From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.6 required=3.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH, MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_PASS,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 21F8EC4360F for ; Fri, 15 Mar 2019 19:52:02 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id DE439218D3 for ; Fri, 15 Mar 2019 19:52:01 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="HPKtN+Ac" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727364AbfCOTv6 (ORCPT ); Fri, 15 Mar 2019 15:51:58 -0400 Received: from mail-qt1-f201.google.com ([209.85.160.201]:45416 "EHLO mail-qt1-f201.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727282AbfCOTvy (ORCPT ); Fri, 15 Mar 2019 15:51:54 -0400 Received: by mail-qt1-f201.google.com with SMTP id 35so9646261qty.12 for ; Fri, 15 Mar 2019 12:51:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=yc2TKKK3uyNjx4k/SCg2YsIAkDocczWLqEwyHrZeSHg=; b=HPKtN+AcCirGFFQHEZAu/mCbNrjYIKj90qShdg/IiFhxen49J0Qdpnr1pcKG7a6Z8e JeJ2qVhpKVo0e4MFSlZbzLIR2woDetJaTNND5bdihZ/qbAWcocsa2cvfjheYeB4rsRtq VupfRDNmC+dOLdGj40kTGJqU/K4oyQ4V3HkdkM9xosZcLU7jdIpJBpWnC76XUdwc2cRx PrBSQsPpZWMh+HxdTYEIi4nHU5c8m+m6PJBso4DlJCsFDkKaGHF5sF+vigRkHjI5UG0U RhfFgSuDuzmav8L6Qcw6zbyS+BybgMK3vA4F1h2a+P/7Y7SKXtGu14CbY9cr1/NstkUy Z8Lw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=yc2TKKK3uyNjx4k/SCg2YsIAkDocczWLqEwyHrZeSHg=; b=UZaG2ryiReWypLEuef/ZDwJheerj5CKf6S1CMmsfXX+qW5ODenqXhqnLlArxwFFgQG W4SEpSQ+G15jgPVI1jcQREymTYZk9F1beDRz6JZCsmfIqrFqzT6H+NbHl6+TnG51R+Gn Rzi6NcxyhkxV2rU6OcMhcPTF7liSFBWtxsfyJDjAwLE/wAhOO2L36FAzNv+tjc/BjuZm MTJrRqP4Z6VNkDA163OgvJbn4emrpWpPbtUKYN/jV2457A8yIm3MuouzTFiG5PHQ0zy9 21b22ISGTSP0P5JfyaZOnrzn3uolisY9fn/cchOXRKGY/kZamfwMVNGsWLxxovLubjlS /3WA== X-Gm-Message-State: APjAAAWIHIyN5aSEi/Y6pwPKZzQqjTp3nPdgo0pOht3aVb5N7FILL7Yi OOtf4dLMfug55DNwh9D3rX0syMUNCWkLSysR X-Google-Smtp-Source: APXvYqxQt9HPpRfECab7LUPrHAbJSVnQOqRrkiVNkyIaCkT/+WBTjFpEfz28zU++TxipH2bwdLb5/hvYcjvCwg1k X-Received: by 2002:ac8:28c9:: with SMTP id j9mr3165248qtj.21.1552679513588; Fri, 15 Mar 2019 12:51:53 -0700 (PDT) Date: Fri, 15 Mar 2019 20:51:27 +0100 In-Reply-To: Message-Id: Mime-Version: 1.0 References: X-Mailer: git-send-email 2.21.0.360.g471c308f928-goog Subject: [PATCH v11 03/14] lib, arm64: untag user pointers in strn*_user From: Andrey Konovalov To: Catalin Marinas , Will Deacon , Mark Rutland , Robin Murphy , Kees Cook , Kate Stewart , Greg Kroah-Hartman , Andrew Morton , Ingo Molnar , "Kirill A . Shutemov" , Shuah Khan , Vincenzo Frascino , Eric Dumazet , "David S. Miller" , Alexei Starovoitov , Daniel Borkmann , Steven Rostedt , Ingo Molnar , Peter Zijlstra , Arnaldo Carvalho de Melo , linux-arm-kernel@lists.infradead.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, netdev@vger.kernel.org, bpf@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org Cc: Dmitry Vyukov , Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Chintan Pandya , Luc Van Oostenryck , Dave Martin , Kevin Brodsky , Szabolcs Nagy , Andrey Konovalov Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This patch is a part of a series that extends arm64 kernel ABI to allow to pass tagged user pointers (with the top byte set to something else other than 0x00) as syscall arguments. strncpy_from_user and strnlen_user accept user addresses as arguments, and do not go through the same path as copy_from_user and others, so here we need to handle the case of tagged user addresses separately. Untag user pointers passed to these functions. Note, that this patch only temporarily untags the pointers to perform validity checks, but then uses them as is to perform user memory accesses. Signed-off-by: Andrey Konovalov --- lib/strncpy_from_user.c | 3 ++- lib/strnlen_user.c | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/strncpy_from_user.c b/lib/strncpy_from_user.c index 58eacd41526c..6209bb9507c7 100644 --- a/lib/strncpy_from_user.c +++ b/lib/strncpy_from_user.c @@ -6,6 +6,7 @@ #include #include #include +#include #include #include @@ -107,7 +108,7 @@ long strncpy_from_user(char *dst, const char __user *src, long count) return 0; max_addr = user_addr_max(); - src_addr = (unsigned long)src; + src_addr = (unsigned long)untagged_addr(src); if (likely(src_addr < max_addr)) { unsigned long max = max_addr - src_addr; long retval; diff --git a/lib/strnlen_user.c b/lib/strnlen_user.c index 1c1a1b0e38a5..8ca3d2ac32ec 100644 --- a/lib/strnlen_user.c +++ b/lib/strnlen_user.c @@ -2,6 +2,7 @@ #include #include #include +#include #include @@ -109,7 +110,7 @@ long strnlen_user(const char __user *str, long count) return 0; max_addr = user_addr_max(); - src_addr = (unsigned long)str; + src_addr = (unsigned long)untagged_addr(str); if (likely(src_addr < max_addr)) { unsigned long max = max_addr - src_addr; long retval; -- 2.21.0.360.g471c308f928-goog From mboxrd@z Thu Jan 1 00:00:00 1970 From: andreyknvl at google.com (Andrey Konovalov) Date: Fri, 15 Mar 2019 20:51:27 +0100 Subject: [PATCH v11 03/14] lib, arm64: untag user pointers in strn*_user In-Reply-To: References: Message-ID: This patch is a part of a series that extends arm64 kernel ABI to allow to pass tagged user pointers (with the top byte set to something else other than 0x00) as syscall arguments. strncpy_from_user and strnlen_user accept user addresses as arguments, and do not go through the same path as copy_from_user and others, so here we need to handle the case of tagged user addresses separately. Untag user pointers passed to these functions. Note, that this patch only temporarily untags the pointers to perform validity checks, but then uses them as is to perform user memory accesses. Signed-off-by: Andrey Konovalov --- lib/strncpy_from_user.c | 3 ++- lib/strnlen_user.c | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/strncpy_from_user.c b/lib/strncpy_from_user.c index 58eacd41526c..6209bb9507c7 100644 --- a/lib/strncpy_from_user.c +++ b/lib/strncpy_from_user.c @@ -6,6 +6,7 @@ #include #include #include +#include #include #include @@ -107,7 +108,7 @@ long strncpy_from_user(char *dst, const char __user *src, long count) return 0; max_addr = user_addr_max(); - src_addr = (unsigned long)src; + src_addr = (unsigned long)untagged_addr(src); if (likely(src_addr < max_addr)) { unsigned long max = max_addr - src_addr; long retval; diff --git a/lib/strnlen_user.c b/lib/strnlen_user.c index 1c1a1b0e38a5..8ca3d2ac32ec 100644 --- a/lib/strnlen_user.c +++ b/lib/strnlen_user.c @@ -2,6 +2,7 @@ #include #include #include +#include #include @@ -109,7 +110,7 @@ long strnlen_user(const char __user *str, long count) return 0; max_addr = user_addr_max(); - src_addr = (unsigned long)str; + src_addr = (unsigned long)untagged_addr(str); if (likely(src_addr < max_addr)) { unsigned long max = max_addr - src_addr; long retval; -- 2.21.0.360.g471c308f928-goog From mboxrd@z Thu Jan 1 00:00:00 1970 From: andreyknvl@google.com (Andrey Konovalov) Date: Fri, 15 Mar 2019 20:51:27 +0100 Subject: [PATCH v11 03/14] lib, arm64: untag user pointers in strn*_user In-Reply-To: References: Message-ID: Content-Type: text/plain; charset="UTF-8" Message-ID: <20190315195127.ujKX2Y2rOJhcxYnFpYtBeWQqAXZeiKPw6MBM4BCl960@z> This patch is a part of a series that extends arm64 kernel ABI to allow to pass tagged user pointers (with the top byte set to something else other than 0x00) as syscall arguments. strncpy_from_user and strnlen_user accept user addresses as arguments, and do not go through the same path as copy_from_user and others, so here we need to handle the case of tagged user addresses separately. Untag user pointers passed to these functions. Note, that this patch only temporarily untags the pointers to perform validity checks, but then uses them as is to perform user memory accesses. Signed-off-by: Andrey Konovalov --- lib/strncpy_from_user.c | 3 ++- lib/strnlen_user.c | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/strncpy_from_user.c b/lib/strncpy_from_user.c index 58eacd41526c..6209bb9507c7 100644 --- a/lib/strncpy_from_user.c +++ b/lib/strncpy_from_user.c @@ -6,6 +6,7 @@ #include #include #include +#include #include #include @@ -107,7 +108,7 @@ long strncpy_from_user(char *dst, const char __user *src, long count) return 0; max_addr = user_addr_max(); - src_addr = (unsigned long)src; + src_addr = (unsigned long)untagged_addr(src); if (likely(src_addr < max_addr)) { unsigned long max = max_addr - src_addr; long retval; diff --git a/lib/strnlen_user.c b/lib/strnlen_user.c index 1c1a1b0e38a5..8ca3d2ac32ec 100644 --- a/lib/strnlen_user.c +++ b/lib/strnlen_user.c @@ -2,6 +2,7 @@ #include #include #include +#include #include @@ -109,7 +110,7 @@ long strnlen_user(const char __user *str, long count) return 0; max_addr = user_addr_max(); - src_addr = (unsigned long)str; + src_addr = (unsigned long)untagged_addr(str); if (likely(src_addr < max_addr)) { unsigned long max = max_addr - src_addr; long retval; -- 2.21.0.360.g471c308f928-goog From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.6 required=3.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH, MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_PASS,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id BAF65C43381 for ; Fri, 15 Mar 2019 19:51:55 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 6C6492063F for ; Fri, 15 Mar 2019 19:51:55 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="HPKtN+Ac" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 6C6492063F Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id EE72C6B02AA; Fri, 15 Mar 2019 15:51:54 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id EBC5D6B02AB; Fri, 15 Mar 2019 15:51:54 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id DD6856B02AC; Fri, 15 Mar 2019 15:51:54 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from mail-qt1-f199.google.com (mail-qt1-f199.google.com [209.85.160.199]) by kanga.kvack.org (Postfix) with ESMTP id AFE576B02AA for ; Fri, 15 Mar 2019 15:51:54 -0400 (EDT) Received: by mail-qt1-f199.google.com with SMTP id i3so9675749qtc.7 for ; Fri, 15 Mar 2019 12:51:54 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=yc2TKKK3uyNjx4k/SCg2YsIAkDocczWLqEwyHrZeSHg=; b=bJDsiP+PlmWagLv7AWUhVASMZXhwF7pgk/S/O+r9YqBoMKi1QuTBjJMLlX0+pI2Iez TWFVLpE0R5wcD/wBeS1IcMq2sdwrUmlI7IqAAyivZOqbxaKCwQbi3fjaj6wd79sam/oF 8Wy3iPcWBMCcTqaCIDhCZqsG+o3NVkMhIjivQKfC2FM4Ds4OmhqAArb6i6zgLctFtZ8g VKXEO/1exFofkZY68SZHnQU4YJ7ikXQ/XgCjlyx52uQIUAzbgSXY0P38L62tqisEwN79 wELDUYAZmI1oerr3YeOff+HcZ3hToJs/E1XMSQgUXuTiVASNRn1zlCxrBPCTTTR3pj/j vhYg== X-Gm-Message-State: APjAAAUMzH0QdnMA6AmxP3CQZX0b88bTzaWnqezkJxxFoTG5oOiPJTd9 Lyaf0w+kqkp4z85n5+eVAQA6w5LVsBb8iSU7De2DM2UwvhpvploCJjHktb1epSKrAH/kLEQ22bw scOdEtGzdFUSopV+mpt5ghQ5urrelnqAfnzUEa5t4sMa0uStV8ODDJAd2gAYT5/mfaQ== X-Received: by 2002:ac8:27ba:: with SMTP id w55mr4275945qtw.228.1552679514517; Fri, 15 Mar 2019 12:51:54 -0700 (PDT) X-Received: by 2002:ac8:27ba:: with SMTP id w55mr4275920qtw.228.1552679513799; Fri, 15 Mar 2019 12:51:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1552679513; cv=none; d=google.com; s=arc-20160816; b=fUy0p2gx++LsemiOKXhkY40WlXs4HpV9elsdSMbDnSApWKkF556hPmGjZad+E40di3 otczigs4AlSCDlVprhqM/OMad7lvQ43z0lHdQcB4plmFLYmM6yrMgYt1I+5Y8UYZOek9 5TSg3Q92Y4Nwpnn87p3DuAvdF1vR50oYYaGq8LtXKaP/lAAY6FzD4LN26jRb/XA+Hylk AOv1ooxMjuXeXwsMlYJX6dJyNn6XwfdmkC3HNE49t8r33DXABt7g024+DPlWRURjMZXb VwE31KmKaZejZM75ztbLPm/ACyo8nBeUkA6rkvBUQ1ypUMBGIOTQwNY+Enw7j1MjcbOu /Iuw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:dkim-signature; bh=yc2TKKK3uyNjx4k/SCg2YsIAkDocczWLqEwyHrZeSHg=; b=hhSuQsVGKxukh2a3uZ03xgWiHHdRZDv6SAs7NvnfxrLmerJ9WMqTwC6IjNYDHdGjGl uTjANunmluM6J7xKwY2JW6Ya1SP2iYkvxnoIFh1LV6PJVAGXesKiLEmzfoJLU+hFOHUQ jAGxnK5XnY4tlGFY8jpCg+Db/9TDIWZjDr4dlJIRcNgGRWOM1V2DO5nnvag0o780tohi PkwSuu6NFEWSo2EKmD266anH4t/vcAGhkYf72B1f5/R7/ozn63ouRk0L2sYuUej1eBzJ FBPMkCcQ0eaZddvQDWjGXkwXzn4U/ZwjTydFprkMW8ZzOuu1ME+Pw/LbucbpP6Kh9bpn 5NUQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=HPKtN+Ac; spf=pass (google.com: domain of 3wqkmxaokchgwjznaugjrhckkcha.ykihejqt-iigrwyg.knc@flex--andreyknvl.bounces.google.com designates 209.85.220.73 as permitted sender) smtp.mailfrom=3WQKMXAoKCHgWjZnaugjrhckkcha.Ykihejqt-iigrWYg.knc@flex--andreyknvl.bounces.google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from mail-sor-f73.google.com (mail-sor-f73.google.com. [209.85.220.73]) by mx.google.com with SMTPS id 34sor3691110qte.45.2019.03.15.12.51.53 for (Google Transport Security); Fri, 15 Mar 2019 12:51:53 -0700 (PDT) Received-SPF: pass (google.com: domain of 3wqkmxaokchgwjznaugjrhckkcha.ykihejqt-iigrwyg.knc@flex--andreyknvl.bounces.google.com designates 209.85.220.73 as permitted sender) client-ip=209.85.220.73; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=HPKtN+Ac; spf=pass (google.com: domain of 3wqkmxaokchgwjznaugjrhckkcha.ykihejqt-iigrwyg.knc@flex--andreyknvl.bounces.google.com designates 209.85.220.73 as permitted sender) smtp.mailfrom=3WQKMXAoKCHgWjZnaugjrhckkcha.Ykihejqt-iigrWYg.knc@flex--andreyknvl.bounces.google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=yc2TKKK3uyNjx4k/SCg2YsIAkDocczWLqEwyHrZeSHg=; b=HPKtN+AcCirGFFQHEZAu/mCbNrjYIKj90qShdg/IiFhxen49J0Qdpnr1pcKG7a6Z8e JeJ2qVhpKVo0e4MFSlZbzLIR2woDetJaTNND5bdihZ/qbAWcocsa2cvfjheYeB4rsRtq VupfRDNmC+dOLdGj40kTGJqU/K4oyQ4V3HkdkM9xosZcLU7jdIpJBpWnC76XUdwc2cRx PrBSQsPpZWMh+HxdTYEIi4nHU5c8m+m6PJBso4DlJCsFDkKaGHF5sF+vigRkHjI5UG0U RhfFgSuDuzmav8L6Qcw6zbyS+BybgMK3vA4F1h2a+P/7Y7SKXtGu14CbY9cr1/NstkUy Z8Lw== X-Google-Smtp-Source: APXvYqxQt9HPpRfECab7LUPrHAbJSVnQOqRrkiVNkyIaCkT/+WBTjFpEfz28zU++TxipH2bwdLb5/hvYcjvCwg1k X-Received: by 2002:ac8:28c9:: with SMTP id j9mr3165248qtj.21.1552679513588; Fri, 15 Mar 2019 12:51:53 -0700 (PDT) Date: Fri, 15 Mar 2019 20:51:27 +0100 In-Reply-To: Message-Id: Mime-Version: 1.0 References: X-Mailer: git-send-email 2.21.0.360.g471c308f928-goog Subject: [PATCH v11 03/14] lib, arm64: untag user pointers in strn*_user From: Andrey Konovalov To: Catalin Marinas , Will Deacon , Mark Rutland , Robin Murphy , Kees Cook , Kate Stewart , Greg Kroah-Hartman , Andrew Morton , Ingo Molnar , "Kirill A . Shutemov" , Shuah Khan , Vincenzo Frascino , Eric Dumazet , "David S. Miller" , Alexei Starovoitov , Daniel Borkmann , Steven Rostedt , Ingo Molnar , Peter Zijlstra , Arnaldo Carvalho de Melo , linux-arm-kernel@lists.infradead.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, netdev@vger.kernel.org, bpf@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org Cc: Dmitry Vyukov , Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Chintan Pandya , Luc Van Oostenryck , Dave Martin , Kevin Brodsky , Szabolcs Nagy , Andrey Konovalov Content-Type: text/plain; charset="UTF-8" X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: This patch is a part of a series that extends arm64 kernel ABI to allow to pass tagged user pointers (with the top byte set to something else other than 0x00) as syscall arguments. strncpy_from_user and strnlen_user accept user addresses as arguments, and do not go through the same path as copy_from_user and others, so here we need to handle the case of tagged user addresses separately. Untag user pointers passed to these functions. Note, that this patch only temporarily untags the pointers to perform validity checks, but then uses them as is to perform user memory accesses. Signed-off-by: Andrey Konovalov --- lib/strncpy_from_user.c | 3 ++- lib/strnlen_user.c | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/strncpy_from_user.c b/lib/strncpy_from_user.c index 58eacd41526c..6209bb9507c7 100644 --- a/lib/strncpy_from_user.c +++ b/lib/strncpy_from_user.c @@ -6,6 +6,7 @@ #include #include #include +#include #include #include @@ -107,7 +108,7 @@ long strncpy_from_user(char *dst, const char __user *src, long count) return 0; max_addr = user_addr_max(); - src_addr = (unsigned long)src; + src_addr = (unsigned long)untagged_addr(src); if (likely(src_addr < max_addr)) { unsigned long max = max_addr - src_addr; long retval; diff --git a/lib/strnlen_user.c b/lib/strnlen_user.c index 1c1a1b0e38a5..8ca3d2ac32ec 100644 --- a/lib/strnlen_user.c +++ b/lib/strnlen_user.c @@ -2,6 +2,7 @@ #include #include #include +#include #include @@ -109,7 +110,7 @@ long strnlen_user(const char __user *str, long count) return 0; max_addr = user_addr_max(); - src_addr = (unsigned long)str; + src_addr = (unsigned long)untagged_addr(str); if (likely(src_addr < max_addr)) { unsigned long max = max_addr - src_addr; long retval; -- 2.21.0.360.g471c308f928-goog From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.0 required=3.0 tests=DKIMWL_WL_HIGH, DKIM_ADSP_CUSTOM_MED,DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_PASS,URIBL_BLOCKED, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9DE93C10F00 for ; Fri, 15 Mar 2019 19:52:36 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 68C5C2063F for ; Fri, 15 Mar 2019 19:52:36 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="sOEnFXJA"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="HPKtN+Ac" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 68C5C2063F Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+infradead-linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version :Message-Id:In-Reply-To:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=RVb+sb15xn9Rt7QuVJXumfzr0mgBgSclLRa72YTPKeU=; b=sOEnFXJAfrwzZl sw7MYwv+LeYmgQOCQLWG/XbqcnEOAsCpY99FLvtDOTb9Ac+86RtPqjzR37rhLVj8FLdUGfNytzZi3 eT9PoXxm/iTIwJlbn58XFFFc7/ioxEFc9vWUEzZ3kv7TyQs6y5dvCDlBXFTkStCaGaUmq7uXbWT03 QR5RmAxW3N1BsGZZpsAK4SijGlquFatPF7ARwLChvjI+kY2ulNYpq/Vr5ZpM/KNyMTqg1YvfHCU7Q 4AkdCcJ9BCtDXrh8TKVTnC5xQIEBQEANxfZAbGVIWCJRogUzhAha7k5rPAJy2n/0lFGxJ6924X/6j aWM7A5vRaOi/ZqukkjXw==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1h4ssW-0007pz-Js; Fri, 15 Mar 2019 19:52:28 +0000 Received: from mail-qk1-x749.google.com ([2607:f8b0:4864:20::749]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1h4srz-0006do-46 for linux-arm-kernel@lists.infradead.org; Fri, 15 Mar 2019 19:51:59 +0000 Received: by mail-qk1-x749.google.com with SMTP id n64so8770991qkb.0 for ; Fri, 15 Mar 2019 12:51:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=yc2TKKK3uyNjx4k/SCg2YsIAkDocczWLqEwyHrZeSHg=; b=HPKtN+AcCirGFFQHEZAu/mCbNrjYIKj90qShdg/IiFhxen49J0Qdpnr1pcKG7a6Z8e JeJ2qVhpKVo0e4MFSlZbzLIR2woDetJaTNND5bdihZ/qbAWcocsa2cvfjheYeB4rsRtq VupfRDNmC+dOLdGj40kTGJqU/K4oyQ4V3HkdkM9xosZcLU7jdIpJBpWnC76XUdwc2cRx PrBSQsPpZWMh+HxdTYEIi4nHU5c8m+m6PJBso4DlJCsFDkKaGHF5sF+vigRkHjI5UG0U RhfFgSuDuzmav8L6Qcw6zbyS+BybgMK3vA4F1h2a+P/7Y7SKXtGu14CbY9cr1/NstkUy Z8Lw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=yc2TKKK3uyNjx4k/SCg2YsIAkDocczWLqEwyHrZeSHg=; b=ALQMeSgBLsch7loNzHupNR+OYzbWG3N+2Yf7hDQBwTuuwY3VrR+3A2/FS7XJahcjfh K3YmoiTB97V/Q2WlZW1uis0BLHK/ah1C6Kiqhb2n1q6068LkXMaC3ibK6lzhhAZtrctV BB3BgNPmWnVvsR2IT7u+LBU5OHnMizEGtrRliKObwmqE2SB5SlsUGHC6hQBjW+za8rUr jyt9kusmnEQhB6J8ckMAGUcIKD/31K2a7jNs1YZ+8XmYsNhjvH6ulNqTlMItGHIsN8wE H+5AW6k1MR7z9+6fEA42rtJA4b5P9+uFN25hmEQU60ceRRAjrzy6/fgBtWwXSSQug15H QDPw== X-Gm-Message-State: APjAAAXbmRGnI4SKQNmpAoHQ9Iy+kLPcDbIw1nePVq/2JmSzq4AN+Qy3 Nr/Z7LlHwvh8pIfsTeij3qDCSj2TmmZ9is85 X-Google-Smtp-Source: APXvYqxQt9HPpRfECab7LUPrHAbJSVnQOqRrkiVNkyIaCkT/+WBTjFpEfz28zU++TxipH2bwdLb5/hvYcjvCwg1k X-Received: by 2002:ac8:28c9:: with SMTP id j9mr3165248qtj.21.1552679513588; Fri, 15 Mar 2019 12:51:53 -0700 (PDT) Date: Fri, 15 Mar 2019 20:51:27 +0100 In-Reply-To: Message-Id: Mime-Version: 1.0 References: X-Mailer: git-send-email 2.21.0.360.g471c308f928-goog Subject: [PATCH v11 03/14] lib, arm64: untag user pointers in strn*_user From: Andrey Konovalov To: Catalin Marinas , Will Deacon , Mark Rutland , Robin Murphy , Kees Cook , Kate Stewart , Greg Kroah-Hartman , Andrew Morton , Ingo Molnar , "Kirill A . Shutemov" , Shuah Khan , Vincenzo Frascino , Eric Dumazet , "David S. Miller" , Alexei Starovoitov , Daniel Borkmann , Steven Rostedt , Ingo Molnar , Peter Zijlstra , Arnaldo Carvalho de Melo , linux-arm-kernel@lists.infradead.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, netdev@vger.kernel.org, bpf@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20190315_125155_510686_351722D7 X-CRM114-Status: GOOD ( 13.58 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Brodsky , Chintan Pandya , Jacob Bramley , Ruben Ayrapetyan , Szabolcs Nagy , Andrey Konovalov , Lee Smith , Kostya Serebryany , Dmitry Vyukov , Ramana Radhakrishnan , Luc Van Oostenryck , Dave Martin , Evgeniy Stepanov Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+infradead-linux-arm-kernel=archiver.kernel.org@lists.infradead.org This patch is a part of a series that extends arm64 kernel ABI to allow to pass tagged user pointers (with the top byte set to something else other than 0x00) as syscall arguments. strncpy_from_user and strnlen_user accept user addresses as arguments, and do not go through the same path as copy_from_user and others, so here we need to handle the case of tagged user addresses separately. Untag user pointers passed to these functions. Note, that this patch only temporarily untags the pointers to perform validity checks, but then uses them as is to perform user memory accesses. Signed-off-by: Andrey Konovalov --- lib/strncpy_from_user.c | 3 ++- lib/strnlen_user.c | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/strncpy_from_user.c b/lib/strncpy_from_user.c index 58eacd41526c..6209bb9507c7 100644 --- a/lib/strncpy_from_user.c +++ b/lib/strncpy_from_user.c @@ -6,6 +6,7 @@ #include #include #include +#include #include #include @@ -107,7 +108,7 @@ long strncpy_from_user(char *dst, const char __user *src, long count) return 0; max_addr = user_addr_max(); - src_addr = (unsigned long)src; + src_addr = (unsigned long)untagged_addr(src); if (likely(src_addr < max_addr)) { unsigned long max = max_addr - src_addr; long retval; diff --git a/lib/strnlen_user.c b/lib/strnlen_user.c index 1c1a1b0e38a5..8ca3d2ac32ec 100644 --- a/lib/strnlen_user.c +++ b/lib/strnlen_user.c @@ -2,6 +2,7 @@ #include #include #include +#include #include @@ -109,7 +110,7 @@ long strnlen_user(const char __user *str, long count) return 0; max_addr = user_addr_max(); - src_addr = (unsigned long)str; + src_addr = (unsigned long)untagged_addr(str); if (likely(src_addr < max_addr)) { unsigned long max = max_addr - src_addr; long retval; -- 2.21.0.360.g471c308f928-goog _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel