>> Tong.
>>
>> I tried to using data filelds as with C version, but here assembly code we
>> can not using operator such as << and |, if we use lsl and orr instructions,
>> the gpr will be occupied.
>>
>> So how about using 0x3ff directly here? it means err register and zero
>> register both set to x31.
> 
> I had a go at implementing this, and it seems simple enough. Please see:
> 
>    https://git.kernel.org/pub/scm/linux/kernel/git/mark/linux.git/log/?h=arm64/extable/asm-uaccess
> 

I made the following modifications, and the other parts are based on 
your implementation:

arch/arm64/include/asm/asm-extable.h
[...]
.macro          _asm_extable_uaccess, insn, fixup
_ASM_EXTABLE_UACCESS(\insn, \fixup)
.endm
[...]


The following errors are reported during compilation:
[...]
arch/arm64/lib/clear_user.S:45: Error: invalid operands (*ABS* and *UND* 
sections) for `<<'
[...]

"<<" is invalid operands in assembly, is there something wrong with me?

Thanks,
Tong.
> Mark.
> 
> .

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Mark Rutland]

On Mon, Jun 20, 2022 at 10:59:12AM +0800, Tong Tiangen wrote:
> 在 2022/6/18 20:40, Mark Rutland 写道:
> > On Sat, Jun 18, 2022 at 04:42:06PM +0800, Tong Tiangen wrote:
> > > > > > diff --git a/arch/arm64/include/asm/asm-extable.h
> > > > > > b/arch/arm64/include/asm/asm-extable.h
> > > > > > index 56ebe183e78b..9c94ac1f082c 100644
> > > > > > --- a/arch/arm64/include/asm/asm-extable.h
> > > > > > +++ b/arch/arm64/include/asm/asm-extable.h
> > > > > > @@ -28,6 +28,14 @@
> > > > > >        __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
> > > > > >        .endm
> > > > > > +/*
> > > > > > + * Create an exception table entry for uaccess `insn`, which
> > > > > > will branch to `fixup`
> > > > > > + * when an unhandled fault is taken.
> > > > > > + * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
> > > > > > + */
> > > > > > +    .macro          _asm_extable_uaccess, insn, fixup
> > > > > > +    __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
> > > > > > +    .endm
> > > > > 
> > > > > I'm not too keen on using `~0` here, since that also sets other bits
> > > > > in the
> > > > > data field, and its somewhat opaque.
> > > > > 
> > > > > How painful is it to generate the data fields as with the C version
> > > > > of this
> > > > > macro, so that we can pass in wzr explciitly for the two sub-fields?
> > > > > 
> > > > > Other than that, this looks good to me.
> > > > > 
> > > > > Thanks,
> > > > > Mark.
> > > > 
> > > > ok, will fix next version.
> > > > 
> > > > Thanks,
> > > > Tong.
> > > 
> > > I tried to using data filelds as with C version, but here assembly code we
> > > can not using operator such as << and |, if we use lsl and orr instructions,
> > > the gpr will be occupied.
> > > 
> > > So how about using 0x3ff directly here? it means err register and zero
> > > register both set to x31.
> > 
> > I had a go at implementing this, and it seems simple enough. Please see:
> > 
> >    https://git.kernel.org/pub/scm/linux/kernel/git/mark/linux.git/log/?h=arm64/extable/asm-uaccess
> > 
> 
> I made the following modifications, and the other parts are based on your
> implementation:
> 
> arch/arm64/include/asm/asm-extable.h
> [...]
> .macro          _asm_extable_uaccess, insn, fixup
> _ASM_EXTABLE_UACCESS(\insn, \fixup)
> .endm
> [...]

I also made this same change locally when testing, and building with GCC 11.1.0
or LLVM 14.0.0 I am not seeing any problem when building, and the result is as
expected:

| [mark@lakrids:~/src/linux]% usekorg 11.1.0 make ARCH=arm64 CROSS_COMPILE=aarch64-linux- defconfig
| *** Default configuration is based on 'defconfig'
| #
| # No change to .config
| #
| [mark@lakrids:~/src/linux]% usekorg 11.1.0 make ARCH=arm64 CROSS_COMPILE=aarch64-linux- -j50 arch/arm64/lib/
|   CALL    scripts/atomic/check-atomics.sh
|   CC      arch/arm64/kernel/asm-offsets.s
|   CALL    scripts/checksyscalls.sh
|   AS      arch/arm64/kernel/vdso/note.o
|   AS      arch/arm64/kernel/vdso/sigreturn.o
|   LD      arch/arm64/kernel/vdso/vdso.so.dbg
|   VDSOSYM include/generated/vdso-offsets.h
|   OBJCOPY arch/arm64/kernel/vdso/vdso.so
| make[2]: Nothing to be done for 'arch/arm64/lib/'.
|   AS      arch/arm64/lib/clear_page.o
|   AS      arch/arm64/lib/clear_user.o
|   AS      arch/arm64/lib/copy_from_user.o
|   AS      arch/arm64/lib/copy_page.o
|   AS      arch/arm64/lib/copy_to_user.o
|   CC      arch/arm64/lib/csum.o
|   CC      arch/arm64/lib/delay.o
|   AS      arch/arm64/lib/memchr.o
|   AS      arch/arm64/lib/memcmp.o
|   AS      arch/arm64/lib/memcpy.o
|   AS      arch/arm64/lib/memset.o
|   AS      arch/arm64/lib/strchr.o
|   AS      arch/arm64/lib/strcmp.o
|   AS      arch/arm64/lib/strlen.o
|   AS      arch/arm64/lib/strncmp.o
|   AS      arch/arm64/lib/strnlen.o
|   AS      arch/arm64/lib/strrchr.o
|   AS      arch/arm64/lib/tishift.o
|   AS      arch/arm64/lib/crc32.o
|   AS      arch/arm64/lib/mte.o
|   CC [M]  arch/arm64/lib/xor-neon.o
|   AR      arch/arm64/lib/built-in.a
|   AR      arch/arm64/lib/lib.a
| [mark@lakrids:~/src/linux]% usekorg 12.1.0 aarch64-linux-objdump -j __ex_table -D arch/arm64/lib/clear_user.o
| 
| arch/arm64/lib/clear_user.o:     file format elf64-littleaarch64
| 
| 
| Disassembly of section __ex_table:
| 
| 0000000000000000 <__ex_table>:
|         ...
|    8:   03ff0003        .inst   0x03ff0003 ; undefined
|         ...
|   14:   03ff0003        .inst   0x03ff0003 ; undefined
|         ...
|   20:   03ff0003        .inst   0x03ff0003 ; undefined
|         ...
|   2c:   03ff0003        .inst   0x03ff0003 ; undefined
|         ...
|   38:   03ff0003        .inst   0x03ff0003 ; undefined
|         ...
|   44:   03ff0003        .inst   0x03ff0003 ; undefined

> The following errors are reported during compilation:
> [...]
> arch/arm64/lib/clear_user.S:45: Error: invalid operands (*ABS* and *UND*
> sections) for `<<'
> [...]

As above, I'm not seeing this.

This suggests that the EX_DATA_REG() macro is going wrong somehow. Assuming the
operand types correspond to the LHS and RHS of the expression, this would mean
the GPR number is defined, but the REG value is not, and I can't currently see
how that can happen.

> "<<" is invalid operands in assembly, is there something wrong with me?

At the moment I can only assume there is a local problem. I'd suspect a typo
somewhere, but maybe you have a toolchain which behaves differently?

Thanks,
Mark.

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Mark Rutland]

On Mon, Jun 20, 2022 at 10:59:12AM +0800, Tong Tiangen wrote:
> 在 2022/6/18 20:40, Mark Rutland 写道:
> > On Sat, Jun 18, 2022 at 04:42:06PM +0800, Tong Tiangen wrote:
> > > > > > diff --git a/arch/arm64/include/asm/asm-extable.h
> > > > > > b/arch/arm64/include/asm/asm-extable.h
> > > > > > index 56ebe183e78b..9c94ac1f082c 100644
> > > > > > --- a/arch/arm64/include/asm/asm-extable.h
> > > > > > +++ b/arch/arm64/include/asm/asm-extable.h
> > > > > > @@ -28,6 +28,14 @@
> > > > > >        __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
> > > > > >        .endm
> > > > > > +/*
> > > > > > + * Create an exception table entry for uaccess `insn`, which
> > > > > > will branch to `fixup`
> > > > > > + * when an unhandled fault is taken.
> > > > > > + * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
> > > > > > + */
> > > > > > +    .macro          _asm_extable_uaccess, insn, fixup
> > > > > > +    __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
> > > > > > +    .endm
> > > > > 
> > > > > I'm not too keen on using `~0` here, since that also sets other bits
> > > > > in the
> > > > > data field, and its somewhat opaque.
> > > > > 
> > > > > How painful is it to generate the data fields as with the C version
> > > > > of this
> > > > > macro, so that we can pass in wzr explciitly for the two sub-fields?
> > > > > 
> > > > > Other than that, this looks good to me.
> > > > > 
> > > > > Thanks,
> > > > > Mark.
> > > > 
> > > > ok, will fix next version.
> > > > 
> > > > Thanks,
> > > > Tong.
> > > 
> > > I tried to using data filelds as with C version, but here assembly code we
> > > can not using operator such as << and |, if we use lsl and orr instructions,
> > > the gpr will be occupied.
> > > 
> > > So how about using 0x3ff directly here? it means err register and zero
> > > register both set to x31.
> > 
> > I had a go at implementing this, and it seems simple enough. Please see:
> > 
> >    https://git.kernel.org/pub/scm/linux/kernel/git/mark/linux.git/log/?h=arm64/extable/asm-uaccess
> > 
> 
> I made the following modifications, and the other parts are based on your
> implementation:
> 
> arch/arm64/include/asm/asm-extable.h
> [...]
> .macro          _asm_extable_uaccess, insn, fixup
> _ASM_EXTABLE_UACCESS(\insn, \fixup)
> .endm
> [...]

I also made this same change locally when testing, and building with GCC 11.1.0
or LLVM 14.0.0 I am not seeing any problem when building, and the result is as
expected:

| [mark@lakrids:~/src/linux]% usekorg 11.1.0 make ARCH=arm64 CROSS_COMPILE=aarch64-linux- defconfig
| *** Default configuration is based on 'defconfig'
| #
| # No change to .config
| #
| [mark@lakrids:~/src/linux]% usekorg 11.1.0 make ARCH=arm64 CROSS_COMPILE=aarch64-linux- -j50 arch/arm64/lib/
|   CALL    scripts/atomic/check-atomics.sh
|   CC      arch/arm64/kernel/asm-offsets.s
|   CALL    scripts/checksyscalls.sh
|   AS      arch/arm64/kernel/vdso/note.o
|   AS      arch/arm64/kernel/vdso/sigreturn.o
|   LD      arch/arm64/kernel/vdso/vdso.so.dbg
|   VDSOSYM include/generated/vdso-offsets.h
|   OBJCOPY arch/arm64/kernel/vdso/vdso.so
| make[2]: Nothing to be done for 'arch/arm64/lib/'.
|   AS      arch/arm64/lib/clear_page.o
|   AS      arch/arm64/lib/clear_user.o
|   AS      arch/arm64/lib/copy_from_user.o
|   AS      arch/arm64/lib/copy_page.o
|   AS      arch/arm64/lib/copy_to_user.o
|   CC      arch/arm64/lib/csum.o
|   CC      arch/arm64/lib/delay.o
|   AS      arch/arm64/lib/memchr.o
|   AS      arch/arm64/lib/memcmp.o
|   AS      arch/arm64/lib/memcpy.o
|   AS      arch/arm64/lib/memset.o
|   AS      arch/arm64/lib/strchr.o
|   AS      arch/arm64/lib/strcmp.o
|   AS      arch/arm64/lib/strlen.o
|   AS      arch/arm64/lib/strncmp.o
|   AS      arch/arm64/lib/strnlen.o
|   AS      arch/arm64/lib/strrchr.o
|   AS      arch/arm64/lib/tishift.o
|   AS      arch/arm64/lib/crc32.o
|   AS      arch/arm64/lib/mte.o
|   CC [M]  arch/arm64/lib/xor-neon.o
|   AR      arch/arm64/lib/built-in.a
|   AR      arch/arm64/lib/lib.a
| [mark@lakrids:~/src/linux]% usekorg 12.1.0 aarch64-linux-objdump -j __ex_table -D arch/arm64/lib/clear_user.o
| 
| arch/arm64/lib/clear_user.o:     file format elf64-littleaarch64
| 
| 
| Disassembly of section __ex_table:
| 
| 0000000000000000 <__ex_table>:
|         ...
|    8:   03ff0003        .inst   0x03ff0003 ; undefined
|         ...
|   14:   03ff0003        .inst   0x03ff0003 ; undefined
|         ...
|   20:   03ff0003        .inst   0x03ff0003 ; undefined
|         ...
|   2c:   03ff0003        .inst   0x03ff0003 ; undefined
|         ...
|   38:   03ff0003        .inst   0x03ff0003 ; undefined
|         ...
|   44:   03ff0003        .inst   0x03ff0003 ; undefined

> The following errors are reported during compilation:
> [...]
> arch/arm64/lib/clear_user.S:45: Error: invalid operands (*ABS* and *UND*
> sections) for `<<'
> [...]

As above, I'm not seeing this.

This suggests that the EX_DATA_REG() macro is going wrong somehow. Assuming the
operand types correspond to the LHS and RHS of the expression, this would mean
the GPR number is defined, but the REG value is not, and I can't currently see
how that can happen.

> "<<" is invalid operands in assembly, is there something wrong with me?

At the moment I can only assume there is a local problem. I'd suspect a typo
somewhere, but maybe you have a toolchain which behaves differently?

Thanks,
Mark.

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Mark Rutland]

On Mon, Jun 20, 2022 at 10:59:12AM +0800, Tong Tiangen wrote:
> 在 2022/6/18 20:40, Mark Rutland 写道:
> > On Sat, Jun 18, 2022 at 04:42:06PM +0800, Tong Tiangen wrote:
> > > > > > diff --git a/arch/arm64/include/asm/asm-extable.h
> > > > > > b/arch/arm64/include/asm/asm-extable.h
> > > > > > index 56ebe183e78b..9c94ac1f082c 100644
> > > > > > --- a/arch/arm64/include/asm/asm-extable.h
> > > > > > +++ b/arch/arm64/include/asm/asm-extable.h
> > > > > > @@ -28,6 +28,14 @@
> > > > > >        __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
> > > > > >        .endm
> > > > > > +/*
> > > > > > + * Create an exception table entry for uaccess `insn`, which
> > > > > > will branch to `fixup`
> > > > > > + * when an unhandled fault is taken.
> > > > > > + * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
> > > > > > + */
> > > > > > +    .macro          _asm_extable_uaccess, insn, fixup
> > > > > > +    __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
> > > > > > +    .endm
> > > > > 
> > > > > I'm not too keen on using `~0` here, since that also sets other bits
> > > > > in the
> > > > > data field, and its somewhat opaque.
> > > > > 
> > > > > How painful is it to generate the data fields as with the C version
> > > > > of this
> > > > > macro, so that we can pass in wzr explciitly for the two sub-fields?
> > > > > 
> > > > > Other than that, this looks good to me.
> > > > > 
> > > > > Thanks,
> > > > > Mark.
> > > > 
> > > > ok, will fix next version.
> > > > 
> > > > Thanks,
> > > > Tong.
> > > 
> > > I tried to using data filelds as with C version, but here assembly code we
> > > can not using operator such as << and |, if we use lsl and orr instructions,
> > > the gpr will be occupied.
> > > 
> > > So how about using 0x3ff directly here? it means err register and zero
> > > register both set to x31.
> > 
> > I had a go at implementing this, and it seems simple enough. Please see:
> > 
> >    https://git.kernel.org/pub/scm/linux/kernel/git/mark/linux.git/log/?h=arm64/extable/asm-uaccess
> > 
> 
> I made the following modifications, and the other parts are based on your
> implementation:
> 
> arch/arm64/include/asm/asm-extable.h
> [...]
> .macro          _asm_extable_uaccess, insn, fixup
> _ASM_EXTABLE_UACCESS(\insn, \fixup)
> .endm
> [...]

I also made this same change locally when testing, and building with GCC 11.1.0
or LLVM 14.0.0 I am not seeing any problem when building, and the result is as
expected:

| [mark@lakrids:~/src/linux]% usekorg 11.1.0 make ARCH=arm64 CROSS_COMPILE=aarch64-linux- defconfig
| *** Default configuration is based on 'defconfig'
| #
| # No change to .config
| #
| [mark@lakrids:~/src/linux]% usekorg 11.1.0 make ARCH=arm64 CROSS_COMPILE=aarch64-linux- -j50 arch/arm64/lib/
|   CALL    scripts/atomic/check-atomics.sh
|   CC      arch/arm64/kernel/asm-offsets.s
|   CALL    scripts/checksyscalls.sh
|   AS      arch/arm64/kernel/vdso/note.o
|   AS      arch/arm64/kernel/vdso/sigreturn.o
|   LD      arch/arm64/kernel/vdso/vdso.so.dbg
|   VDSOSYM include/generated/vdso-offsets.h
|   OBJCOPY arch/arm64/kernel/vdso/vdso.so
| make[2]: Nothing to be done for 'arch/arm64/lib/'.
|   AS      arch/arm64/lib/clear_page.o
|   AS      arch/arm64/lib/clear_user.o
|   AS      arch/arm64/lib/copy_from_user.o
|   AS      arch/arm64/lib/copy_page.o
|   AS      arch/arm64/lib/copy_to_user.o
|   CC      arch/arm64/lib/csum.o
|   CC      arch/arm64/lib/delay.o
|   AS      arch/arm64/lib/memchr.o
|   AS      arch/arm64/lib/memcmp.o
|   AS      arch/arm64/lib/memcpy.o
|   AS      arch/arm64/lib/memset.o
|   AS      arch/arm64/lib/strchr.o
|   AS      arch/arm64/lib/strcmp.o
|   AS      arch/arm64/lib/strlen.o
|   AS      arch/arm64/lib/strncmp.o
|   AS      arch/arm64/lib/strnlen.o
|   AS      arch/arm64/lib/strrchr.o
|   AS      arch/arm64/lib/tishift.o
|   AS      arch/arm64/lib/crc32.o
|   AS      arch/arm64/lib/mte.o
|   CC [M]  arch/arm64/lib/xor-neon.o
|   AR      arch/arm64/lib/built-in.a
|   AR      arch/arm64/lib/lib.a
| [mark@lakrids:~/src/linux]% usekorg 12.1.0 aarch64-linux-objdump -j __ex_table -D arch/arm64/lib/clear_user.o
| 
| arch/arm64/lib/clear_user.o:     file format elf64-littleaarch64
| 
| 
| Disassembly of section __ex_table:
| 
| 0000000000000000 <__ex_table>:
|         ...
|    8:   03ff0003        .inst   0x03ff0003 ; undefined
|         ...
|   14:   03ff0003        .inst   0x03ff0003 ; undefined
|         ...
|   20:   03ff0003        .inst   0x03ff0003 ; undefined
|         ...
|   2c:   03ff0003        .inst   0x03ff0003 ; undefined
|         ...
|   38:   03ff0003        .inst   0x03ff0003 ; undefined
|         ...
|   44:   03ff0003        .inst   0x03ff0003 ; undefined

> The following errors are reported during compilation:
> [...]
> arch/arm64/lib/clear_user.S:45: Error: invalid operands (*ABS* and *UND*
> sections) for `<<'
> [...]

As above, I'm not seeing this.

This suggests that the EX_DATA_REG() macro is going wrong somehow. Assuming the
operand types correspond to the LHS and RHS of the expression, this would mean
the GPR number is defined, but the REG value is not, and I can't currently see
how that can happen.

> "<<" is invalid operands in assembly, is there something wrong with me?

At the moment I can only assume there is a local problem. I'd suspect a typo
somewhere, but maybe you have a toolchain which behaves differently?

Thanks,
Mark.

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Tong Tiangen]

在 2022/6/20 17:10, Mark Rutland 写道:
> On Mon, Jun 20, 2022 at 10:59:12AM +0800, Tong Tiangen wrote:
>> 在 2022/6/18 20:40, Mark Rutland 写道:
>>> On Sat, Jun 18, 2022 at 04:42:06PM +0800, Tong Tiangen wrote:
>>>>>>> diff --git a/arch/arm64/include/asm/asm-extable.h
>>>>>>> b/arch/arm64/include/asm/asm-extable.h
>>>>>>> index 56ebe183e78b..9c94ac1f082c 100644
>>>>>>> --- a/arch/arm64/include/asm/asm-extable.h
>>>>>>> +++ b/arch/arm64/include/asm/asm-extable.h
>>>>>>> @@ -28,6 +28,14 @@
>>>>>>>         __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
>>>>>>>         .endm
>>>>>>> +/*
>>>>>>> + * Create an exception table entry for uaccess `insn`, which
>>>>>>> will branch to `fixup`
>>>>>>> + * when an unhandled fault is taken.
>>>>>>> + * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
>>>>>>> + */
>>>>>>> +    .macro          _asm_extable_uaccess, insn, fixup
>>>>>>> +    __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
>>>>>>> +    .endm
>>>>>>
>>>>>> I'm not too keen on using `~0` here, since that also sets other bits
>>>>>> in the
>>>>>> data field, and its somewhat opaque.
>>>>>>
>>>>>> How painful is it to generate the data fields as with the C version
>>>>>> of this
>>>>>> macro, so that we can pass in wzr explciitly for the two sub-fields?
>>>>>>
>>>>>> Other than that, this looks good to me.
>>>>>>
>>>>>> Thanks,
>>>>>> Mark.
>>>>>
>>>>> ok, will fix next version.
>>>>>
>>>>> Thanks,
>>>>> Tong.
>>>>
>>>> I tried to using data filelds as with C version, but here assembly code we
>>>> can not using operator such as << and |, if we use lsl and orr instructions,
>>>> the gpr will be occupied.
>>>>
>>>> So how about using 0x3ff directly here? it means err register and zero
>>>> register both set to x31.
>>>
>>> I had a go at implementing this, and it seems simple enough. Please see:
>>>
>>>     https://git.kernel.org/pub/scm/linux/kernel/git/mark/linux.git/log/?h=arm64/extable/asm-uaccess
>>>
>>
>> I made the following modifications, and the other parts are based on your
>> implementation:
>>
>> arch/arm64/include/asm/asm-extable.h
>> [...]
>> .macro          _asm_extable_uaccess, insn, fixup
>> _ASM_EXTABLE_UACCESS(\insn, \fixup)
>> .endm
>> [...]
> 
> I also made this same change locally when testing, and building with GCC 11.1.0
> or LLVM 14.0.0 I am not seeing any problem when building, and the result is as
> expected:
> 
> | [mark@lakrids:~/src/linux]% usekorg 11.1.0 make ARCH=arm64 CROSS_COMPILE=aarch64-linux- defconfig
> | *** Default configuration is based on 'defconfig'
> | #
> | # No change to .config
> | #
> | [mark@lakrids:~/src/linux]% usekorg 11.1.0 make ARCH=arm64 CROSS_COMPILE=aarch64-linux- -j50 arch/arm64/lib/
> |   CALL    scripts/atomic/check-atomics.sh
> |   CC      arch/arm64/kernel/asm-offsets.s
> |   CALL    scripts/checksyscalls.sh
> |   AS      arch/arm64/kernel/vdso/note.o
> |   AS      arch/arm64/kernel/vdso/sigreturn.o
> |   LD      arch/arm64/kernel/vdso/vdso.so.dbg
> |   VDSOSYM include/generated/vdso-offsets.h
> |   OBJCOPY arch/arm64/kernel/vdso/vdso.so
> | make[2]: Nothing to be done for 'arch/arm64/lib/'.
> |   AS      arch/arm64/lib/clear_page.o
> |   AS      arch/arm64/lib/clear_user.o
> |   AS      arch/arm64/lib/copy_from_user.o
> |   AS      arch/arm64/lib/copy_page.o
> |   AS      arch/arm64/lib/copy_to_user.o
> |   CC      arch/arm64/lib/csum.o
> |   CC      arch/arm64/lib/delay.o
> |   AS      arch/arm64/lib/memchr.o
> |   AS      arch/arm64/lib/memcmp.o
> |   AS      arch/arm64/lib/memcpy.o
> |   AS      arch/arm64/lib/memset.o
> |   AS      arch/arm64/lib/strchr.o
> |   AS      arch/arm64/lib/strcmp.o
> |   AS      arch/arm64/lib/strlen.o
> |   AS      arch/arm64/lib/strncmp.o
> |   AS      arch/arm64/lib/strnlen.o
> |   AS      arch/arm64/lib/strrchr.o
> |   AS      arch/arm64/lib/tishift.o
> |   AS      arch/arm64/lib/crc32.o
> |   AS      arch/arm64/lib/mte.o
> |   CC [M]  arch/arm64/lib/xor-neon.o
> |   AR      arch/arm64/lib/built-in.a
> |   AR      arch/arm64/lib/lib.a
> | [mark@lakrids:~/src/linux]% usekorg 12.1.0 aarch64-linux-objdump -j __ex_table -D arch/arm64/lib/clear_user.o
> |
> | arch/arm64/lib/clear_user.o:     file format elf64-littleaarch64
> |
> |
> | Disassembly of section __ex_table:
> |
> | 0000000000000000 <__ex_table>:
> |         ...
> |    8:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   14:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   20:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   2c:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   38:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   44:   03ff0003        .inst   0x03ff0003 ; undefined
> 
>> The following errors are reported during compilation:
>> [...]
>> arch/arm64/lib/clear_user.S:45: Error: invalid operands (*ABS* and *UND*
>> sections) for `<<'
>> [...]
> 
> As above, I'm not seeing this.
> 
> This suggests that the EX_DATA_REG() macro is going wrong somehow. Assuming the
> operand types correspond to the LHS and RHS of the expression, this would mean
> the GPR number is defined, but the REG value is not, and I can't currently see
> how that can happen.
> 
>> "<<" is invalid operands in assembly, is there something wrong with me?
> 
> At the moment I can only assume there is a local problem. I'd suspect a typo
> somewhere, but maybe you have a toolchain which behaves differently?
> 
> Thanks,
> Mark.

My gcc version is 9.4.0, let me try your gcc version first.

Thanks,
Tong.
> .

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Tong Tiangen]

在 2022/6/20 17:10, Mark Rutland 写道:
> On Mon, Jun 20, 2022 at 10:59:12AM +0800, Tong Tiangen wrote:
>> 在 2022/6/18 20:40, Mark Rutland 写道:
>>> On Sat, Jun 18, 2022 at 04:42:06PM +0800, Tong Tiangen wrote:
>>>>>>> diff --git a/arch/arm64/include/asm/asm-extable.h
>>>>>>> b/arch/arm64/include/asm/asm-extable.h
>>>>>>> index 56ebe183e78b..9c94ac1f082c 100644
>>>>>>> --- a/arch/arm64/include/asm/asm-extable.h
>>>>>>> +++ b/arch/arm64/include/asm/asm-extable.h
>>>>>>> @@ -28,6 +28,14 @@
>>>>>>>         __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
>>>>>>>         .endm
>>>>>>> +/*
>>>>>>> + * Create an exception table entry for uaccess `insn`, which
>>>>>>> will branch to `fixup`
>>>>>>> + * when an unhandled fault is taken.
>>>>>>> + * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
>>>>>>> + */
>>>>>>> +    .macro          _asm_extable_uaccess, insn, fixup
>>>>>>> +    __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
>>>>>>> +    .endm
>>>>>>
>>>>>> I'm not too keen on using `~0` here, since that also sets other bits
>>>>>> in the
>>>>>> data field, and its somewhat opaque.
>>>>>>
>>>>>> How painful is it to generate the data fields as with the C version
>>>>>> of this
>>>>>> macro, so that we can pass in wzr explciitly for the two sub-fields?
>>>>>>
>>>>>> Other than that, this looks good to me.
>>>>>>
>>>>>> Thanks,
>>>>>> Mark.
>>>>>
>>>>> ok, will fix next version.
>>>>>
>>>>> Thanks,
>>>>> Tong.
>>>>
>>>> I tried to using data filelds as with C version, but here assembly code we
>>>> can not using operator such as << and |, if we use lsl and orr instructions,
>>>> the gpr will be occupied.
>>>>
>>>> So how about using 0x3ff directly here? it means err register and zero
>>>> register both set to x31.
>>>
>>> I had a go at implementing this, and it seems simple enough. Please see:
>>>
>>>     https://git.kernel.org/pub/scm/linux/kernel/git/mark/linux.git/log/?h=arm64/extable/asm-uaccess
>>>
>>
>> I made the following modifications, and the other parts are based on your
>> implementation:
>>
>> arch/arm64/include/asm/asm-extable.h
>> [...]
>> .macro          _asm_extable_uaccess, insn, fixup
>> _ASM_EXTABLE_UACCESS(\insn, \fixup)
>> .endm
>> [...]
> 
> I also made this same change locally when testing, and building with GCC 11.1.0
> or LLVM 14.0.0 I am not seeing any problem when building, and the result is as
> expected:
> 
> | [mark@lakrids:~/src/linux]% usekorg 11.1.0 make ARCH=arm64 CROSS_COMPILE=aarch64-linux- defconfig
> | *** Default configuration is based on 'defconfig'
> | #
> | # No change to .config
> | #
> | [mark@lakrids:~/src/linux]% usekorg 11.1.0 make ARCH=arm64 CROSS_COMPILE=aarch64-linux- -j50 arch/arm64/lib/
> |   CALL    scripts/atomic/check-atomics.sh
> |   CC      arch/arm64/kernel/asm-offsets.s
> |   CALL    scripts/checksyscalls.sh
> |   AS      arch/arm64/kernel/vdso/note.o
> |   AS      arch/arm64/kernel/vdso/sigreturn.o
> |   LD      arch/arm64/kernel/vdso/vdso.so.dbg
> |   VDSOSYM include/generated/vdso-offsets.h
> |   OBJCOPY arch/arm64/kernel/vdso/vdso.so
> | make[2]: Nothing to be done for 'arch/arm64/lib/'.
> |   AS      arch/arm64/lib/clear_page.o
> |   AS      arch/arm64/lib/clear_user.o
> |   AS      arch/arm64/lib/copy_from_user.o
> |   AS      arch/arm64/lib/copy_page.o
> |   AS      arch/arm64/lib/copy_to_user.o
> |   CC      arch/arm64/lib/csum.o
> |   CC      arch/arm64/lib/delay.o
> |   AS      arch/arm64/lib/memchr.o
> |   AS      arch/arm64/lib/memcmp.o
> |   AS      arch/arm64/lib/memcpy.o
> |   AS      arch/arm64/lib/memset.o
> |   AS      arch/arm64/lib/strchr.o
> |   AS      arch/arm64/lib/strcmp.o
> |   AS      arch/arm64/lib/strlen.o
> |   AS      arch/arm64/lib/strncmp.o
> |   AS      arch/arm64/lib/strnlen.o
> |   AS      arch/arm64/lib/strrchr.o
> |   AS      arch/arm64/lib/tishift.o
> |   AS      arch/arm64/lib/crc32.o
> |   AS      arch/arm64/lib/mte.o
> |   CC [M]  arch/arm64/lib/xor-neon.o
> |   AR      arch/arm64/lib/built-in.a
> |   AR      arch/arm64/lib/lib.a
> | [mark@lakrids:~/src/linux]% usekorg 12.1.0 aarch64-linux-objdump -j __ex_table -D arch/arm64/lib/clear_user.o
> |
> | arch/arm64/lib/clear_user.o:     file format elf64-littleaarch64
> |
> |
> | Disassembly of section __ex_table:
> |
> | 0000000000000000 <__ex_table>:
> |         ...
> |    8:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   14:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   20:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   2c:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   38:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   44:   03ff0003        .inst   0x03ff0003 ; undefined
> 
>> The following errors are reported during compilation:
>> [...]
>> arch/arm64/lib/clear_user.S:45: Error: invalid operands (*ABS* and *UND*
>> sections) for `<<'
>> [...]
> 
> As above, I'm not seeing this.
> 
> This suggests that the EX_DATA_REG() macro is going wrong somehow. Assuming the
> operand types correspond to the LHS and RHS of the expression, this would mean
> the GPR number is defined, but the REG value is not, and I can't currently see
> how that can happen.
> 
>> "<<" is invalid operands in assembly, is there something wrong with me?
> 
> At the moment I can only assume there is a local problem. I'd suspect a typo
> somewhere, but maybe you have a toolchain which behaves differently?
> 
> Thanks,
> Mark.

My gcc version is 9.4.0, let me try your gcc version first.

Thanks,
Tong.
> .

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Tong Tiangen]

在 2022/6/20 17:10, Mark Rutland 写道:
> On Mon, Jun 20, 2022 at 10:59:12AM +0800, Tong Tiangen wrote:
>> 在 2022/6/18 20:40, Mark Rutland 写道:
>>> On Sat, Jun 18, 2022 at 04:42:06PM +0800, Tong Tiangen wrote:
>>>>>>> diff --git a/arch/arm64/include/asm/asm-extable.h
>>>>>>> b/arch/arm64/include/asm/asm-extable.h
>>>>>>> index 56ebe183e78b..9c94ac1f082c 100644
>>>>>>> --- a/arch/arm64/include/asm/asm-extable.h
>>>>>>> +++ b/arch/arm64/include/asm/asm-extable.h
>>>>>>> @@ -28,6 +28,14 @@
>>>>>>>         __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
>>>>>>>         .endm
>>>>>>> +/*
>>>>>>> + * Create an exception table entry for uaccess `insn`, which
>>>>>>> will branch to `fixup`
>>>>>>> + * when an unhandled fault is taken.
>>>>>>> + * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
>>>>>>> + */
>>>>>>> +    .macro          _asm_extable_uaccess, insn, fixup
>>>>>>> +    __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
>>>>>>> +    .endm
>>>>>>
>>>>>> I'm not too keen on using `~0` here, since that also sets other bits
>>>>>> in the
>>>>>> data field, and its somewhat opaque.
>>>>>>
>>>>>> How painful is it to generate the data fields as with the C version
>>>>>> of this
>>>>>> macro, so that we can pass in wzr explciitly for the two sub-fields?
>>>>>>
>>>>>> Other than that, this looks good to me.
>>>>>>
>>>>>> Thanks,
>>>>>> Mark.
>>>>>
>>>>> ok, will fix next version.
>>>>>
>>>>> Thanks,
>>>>> Tong.
>>>>
>>>> I tried to using data filelds as with C version, but here assembly code we
>>>> can not using operator such as << and |, if we use lsl and orr instructions,
>>>> the gpr will be occupied.
>>>>
>>>> So how about using 0x3ff directly here? it means err register and zero
>>>> register both set to x31.
>>>
>>> I had a go at implementing this, and it seems simple enough. Please see:
>>>
>>>     https://git.kernel.org/pub/scm/linux/kernel/git/mark/linux.git/log/?h=arm64/extable/asm-uaccess
>>>
>>
>> I made the following modifications, and the other parts are based on your
>> implementation:
>>
>> arch/arm64/include/asm/asm-extable.h
>> [...]
>> .macro          _asm_extable_uaccess, insn, fixup
>> _ASM_EXTABLE_UACCESS(\insn, \fixup)
>> .endm
>> [...]
> 
> I also made this same change locally when testing, and building with GCC 11.1.0
> or LLVM 14.0.0 I am not seeing any problem when building, and the result is as
> expected:
> 
> | [mark@lakrids:~/src/linux]% usekorg 11.1.0 make ARCH=arm64 CROSS_COMPILE=aarch64-linux- defconfig
> | *** Default configuration is based on 'defconfig'
> | #
> | # No change to .config
> | #
> | [mark@lakrids:~/src/linux]% usekorg 11.1.0 make ARCH=arm64 CROSS_COMPILE=aarch64-linux- -j50 arch/arm64/lib/
> |   CALL    scripts/atomic/check-atomics.sh
> |   CC      arch/arm64/kernel/asm-offsets.s
> |   CALL    scripts/checksyscalls.sh
> |   AS      arch/arm64/kernel/vdso/note.o
> |   AS      arch/arm64/kernel/vdso/sigreturn.o
> |   LD      arch/arm64/kernel/vdso/vdso.so.dbg
> |   VDSOSYM include/generated/vdso-offsets.h
> |   OBJCOPY arch/arm64/kernel/vdso/vdso.so
> | make[2]: Nothing to be done for 'arch/arm64/lib/'.
> |   AS      arch/arm64/lib/clear_page.o
> |   AS      arch/arm64/lib/clear_user.o
> |   AS      arch/arm64/lib/copy_from_user.o
> |   AS      arch/arm64/lib/copy_page.o
> |   AS      arch/arm64/lib/copy_to_user.o
> |   CC      arch/arm64/lib/csum.o
> |   CC      arch/arm64/lib/delay.o
> |   AS      arch/arm64/lib/memchr.o
> |   AS      arch/arm64/lib/memcmp.o
> |   AS      arch/arm64/lib/memcpy.o
> |   AS      arch/arm64/lib/memset.o
> |   AS      arch/arm64/lib/strchr.o
> |   AS      arch/arm64/lib/strcmp.o
> |   AS      arch/arm64/lib/strlen.o
> |   AS      arch/arm64/lib/strncmp.o
> |   AS      arch/arm64/lib/strnlen.o
> |   AS      arch/arm64/lib/strrchr.o
> |   AS      arch/arm64/lib/tishift.o
> |   AS      arch/arm64/lib/crc32.o
> |   AS      arch/arm64/lib/mte.o
> |   CC [M]  arch/arm64/lib/xor-neon.o
> |   AR      arch/arm64/lib/built-in.a
> |   AR      arch/arm64/lib/lib.a
> | [mark@lakrids:~/src/linux]% usekorg 12.1.0 aarch64-linux-objdump -j __ex_table -D arch/arm64/lib/clear_user.o
> |
> | arch/arm64/lib/clear_user.o:     file format elf64-littleaarch64
> |
> |
> | Disassembly of section __ex_table:
> |
> | 0000000000000000 <__ex_table>:
> |         ...
> |    8:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   14:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   20:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   2c:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   38:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   44:   03ff0003        .inst   0x03ff0003 ; undefined
> 
>> The following errors are reported during compilation:
>> [...]
>> arch/arm64/lib/clear_user.S:45: Error: invalid operands (*ABS* and *UND*
>> sections) for `<<'
>> [...]
> 
> As above, I'm not seeing this.
> 
> This suggests that the EX_DATA_REG() macro is going wrong somehow. Assuming the
> operand types correspond to the LHS and RHS of the expression, this would mean
> the GPR number is defined, but the REG value is not, and I can't currently see
> how that can happen.
> 
>> "<<" is invalid operands in assembly, is there something wrong with me?
> 
> At the moment I can only assume there is a local problem. I'd suspect a typo
> somewhere, but maybe you have a toolchain which behaves differently?
> 
> Thanks,
> Mark.

