All of lore.kernel.org
 help / color / mirror / Atom feed
From: Jordan Niethe <jniethe5@gmail.com>
To: Michael Ellerman <mpe@ellerman.id.au>
Cc: Christophe Leroy <christophe.leroy@c-s.fr>,
	Alistair Popple <alistair@popple.id.au>,
	Nicholas Piggin <npiggin@gmail.com>,
	Balamuruhan S <bala24@linux.ibm.com>,
	naveen.n.rao@linux.vnet.ibm.com, linuxppc-dev@lists.ozlabs.org,
	Daniel Axtens <dja@axtens.net>
Subject: Re: [PATCH v8 16/30] powerpc: Define and use __get_user_instr{, inatomic}()
Date: Thu, 14 May 2020 09:54:48 +1000	[thread overview]
Message-ID: <CACzsE9od2GFXBiy5imy_dGutx7POOnCx7+k-Ynx+UMcNzyTsTw@mail.gmail.com> (raw)
In-Reply-To: <878shvc40x.fsf@mpe.ellerman.id.au>

On Thu, May 14, 2020 at 12:17 AM Michael Ellerman <mpe@ellerman.id.au> wrote:
>
> Jordan Niethe <jniethe5@gmail.com> writes:
> > Define specific __get_user_instr() and __get_user_instr_inatomic()
> > macros for reading instructions from user space.
>
> At least for fix_alignment() we could be coming from the kernel, not
> sure about the other cases.
>
> I can tweak the change log.
>
> > diff --git a/arch/powerpc/include/asm/uaccess.h b/arch/powerpc/include/asm/uaccess.h
> > index 2f500debae21..c0a35e4586a5 100644
> > --- a/arch/powerpc/include/asm/uaccess.h
> > +++ b/arch/powerpc/include/asm/uaccess.h
> > @@ -105,6 +105,11 @@ static inline int __access_ok(unsigned long addr, unsigned long size,
> >  #define __put_user_inatomic(x, ptr) \
> >       __put_user_nosleep((__typeof__(*(ptr)))(x), (ptr), sizeof(*(ptr)))
> >
> > +#define __get_user_instr(x, ptr) \
> > +     __get_user_nocheck((x).val, (u32 *)(ptr), sizeof(u32), true)
> > +
> > +#define __get_user_instr_inatomic(x, ptr) \
> > +     __get_user_nosleep((x).val, (u32 *)(ptr), sizeof(u32))
>
> I'm not super keen on adding new __ versions, which lack the access_ok()
> check, but I guess we have to.
>
> > diff --git a/arch/powerpc/kernel/vecemu.c b/arch/powerpc/kernel/vecemu.c
> > index 3dd70eeb10c5..60ed5aea8d4e 100644
> > --- a/arch/powerpc/kernel/vecemu.c
> > +++ b/arch/powerpc/kernel/vecemu.c
> > @@ -266,7 +266,7 @@ int emulate_altivec(struct pt_regs *regs)
> >       unsigned int va, vb, vc, vd;
> >       vector128 *vrs;
> >
> > -     if (get_user(instr.val, (unsigned int __user *)regs->nip))
> > +     if (__get_user_instr(instr, (void __user *)regs->nip))
> >               return -EFAULT;
>
> That drops the access_ok() check, which is not OK, at least without a
> reasonable justification.
>
> Given it's regs->nip I guess it should be safe, but it should still be
> called out. Or preferably switched to __get_user() in a precursor patch.
Or should I add a get_user_instr() that includes the check?
>
> cheers

  reply	other threads:[~2020-05-13 23:56 UTC|newest]

Thread overview: 81+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-05-06  3:40 [PATCH v8 00/30] Initial Prefixed Instruction support Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 01/30] powerpc/xmon: Remove store_inst() for patch_instruction() Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 02/30] powerpc/xmon: Move breakpoint instructions to own array Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 03/30] powerpc/xmon: Move breakpoints to text section Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 04/30] powerpc/xmon: Use bitwise calculations in_breakpoint_table() Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 05/30] powerpc: Change calling convention for create_branch() et. al Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 06/30] powerpc: Use a macro for creating instructions from u32s Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 07/30] powerpc: Use an accessor for instructions Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 08/30] powerpc: Use a function for getting the instruction op code Jordan Niethe
2020-05-15  7:48   ` Jordan Niethe
2020-05-16 11:08     ` Michael Ellerman
2020-05-17  7:41       ` Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 09/30] powerpc: Use a function for byte swapping instructions Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 10/30] powerpc: Introduce functions for instruction equality Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 11/30] powerpc: Use a datatype for instructions Jordan Niethe
2020-05-08  1:51   ` Jordan Niethe
2020-05-08  7:17     ` Christophe Leroy
2020-05-11  1:19       ` Jordan Niethe
2020-05-08  2:15   ` Jordan Niethe
2020-05-08  9:23   ` kbuild test robot
2020-05-17 10:48   ` Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 12/30] powerpc: Use a function for reading instructions Jordan Niethe
2020-05-16 18:39   ` Christophe Leroy
2020-05-17 10:44     ` Jordan Niethe
2020-05-19  4:05       ` Michael Ellerman
2020-05-19  5:03         ` Christophe Leroy
2020-05-20  4:16           ` Michael Ellerman
2020-05-06  3:40 ` [PATCH v8 13/30] powerpc: Add a probe_user_read_inst() function Jordan Niethe
2020-05-13 12:52   ` Michael Ellerman
2020-05-13 23:51     ` Jordan Niethe
2020-05-14  5:46   ` Christophe Leroy
2020-05-15  3:46     ` Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 14/30] powerpc: Add a probe_kernel_read_inst() function Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 15/30] powerpc/kprobes: Use patch_instruction() Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 16/30] powerpc: Define and use __get_user_instr{, inatomic}() Jordan Niethe
2020-05-13 14:18   ` Michael Ellerman
2020-05-13 23:54     ` Jordan Niethe [this message]
2020-05-14  1:43       ` Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 17/30] powerpc: Introduce a function for reporting instruction length Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 18/30] powerpc/xmon: Use a function for reading instructions Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 19/30] powerpc/xmon: Move insertion of breakpoint for xol'ing Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 20/30] powerpc: Make test_translate_branch() independent of instruction length Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 21/30] powerpc: Enable Prefixed Instructions Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 22/30] powerpc: Define new SRR1 bits for a future ISA version Jordan Niethe
2020-05-08  2:26   ` Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 23/30] powerpc: Add prefixed instructions to instruction data type Jordan Niethe
2020-05-14  1:40   ` Jordan Niethe
2020-05-14  6:11   ` Christophe Leroy
2020-05-14 12:06     ` Alistair Popple
2020-05-14 12:29       ` Jordan Niethe
2020-05-14 12:57       ` Christophe Leroy
2020-05-14 12:28     ` Jordan Niethe
2020-05-15  1:33     ` Michael Ellerman
2020-05-15  7:52       ` Jordan Niethe
2020-05-16 11:54   ` [PATCH v8 22.5/30] powerpc/optprobes: Add register argument to patch_imm64_load_insns() Michael Ellerman
2020-06-09  5:51     ` Michael Ellerman
2020-05-06  3:40 ` [PATCH v8 24/30] powerpc: Test prefixed code patching Jordan Niethe
2020-05-15  7:54   ` Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 25/30] powerpc: Test prefixed instructions in feature fixups Jordan Niethe
2020-05-15  7:57   ` Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 26/30] powerpc/xmon: Don't allow breakpoints on suffixes Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 27/30] powerpc/kprobes: " Jordan Niethe
2021-05-18 18:43   ` Christophe Leroy
2021-05-18 19:52     ` Gabriel Paubert
2021-05-19  8:11     ` Naveen N. Rao
2021-05-20  3:45       ` Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 28/30] powerpc: Support prefixed instructions in alignment handler Jordan Niethe
2020-05-14  6:14   ` Christophe Leroy
2020-05-14 12:15     ` Alistair Popple
2020-05-14 12:59       ` Christophe Leroy
2020-05-06  3:40 ` [PATCH v8 29/30] powerpc sstep: Add support for prefixed load/stores Jordan Niethe
2020-05-14  6:15   ` Christophe Leroy
2020-05-14 12:19     ` Alistair Popple
2020-05-14 13:00       ` Christophe Leroy
2020-05-15  7:59   ` Jordan Niethe
2020-05-06  3:40 ` [PATCH v8 30/30] powerpc sstep: Add support for prefixed fixed-point arithmetic Jordan Niethe
2020-05-14  6:15   ` Christophe Leroy
2020-05-15  8:02   ` Jordan Niethe
2020-05-14  5:31 ` [PATCH v8 00/30] Initial Prefixed Instruction support Christophe Leroy
2020-05-14 10:33   ` Jordan Niethe
2020-05-20 10:59 ` Michael Ellerman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CACzsE9od2GFXBiy5imy_dGutx7POOnCx7+k-Ynx+UMcNzyTsTw@mail.gmail.com \
    --to=jniethe5@gmail.com \
    --cc=alistair@popple.id.au \
    --cc=bala24@linux.ibm.com \
    --cc=christophe.leroy@c-s.fr \
    --cc=dja@axtens.net \
    --cc=linuxppc-dev@lists.ozlabs.org \
    --cc=mpe@ellerman.id.au \
    --cc=naveen.n.rao@linux.vnet.ibm.com \
    --cc=npiggin@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.