From: Andrey Konovalov <andreyknvl@google.com> To: linux-arm-kernel@lists.infradead.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, amd-gfx@lists.freedesktop.org, dri-devel@lists.freedesktop.org, linux-rdma@vger.kernel.org, linux-media@vger.kernel.org, kvm@vger.kernel.org, linux-kselftest@vger.kernel.org Cc: Catalin Marinas <catalin.marinas@arm.com>, Vincenzo Frascino <vincenzo.frascino@arm.com>, Will Deacon <will.deacon@arm.com>, Mark Rutland <mark.rutland@arm.com>, Andrew Morton <akpm@linux-foundation.org>, Greg Kroah-Hartman <gregkh@linuxfoundation.org>, Kees Cook <keescook@chromium.org>, Yishai Hadas <yishaih@mellanox.com>, Felix Kuehling <Felix.Kuehling@amd.com>, Alexander Deucher <Alexander.Deucher@amd.com>, Christian Koenig <Christian.Koenig@amd.com>, Mauro Carvalho Chehab <mchehab@kernel.org>, Jens Wiklander <jens.wiklander@linaro.org>, Alex Williamson <alex.williamson@redhat.com>, Leon Romanovsky <leon@kernel.org>, Luc Van Oostenryck <luc.vanoostenryck@gmail.com>, Dave Martin <Dave.Martin@arm.com>, Khalid Aziz <khalid.aziz@oracle.com>, enh <enh@google.com>, Jason Gunthorpe <jgg@ziepe.ca>, Christoph Hellwig <hch@infradead.org>, Dmitry Vyukov <dvyukov@google.com>, Kostya Serebryany <kcc@google.com>, Evgeniy Stepanov <eugenis@google.com>, Lee Smith <Lee.Smith@arm.com>, Ramana Radhakrishnan <Ramana.Radhakrishnan@arm.com>, Jacob Bramley <Jacob.Bramley@arm.com>, Ruben Ayrapetyan <Ruben.Ayrapetyan@arm.com>, Robin Murphy <robin.murphy@arm.com>, Kevin Brodsky <kevin.brodsky@arm.com>, Szabolcs Nagy <Szabolcs.Nagy@arm.com>, Andrey Konovalov <andreyknvl@google.com> Subject: [PATCH v18 03/15] lib: untag user pointers in strn*_user Date: Mon, 24 Jun 2019 16:32:48 +0200 Message-ID: <1a53da43d69d644793110e85671d20158ebf29cb.1561386715.git.andreyknvl@google.com> (raw) In-Reply-To: <cover.1561386715.git.andreyknvl@google.com> This patch is a part of a series that extends kernel ABI to allow to pass tagged user pointers (with the top byte set to something else other than 0x00) as syscall arguments. strncpy_from_user and strnlen_user accept user addresses as arguments, and do not go through the same path as copy_from_user and others, so here we need to handle the case of tagged user addresses separately. Untag user pointers passed to these functions. Note, that this patch only temporarily untags the pointers to perform validity checks, but then uses them as is to perform user memory accesses. Reviewed-by: Vincenzo Frascino <vincenzo.frascino@arm.com> Reviewed-by: Khalid Aziz <khalid.aziz@oracle.com> Acked-by: Kees Cook <keescook@chromium.org> Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: Andrey Konovalov <andreyknvl@google.com> --- lib/strncpy_from_user.c | 3 ++- lib/strnlen_user.c | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/strncpy_from_user.c b/lib/strncpy_from_user.c index 023ba9f3b99f..dccb95af6003 100644 --- a/lib/strncpy_from_user.c +++ b/lib/strncpy_from_user.c @@ -6,6 +6,7 @@ #include <linux/uaccess.h> #include <linux/kernel.h> #include <linux/errno.h> +#include <linux/mm.h> #include <asm/byteorder.h> #include <asm/word-at-a-time.h> @@ -108,7 +109,7 @@ long strncpy_from_user(char *dst, const char __user *src, long count) return 0; max_addr = user_addr_max(); - src_addr = (unsigned long)src; + src_addr = (unsigned long)untagged_addr(src); if (likely(src_addr < max_addr)) { unsigned long max = max_addr - src_addr; long retval; diff --git a/lib/strnlen_user.c b/lib/strnlen_user.c index 7f2db3fe311f..28ff554a1be8 100644 --- a/lib/strnlen_user.c +++ b/lib/strnlen_user.c @@ -2,6 +2,7 @@ #include <linux/kernel.h> #include <linux/export.h> #include <linux/uaccess.h> +#include <linux/mm.h> #include <asm/word-at-a-time.h> @@ -109,7 +110,7 @@ long strnlen_user(const char __user *str, long count) return 0; max_addr = user_addr_max(); - src_addr = (unsigned long)str; + src_addr = (unsigned long)untagged_addr(str); if (likely(src_addr < max_addr)) { unsigned long max = max_addr - src_addr; long retval; -- 2.22.0.410.gd8fdbe21b5-goog
next prev parent reply index Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top 2019-06-24 14:32 [PATCH v18 00/15] arm64: untag user pointers passed to the kernel Andrey Konovalov 2019-06-24 14:32 ` [PATCH v18 01/15] arm64: untag user pointers in access_ok and __uaccess_mask_ptr Andrey Konovalov 2019-06-24 14:32 ` [PATCH v18 02/15] arm64: Introduce prctl() options to control the tagged user addresses ABI Andrey Konovalov 2019-06-24 15:04 ` Kees Cook 2019-06-24 14:32 ` Andrey Konovalov [this message] 2019-06-24 14:32 ` [PATCH v18 04/15] mm: untag user pointers passed to memory syscalls Andrey Konovalov 2019-06-24 14:32 ` [PATCH v18 05/15] mm: untag user pointers in mm/gup.c Andrey Konovalov 2019-06-24 14:32 ` [PATCH v18 06/15] mm: untag user pointers in get_vaddr_frames Andrey Konovalov 2019-06-24 14:32 ` [PATCH v18 07/15] fs/namespace: untag user pointers in copy_mount_options Andrey Konovalov 2019-06-24 17:50 ` Catalin Marinas 2019-07-15 16:00 ` Andrey Konovalov 2019-07-22 16:46 ` Kees Cook 2019-06-24 14:32 ` [PATCH v18 08/15] userfaultfd: untag user pointers Andrey Konovalov 2019-06-24 17:51 ` Catalin Marinas 2019-07-15 16:00 ` Andrey Konovalov 2019-07-17 11:09 ` Mike Rapoport 2019-07-17 11:46 ` Andrey Konovalov 2019-06-24 14:32 ` [PATCH v18 09/15] drm/amdgpu: " Andrey Konovalov 2019-06-24 15:00 ` Kees Cook 2019-06-24 14:32 ` [PATCH v18 10/15] drm/radeon: untag user pointers in radeon_gem_userptr_ioctl Andrey Konovalov 2019-06-24 15:01 ` Kees Cook 2019-06-24 15:02 ` Kees Cook 2019-06-26 17:50 ` Khalid Aziz 2019-06-24 14:32 ` [PATCH v18 11/15] IB/mlx4: untag user pointers in mlx4_get_umem_mr Andrey Konovalov 2019-06-24 15:01 ` Kees Cook 2019-06-24 17:40 ` Catalin Marinas 2019-07-15 16:01 ` Andrey Konovalov 2019-07-15 18:05 ` Jason Gunthorpe 2019-07-16 10:42 ` Andrey Konovalov 2019-07-16 12:06 ` Jason Gunthorpe 2019-07-17 11:42 ` Andrey Konovalov 2019-07-17 11:44 ` Andrey Konovalov 2019-07-17 11:58 ` Jason Gunthorpe 2019-07-17 13:36 ` Andrey Konovalov 2019-06-24 14:32 ` [PATCH v18 12/15] media/v4l2-core: untag user pointers in videobuf_dma_contig_user_get Andrey Konovalov 2019-06-24 14:32 ` [PATCH v18 13/15] tee/shm: untag user pointers in tee_shm_register Andrey Konovalov 2019-06-24 14:32 ` [PATCH v18 14/15] vfio/type1: untag user pointers in vaddr_get_pfn Andrey Konovalov 2019-06-24 14:33 ` [PATCH v18 15/15] selftests, arm64: add a selftest for passing tagged pointers to kernel Andrey Konovalov 2019-06-24 15:02 ` Kees Cook 2019-06-24 17:38 ` Catalin Marinas 2019-08-23 13:56 ` Cristian Marussi 2019-08-23 17:16 ` Andrey Konovalov 2019-08-23 17:49 ` Cristian Marussi 2019-09-04 14:52 ` Andrey Konovalov 2019-09-04 16:22 ` Cristian Marussi 2019-09-04 16:42 ` Andrey Konovalov 2019-06-26 17:18 ` [PATCH v18 00/15] arm64: untag user pointers passed to the kernel Catalin Marinas
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=1a53da43d69d644793110e85671d20158ebf29cb.1561386715.git.andreyknvl@google.com \ --to=andreyknvl@google.com \ --cc=Alexander.Deucher@amd.com \ --cc=Christian.Koenig@amd.com \ --cc=Dave.Martin@arm.com \ --cc=Felix.Kuehling@amd.com \ --cc=Jacob.Bramley@arm.com \ --cc=Lee.Smith@arm.com \ --cc=Ramana.Radhakrishnan@arm.com \ --cc=Ruben.Ayrapetyan@arm.com \ --cc=Szabolcs.Nagy@arm.com \ --cc=akpm@linux-foundation.org \ --cc=alex.williamson@redhat.com \ --cc=amd-gfx@lists.freedesktop.org \ --cc=catalin.marinas@arm.com \ --cc=dri-devel@lists.freedesktop.org \ --cc=dvyukov@google.com \ --cc=enh@google.com \ --cc=eugenis@google.com \ --cc=gregkh@linuxfoundation.org \ --cc=hch@infradead.org \ --cc=jens.wiklander@linaro.org \ --cc=jgg@ziepe.ca \ --cc=kcc@google.com \ --cc=keescook@chromium.org \ --cc=kevin.brodsky@arm.com \ --cc=khalid.aziz@oracle.com \ --cc=kvm@vger.kernel.org \ --cc=leon@kernel.org \ --cc=linux-arm-kernel@lists.infradead.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-kselftest@vger.kernel.org \ --cc=linux-media@vger.kernel.org \ --cc=linux-mm@kvack.org \ --cc=linux-rdma@vger.kernel.org \ --cc=luc.vanoostenryck@gmail.com \ --cc=mark.rutland@arm.com \ --cc=mchehab@kernel.org \ --cc=robin.murphy@arm.com \ --cc=vincenzo.frascino@arm.com \ --cc=will.deacon@arm.com \ --cc=yishaih@mellanox.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
KVM Archive on lore.kernel.org Archives are clonable: git clone --mirror https://lore.kernel.org/kvm/0 kvm/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 kvm kvm/ https://lore.kernel.org/kvm \ kvm@vger.kernel.org public-inbox-index kvm Example config snippet for mirrors Newsgroup available over NNTP: nntp://nntp.lore.kernel.org/org.kernel.vger.kvm AGPL code for this site: git clone https://public-inbox.org/public-inbox.git