My gcc version is 9.4.0, let me try your gcc version first.

Thanks,
Tong.
> .

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Tong Tiangen]

在 2022/6/20 17:10, Mark Rutland 写道:
> On Mon, Jun 20, 2022 at 10:59:12AM +0800, Tong Tiangen wrote:
>> 在 2022/6/18 20:40, Mark Rutland 写道:
>>> On Sat, Jun 18, 2022 at 04:42:06PM +0800, Tong Tiangen wrote:
>>>>>>> diff --git a/arch/arm64/include/asm/asm-extable.h
>>>>>>> b/arch/arm64/include/asm/asm-extable.h
>>>>>>> index 56ebe183e78b..9c94ac1f082c 100644
>>>>>>> --- a/arch/arm64/include/asm/asm-extable.h
>>>>>>> +++ b/arch/arm64/include/asm/asm-extable.h
>>>>>>> @@ -28,6 +28,14 @@
>>>>>>>         __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
>>>>>>>         .endm
>>>>>>> +/*
>>>>>>> + * Create an exception table entry for uaccess `insn`, which
>>>>>>> will branch to `fixup`
>>>>>>> + * when an unhandled fault is taken.
>>>>>>> + * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
>>>>>>> + */
>>>>>>> +    .macro          _asm_extable_uaccess, insn, fixup
>>>>>>> +    __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
>>>>>>> +    .endm
>>>>>>
>>>>>> I'm not too keen on using `~0` here, since that also sets other bits
>>>>>> in the
>>>>>> data field, and its somewhat opaque.
>>>>>>
>>>>>> How painful is it to generate the data fields as with the C version
>>>>>> of this
>>>>>> macro, so that we can pass in wzr explciitly for the two sub-fields?
>>>>>>
>>>>>> Other than that, this looks good to me.
>>>>>>
>>>>>> Thanks,
>>>>>> Mark.
>>>>>
>>>>> ok, will fix next version.
>>>>>
>>>>> Thanks,
>>>>> Tong.
>>>>
>>>> I tried to using data filelds as with C version, but here assembly code we
>>>> can not using operator such as << and |, if we use lsl and orr instructions,
>>>> the gpr will be occupied.
>>>>
>>>> So how about using 0x3ff directly here? it means err register and zero
>>>> register both set to x31.
>>>
>>> I had a go at implementing this, and it seems simple enough. Please see:
>>>
>>>     https://git.kernel.org/pub/scm/linux/kernel/git/mark/linux.git/log/?h=arm64/extable/asm-uaccess
>>>
>>
>> I made the following modifications, and the other parts are based on your
>> implementation:
>>
>> arch/arm64/include/asm/asm-extable.h
>> [...]
>> .macro          _asm_extable_uaccess, insn, fixup
>> _ASM_EXTABLE_UACCESS(\insn, \fixup)
>> .endm
>> [...]
> 
> I also made this same change locally when testing, and building with GCC 11.1.0
> or LLVM 14.0.0 I am not seeing any problem when building, and the result is as
> expected:
> 
> | [mark@lakrids:~/src/linux]% usekorg 11.1.0 make ARCH=arm64 CROSS_COMPILE=aarch64-linux- defconfig
> | *** Default configuration is based on 'defconfig'
> | #
> | # No change to .config
> | #
> | [mark@lakrids:~/src/linux]% usekorg 11.1.0 make ARCH=arm64 CROSS_COMPILE=aarch64-linux- -j50 arch/arm64/lib/
> |   CALL    scripts/atomic/check-atomics.sh
> |   CC      arch/arm64/kernel/asm-offsets.s
> |   CALL    scripts/checksyscalls.sh
> |   AS      arch/arm64/kernel/vdso/note.o
> |   AS      arch/arm64/kernel/vdso/sigreturn.o
> |   LD      arch/arm64/kernel/vdso/vdso.so.dbg
> |   VDSOSYM include/generated/vdso-offsets.h
> |   OBJCOPY arch/arm64/kernel/vdso/vdso.so
> | make[2]: Nothing to be done for 'arch/arm64/lib/'.
> |   AS      arch/arm64/lib/clear_page.o
> |   AS      arch/arm64/lib/clear_user.o
> |   AS      arch/arm64/lib/copy_from_user.o
> |   AS      arch/arm64/lib/copy_page.o
> |   AS      arch/arm64/lib/copy_to_user.o
> |   CC      arch/arm64/lib/csum.o
> |   CC      arch/arm64/lib/delay.o
> |   AS      arch/arm64/lib/memchr.o
> |   AS      arch/arm64/lib/memcmp.o
> |   AS      arch/arm64/lib/memcpy.o
> |   AS      arch/arm64/lib/memset.o
> |   AS      arch/arm64/lib/strchr.o
> |   AS      arch/arm64/lib/strcmp.o
> |   AS      arch/arm64/lib/strlen.o
> |   AS      arch/arm64/lib/strncmp.o
> |   AS      arch/arm64/lib/strnlen.o
> |   AS      arch/arm64/lib/strrchr.o
> |   AS      arch/arm64/lib/tishift.o
> |   AS      arch/arm64/lib/crc32.o
> |   AS      arch/arm64/lib/mte.o
> |   CC [M]  arch/arm64/lib/xor-neon.o
> |   AR      arch/arm64/lib/built-in.a
> |   AR      arch/arm64/lib/lib.a
> | [mark@lakrids:~/src/linux]% usekorg 12.1.0 aarch64-linux-objdump -j __ex_table -D arch/arm64/lib/clear_user.o
> |
> | arch/arm64/lib/clear_user.o:     file format elf64-littleaarch64
> |
> |
> | Disassembly of section __ex_table:
> |
> | 0000000000000000 <__ex_table>:
> |         ...
> |    8:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   14:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   20:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   2c:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   38:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   44:   03ff0003        .inst   0x03ff0003 ; undefined
> 
>> The following errors are reported during compilation:
>> [...]
>> arch/arm64/lib/clear_user.S:45: Error: invalid operands (*ABS* and *UND*
>> sections) for `<<'
>> [...]
> 
> As above, I'm not seeing this.
> 
> This suggests that the EX_DATA_REG() macro is going wrong somehow. Assuming the
> operand types correspond to the LHS and RHS of the expression, this would mean
> the GPR number is defined, but the REG value is not, and I can't currently see
> how that can happen.
> 
>> "<<" is invalid operands in assembly, is there something wrong with me?
> 
> At the moment I can only assume there is a local problem. I'd suspect a typo
> somewhere, but maybe you have a toolchain which behaves differently?
> 
> Thanks,
> Mark.
> .

Now I can compile success, both versions 9.4.0 and 11.2.0.

I should have made a mistake. There is no problem using your 
implementation. I will send a new version these days.


Thans,
Tong.

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Tong Tiangen]

在 2022/6/20 17:10, Mark Rutland 写道:
> On Mon, Jun 20, 2022 at 10:59:12AM +0800, Tong Tiangen wrote:
>> 在 2022/6/18 20:40, Mark Rutland 写道:
>>> On Sat, Jun 18, 2022 at 04:42:06PM +0800, Tong Tiangen wrote:
>>>>>>> diff --git a/arch/arm64/include/asm/asm-extable.h
>>>>>>> b/arch/arm64/include/asm/asm-extable.h
>>>>>>> index 56ebe183e78b..9c94ac1f082c 100644
>>>>>>> --- a/arch/arm64/include/asm/asm-extable.h
>>>>>>> +++ b/arch/arm64/include/asm/asm-extable.h
>>>>>>> @@ -28,6 +28,14 @@
>>>>>>>         __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
>>>>>>>         .endm
>>>>>>> +/*
>>>>>>> + * Create an exception table entry for uaccess `insn`, which
>>>>>>> will branch to `fixup`
>>>>>>> + * when an unhandled fault is taken.
>>>>>>> + * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
>>>>>>> + */
>>>>>>> +    .macro          _asm_extable_uaccess, insn, fixup
>>>>>>> +    __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
>>>>>>> +    .endm
>>>>>>
>>>>>> I'm not too keen on using `~0` here, since that also sets other bits
>>>>>> in the
>>>>>> data field, and its somewhat opaque.
>>>>>>
>>>>>> How painful is it to generate the data fields as with the C version
>>>>>> of this
>>>>>> macro, so that we can pass in wzr explciitly for the two sub-fields?
>>>>>>
>>>>>> Other than that, this looks good to me.
>>>>>>
>>>>>> Thanks,
>>>>>> Mark.
>>>>>
>>>>> ok, will fix next version.
>>>>>
>>>>> Thanks,
>>>>> Tong.
>>>>
>>>> I tried to using data filelds as with C version, but here assembly code we
>>>> can not using operator such as << and |, if we use lsl and orr instructions,
>>>> the gpr will be occupied.
>>>>
>>>> So how about using 0x3ff directly here? it means err register and zero
>>>> register both set to x31.
>>>
>>> I had a go at implementing this, and it seems simple enough. Please see:
>>>
>>>     https://git.kernel.org/pub/scm/linux/kernel/git/mark/linux.git/log/?h=arm64/extable/asm-uaccess
>>>
>>
>> I made the following modifications, and the other parts are based on your
>> implementation:
>>
>> arch/arm64/include/asm/asm-extable.h
>> [...]
>> .macro          _asm_extable_uaccess, insn, fixup
>> _ASM_EXTABLE_UACCESS(\insn, \fixup)
>> .endm
>> [...]
> 
> I also made this same change locally when testing, and building with GCC 11.1.0
> or LLVM 14.0.0 I am not seeing any problem when building, and the result is as
> expected:
> 
> | [mark@lakrids:~/src/linux]% usekorg 11.1.0 make ARCH=arm64 CROSS_COMPILE=aarch64-linux- defconfig
> | *** Default configuration is based on 'defconfig'
> | #
> | # No change to .config
> | #
> | [mark@lakrids:~/src/linux]% usekorg 11.1.0 make ARCH=arm64 CROSS_COMPILE=aarch64-linux- -j50 arch/arm64/lib/
> |   CALL    scripts/atomic/check-atomics.sh
> |   CC      arch/arm64/kernel/asm-offsets.s
> |   CALL    scripts/checksyscalls.sh
> |   AS      arch/arm64/kernel/vdso/note.o
> |   AS      arch/arm64/kernel/vdso/sigreturn.o
> |   LD      arch/arm64/kernel/vdso/vdso.so.dbg
> |   VDSOSYM include/generated/vdso-offsets.h
> |   OBJCOPY arch/arm64/kernel/vdso/vdso.so
> | make[2]: Nothing to be done for 'arch/arm64/lib/'.
> |   AS      arch/arm64/lib/clear_page.o
> |   AS      arch/arm64/lib/clear_user.o
> |   AS      arch/arm64/lib/copy_from_user.o
> |   AS      arch/arm64/lib/copy_page.o
> |   AS      arch/arm64/lib/copy_to_user.o
> |   CC      arch/arm64/lib/csum.o
> |   CC      arch/arm64/lib/delay.o
> |   AS      arch/arm64/lib/memchr.o
> |   AS      arch/arm64/lib/memcmp.o
> |   AS      arch/arm64/lib/memcpy.o
> |   AS      arch/arm64/lib/memset.o
> |   AS      arch/arm64/lib/strchr.o
> |   AS      arch/arm64/lib/strcmp.o
> |   AS      arch/arm64/lib/strlen.o
> |   AS      arch/arm64/lib/strncmp.o
> |   AS      arch/arm64/lib/strnlen.o
> |   AS      arch/arm64/lib/strrchr.o
> |   AS      arch/arm64/lib/tishift.o
> |   AS      arch/arm64/lib/crc32.o
> |   AS      arch/arm64/lib/mte.o
> |   CC [M]  arch/arm64/lib/xor-neon.o
> |   AR      arch/arm64/lib/built-in.a
> |   AR      arch/arm64/lib/lib.a
> | [mark@lakrids:~/src/linux]% usekorg 12.1.0 aarch64-linux-objdump -j __ex_table -D arch/arm64/lib/clear_user.o
> |
> | arch/arm64/lib/clear_user.o:     file format elf64-littleaarch64
> |
> |
> | Disassembly of section __ex_table:
> |
> | 0000000000000000 <__ex_table>:
> |         ...
> |    8:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   14:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   20:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   2c:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   38:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   44:   03ff0003        .inst   0x03ff0003 ; undefined
> 
>> The following errors are reported during compilation:
>> [...]
>> arch/arm64/lib/clear_user.S:45: Error: invalid operands (*ABS* and *UND*
>> sections) for `<<'
>> [...]
> 
> As above, I'm not seeing this.
> 
> This suggests that the EX_DATA_REG() macro is going wrong somehow. Assuming the
> operand types correspond to the LHS and RHS of the expression, this would mean
> the GPR number is defined, but the REG value is not, and I can't currently see
> how that can happen.
> 
>> "<<" is invalid operands in assembly, is there something wrong with me?
> 
> At the moment I can only assume there is a local problem. I'd suspect a typo
> somewhere, but maybe you have a toolchain which behaves differently?
> 
> Thanks,
> Mark.
> .

Now I can compile success, both versions 9.4.0 and 11.2.0.

I should have made a mistake. There is no problem using your 
implementation. I will send a new version these days.


Thans,
Tong.

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Tong Tiangen]

在 2022/6/20 17:10, Mark Rutland 写道:
> On Mon, Jun 20, 2022 at 10:59:12AM +0800, Tong Tiangen wrote:
>> 在 2022/6/18 20:40, Mark Rutland 写道:
>>> On Sat, Jun 18, 2022 at 04:42:06PM +0800, Tong Tiangen wrote:
>>>>>>> diff --git a/arch/arm64/include/asm/asm-extable.h
>>>>>>> b/arch/arm64/include/asm/asm-extable.h
>>>>>>> index 56ebe183e78b..9c94ac1f082c 100644
>>>>>>> --- a/arch/arm64/include/asm/asm-extable.h
>>>>>>> +++ b/arch/arm64/include/asm/asm-extable.h
>>>>>>> @@ -28,6 +28,14 @@
>>>>>>>         __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_FIXUP, 0)
>>>>>>>         .endm
>>>>>>> +/*
>>>>>>> + * Create an exception table entry for uaccess `insn`, which
>>>>>>> will branch to `fixup`
>>>>>>> + * when an unhandled fault is taken.
>>>>>>> + * ex->data = ~0 means both reg_err and reg_zero is set to wzr(x31).
>>>>>>> + */
>>>>>>> +    .macro          _asm_extable_uaccess, insn, fixup
>>>>>>> +    __ASM_EXTABLE_RAW(\insn, \fixup, EX_TYPE_UACCESS_ERR_ZERO, ~0)
>>>>>>> +    .endm
>>>>>>
>>>>>> I'm not too keen on using `~0` here, since that also sets other bits
>>>>>> in the
>>>>>> data field, and its somewhat opaque.
>>>>>>
>>>>>> How painful is it to generate the data fields as with the C version
>>>>>> of this
>>>>>> macro, so that we can pass in wzr explciitly for the two sub-fields?
>>>>>>
>>>>>> Other than that, this looks good to me.
>>>>>>
>>>>>> Thanks,
>>>>>> Mark.
>>>>>
>>>>> ok, will fix next version.
>>>>>
>>>>> Thanks,
>>>>> Tong.
>>>>
>>>> I tried to using data filelds as with C version, but here assembly code we
>>>> can not using operator such as << and |, if we use lsl and orr instructions,
>>>> the gpr will be occupied.
>>>>
>>>> So how about using 0x3ff directly here? it means err register and zero
>>>> register both set to x31.
>>>
>>> I had a go at implementing this, and it seems simple enough. Please see:
>>>
>>>     https://git.kernel.org/pub/scm/linux/kernel/git/mark/linux.git/log/?h=arm64/extable/asm-uaccess
>>>
>>
>> I made the following modifications, and the other parts are based on your
>> implementation:
>>
>> arch/arm64/include/asm/asm-extable.h
>> [...]
>> .macro          _asm_extable_uaccess, insn, fixup
>> _ASM_EXTABLE_UACCESS(\insn, \fixup)
>> .endm
>> [...]
> 
> I also made this same change locally when testing, and building with GCC 11.1.0
> or LLVM 14.0.0 I am not seeing any problem when building, and the result is as
> expected:
> 
> | [mark@lakrids:~/src/linux]% usekorg 11.1.0 make ARCH=arm64 CROSS_COMPILE=aarch64-linux- defconfig
> | *** Default configuration is based on 'defconfig'
> | #
> | # No change to .config
> | #
> | [mark@lakrids:~/src/linux]% usekorg 11.1.0 make ARCH=arm64 CROSS_COMPILE=aarch64-linux- -j50 arch/arm64/lib/
> |   CALL    scripts/atomic/check-atomics.sh
> |   CC      arch/arm64/kernel/asm-offsets.s
> |   CALL    scripts/checksyscalls.sh
> |   AS      arch/arm64/kernel/vdso/note.o
> |   AS      arch/arm64/kernel/vdso/sigreturn.o
> |   LD      arch/arm64/kernel/vdso/vdso.so.dbg
> |   VDSOSYM include/generated/vdso-offsets.h
> |   OBJCOPY arch/arm64/kernel/vdso/vdso.so
> | make[2]: Nothing to be done for 'arch/arm64/lib/'.
> |   AS      arch/arm64/lib/clear_page.o
> |   AS      arch/arm64/lib/clear_user.o
> |   AS      arch/arm64/lib/copy_from_user.o
> |   AS      arch/arm64/lib/copy_page.o
> |   AS      arch/arm64/lib/copy_to_user.o
> |   CC      arch/arm64/lib/csum.o
> |   CC      arch/arm64/lib/delay.o
> |   AS      arch/arm64/lib/memchr.o
> |   AS      arch/arm64/lib/memcmp.o
> |   AS      arch/arm64/lib/memcpy.o
> |   AS      arch/arm64/lib/memset.o
> |   AS      arch/arm64/lib/strchr.o
> |   AS      arch/arm64/lib/strcmp.o
> |   AS      arch/arm64/lib/strlen.o
> |   AS      arch/arm64/lib/strncmp.o
> |   AS      arch/arm64/lib/strnlen.o
> |   AS      arch/arm64/lib/strrchr.o
> |   AS      arch/arm64/lib/tishift.o
> |   AS      arch/arm64/lib/crc32.o
> |   AS      arch/arm64/lib/mte.o
> |   CC [M]  arch/arm64/lib/xor-neon.o
> |   AR      arch/arm64/lib/built-in.a
> |   AR      arch/arm64/lib/lib.a
> | [mark@lakrids:~/src/linux]% usekorg 12.1.0 aarch64-linux-objdump -j __ex_table -D arch/arm64/lib/clear_user.o
> |
> | arch/arm64/lib/clear_user.o:     file format elf64-littleaarch64
> |
> |
> | Disassembly of section __ex_table:
> |
> | 0000000000000000 <__ex_table>:
> |         ...
> |    8:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   14:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   20:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   2c:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   38:   03ff0003        .inst   0x03ff0003 ; undefined
> |         ...
> |   44:   03ff0003        .inst   0x03ff0003 ; undefined
> 
>> The following errors are reported during compilation:
>> [...]
>> arch/arm64/lib/clear_user.S:45: Error: invalid operands (*ABS* and *UND*
>> sections) for `<<'
>> [...]
> 
> As above, I'm not seeing this.
> 
> This suggests that the EX_DATA_REG() macro is going wrong somehow. Assuming the
> operand types correspond to the LHS and RHS of the expression, this would mean
> the GPR number is defined, but the REG value is not, and I can't currently see
> how that can happen.
> 
>> "<<" is invalid operands in assembly, is there something wrong with me?
> 
> At the moment I can only assume there is a local problem. I'd suspect a typo
> somewhere, but maybe you have a toolchain which behaves differently?
> 
> Thanks,
> Mark.
> .

Now I can compile success, both versions 9.4.0 and 11.2.0.

I should have made a mistake. There is no problem using your 
implementation. I will send a new version these days.


Thans,
Tong.

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Mark Rutland]

On Mon, Jun 20, 2022 at 10:13:41PM +0800, Tong Tiangen wrote:
> 
> 
> 在 2022/6/20 17:10, Mark Rutland 写道:
> > On Mon, Jun 20, 2022 at 10:59:12AM +0800, Tong Tiangen wrote:
> > > 在 2022/6/18 20:40, Mark Rutland 写道:
> > > The following errors are reported during compilation:
> > > [...]
> > > arch/arm64/lib/clear_user.S:45: Error: invalid operands (*ABS* and *UND*
> > > sections) for `<<'
> > > [...]
> > 
> > As above, I'm not seeing this.
> > 
> > This suggests that the EX_DATA_REG() macro is going wrong somehow. Assuming the
> > operand types correspond to the LHS and RHS of the expression, this would mean
> > the GPR number is defined, but the REG value is not, and I can't currently see
> > how that can happen.
 
> Now I can compile success, both versions 9.4.0 and 11.2.0.
> 
> I should have made a mistake. There is no problem using your implementation.
> I will send a new version these days.

No problem; thanks for confirming!

Mark.

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Mark Rutland]

On Mon, Jun 20, 2022 at 10:13:41PM +0800, Tong Tiangen wrote:
> 
> 
> 在 2022/6/20 17:10, Mark Rutland 写道:
> > On Mon, Jun 20, 2022 at 10:59:12AM +0800, Tong Tiangen wrote:
> > > 在 2022/6/18 20:40, Mark Rutland 写道:
> > > The following errors are reported during compilation:
> > > [...]
> > > arch/arm64/lib/clear_user.S:45: Error: invalid operands (*ABS* and *UND*
> > > sections) for `<<'
> > > [...]
> > 
> > As above, I'm not seeing this.
> > 
> > This suggests that the EX_DATA_REG() macro is going wrong somehow. Assuming the
> > operand types correspond to the LHS and RHS of the expression, this would mean
> > the GPR number is defined, but the REG value is not, and I can't currently see
> > how that can happen.
 
> Now I can compile success, both versions 9.4.0 and 11.2.0.
> 
> I should have made a mistake. There is no problem using your implementation.
> I will send a new version these days.

No problem; thanks for confirming!

Mark.

Re: [PATCH -next v5 2/8] arm64: extable: make uaaccess helper use extable type EX_TYPE_UACCESS_ERR_ZERO

[Mark Rutland]

On Mon, Jun 20, 2022 at 10:13:41PM +0800, Tong Tiangen wrote:
> 
> 
> 在 2022/6/20 17:10, Mark Rutland 写道:
> > On Mon, Jun 20, 2022 at 10:59:12AM +0800, Tong Tiangen wrote:
> > > 在 2022/6/18 20:40, Mark Rutland 写道:
> > > The following errors are reported during compilation:
> > > [...]
> > > arch/arm64/lib/clear_user.S:45: Error: invalid operands (*ABS* and *UND*
> > > sections) for `<<'
> > > [...]
> > 
> > As above, I'm not seeing this.
> > 
> > This suggests that the EX_DATA_REG() macro is going wrong somehow. Assuming the
> > operand types correspond to the LHS and RHS of the expression, this would mean
> > the GPR number is defined, but the REG value is not, and I can't currently see
> > how that can happen.
 
> Now I can compile success, both versions 9.4.0 and 11.2.0.
> 
> I should have made a mistake. There is no problem using your implementation.
> I will send a new version these days.

No problem; thanks for confirming!

Mark.

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel