From: Andrey Konovalov <andreyknvl@google.com>
To: linux-arm-kernel@lists.infradead.org, linux-mm@kvack.org,
linux-kernel@vger.kernel.org, amd-gfx@lists.freedesktop.org,
dri-devel@lists.freedesktop.org, linux-rdma@vger.kernel.org,
linux-media@vger.kernel.org, kvm@vger.kernel.org,
linux-kselftest@vger.kernel.org
Cc: Catalin Marinas <catalin.marinas@arm.com>,
Vincenzo Frascino <vincenzo.frascino@arm.com>,
Will Deacon <will.deacon@arm.com>,
Mark Rutland <mark.rutland@arm.com>,
Andrew Morton <akpm@linux-foundation.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Kees Cook <keescook@chromium.org>,
Yishai Hadas <yishaih@mellanox.com>,
Felix Kuehling <Felix.Kuehling@amd.com>,
Alexander Deucher <Alexander.Deucher@amd.com>,
Christian Koenig <Christian.Koenig@amd.com>,
Mauro Carvalho Chehab <mchehab@kernel.org>,
Jens Wiklander <jens.wiklander@linaro.org>,
Alex Williamson <alex.williamson@redhat.com>,
Leon Romanovsky <leon@kernel.org>,
Luc Van Oostenryck <luc.vanoostenryck@gmail.com>,
Dave Martin <Dave.Martin@arm.com>,
Khalid Aziz <khalid.aziz@oracle.com>, enh <enh@google.com>,
Jason Gunthorpe <jgg@ziepe.ca>,
Christoph Hellwig <hch@infradead.org>,
Dmitry Vyukov <dvyukov@google.com>,
Kostya Serebryany <kcc@google.com>,
Evgeniy Stepanov <eugenis@google.com>,
Lee Smith <Lee.Smith@arm.com>,
Ramana Radhakrishnan <Ramana.Radhakrishnan@arm.com>,
Jacob Bramley <Jacob.Bramley@arm.com>,
Ruben Ayrapetyan <Ruben.Ayrapetyan@arm.com>,
Robin Murphy <robin.murphy@arm.com>,
Kevin Brodsky <kevin.brodsky@arm.com>,
Szabolcs Nagy <Szabolcs.Nagy@arm.com>,
Andrey Konovalov <andreyknvl@google.com>
Subject: [PATCH v18 03/15] lib: untag user pointers in strn*_user
Date: Mon, 24 Jun 2019 16:32:48 +0200
Message-ID: <1a53da43d69d644793110e85671d20158ebf29cb.1561386715.git.andreyknvl@google.com> (raw)
In-Reply-To: <cover.1561386715.git.andreyknvl@google.com>
This patch is a part of a series that extends kernel ABI to allow to pass
tagged user pointers (with the top byte set to something else other than
0x00) as syscall arguments.
strncpy_from_user and strnlen_user accept user addresses as arguments, and
do not go through the same path as copy_from_user and others, so here we
need to handle the case of tagged user addresses separately.
Untag user pointers passed to these functions.
Note, that this patch only temporarily untags the pointers to perform
validity checks, but then uses them as is to perform user memory accesses.
Reviewed-by: Vincenzo Frascino <vincenzo.frascino@arm.com>
Reviewed-by: Khalid Aziz <khalid.aziz@oracle.com>
Acked-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
---
lib/strncpy_from_user.c | 3 ++-
lib/strnlen_user.c | 3 ++-
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/lib/strncpy_from_user.c b/lib/strncpy_from_user.c
index 023ba9f3b99f..dccb95af6003 100644
--- a/lib/strncpy_from_user.c
+++ b/lib/strncpy_from_user.c
@@ -6,6 +6,7 @@
#include <linux/uaccess.h>
#include <linux/kernel.h>
#include <linux/errno.h>
+#include <linux/mm.h>
#include <asm/byteorder.h>
#include <asm/word-at-a-time.h>
@@ -108,7 +109,7 @@ long strncpy_from_user(char *dst, const char __user *src, long count)
return 0;
max_addr = user_addr_max();
- src_addr = (unsigned long)src;
+ src_addr = (unsigned long)untagged_addr(src);
if (likely(src_addr < max_addr)) {
unsigned long max = max_addr - src_addr;
long retval;
diff --git a/lib/strnlen_user.c b/lib/strnlen_user.c
index 7f2db3fe311f..28ff554a1be8 100644
--- a/lib/strnlen_user.c
+++ b/lib/strnlen_user.c
@@ -2,6 +2,7 @@
#include <linux/kernel.h>
#include <linux/export.h>
#include <linux/uaccess.h>
+#include <linux/mm.h>
#include <asm/word-at-a-time.h>
@@ -109,7 +110,7 @@ long strnlen_user(const char __user *str, long count)
return 0;
max_addr = user_addr_max();
- src_addr = (unsigned long)str;
+ src_addr = (unsigned long)untagged_addr(str);
if (likely(src_addr < max_addr)) {
unsigned long max = max_addr - src_addr;
long retval;
--
2.22.0.410.gd8fdbe21b5-goog
next prev parent reply index
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-24 14:32 [PATCH v18 00/15] arm64: untag user pointers passed to the kernel Andrey Konovalov
2019-06-24 14:32 ` [PATCH v18 01/15] arm64: untag user pointers in access_ok and __uaccess_mask_ptr Andrey Konovalov
2019-06-24 14:32 ` [PATCH v18 02/15] arm64: Introduce prctl() options to control the tagged user addresses ABI Andrey Konovalov
2019-06-24 15:04 ` Kees Cook
2019-06-24 14:32 ` Andrey Konovalov [this message]
2019-06-24 14:32 ` [PATCH v18 04/15] mm: untag user pointers passed to memory syscalls Andrey Konovalov
2019-06-24 14:32 ` [PATCH v18 05/15] mm: untag user pointers in mm/gup.c Andrey Konovalov
2019-06-24 14:32 ` [PATCH v18 06/15] mm: untag user pointers in get_vaddr_frames Andrey Konovalov
2019-06-24 14:32 ` [PATCH v18 07/15] fs/namespace: untag user pointers in copy_mount_options Andrey Konovalov
2019-06-24 17:50 ` Catalin Marinas
2019-07-15 16:00 ` Andrey Konovalov
2019-07-22 16:46 ` Kees Cook
2019-06-24 14:32 ` [PATCH v18 08/15] userfaultfd: untag user pointers Andrey Konovalov
2019-06-24 17:51 ` Catalin Marinas
2019-07-15 16:00 ` Andrey Konovalov
2019-07-17 11:09 ` Mike Rapoport
2019-07-17 11:46 ` Andrey Konovalov
2019-06-24 14:32 ` [PATCH v18 09/15] drm/amdgpu: " Andrey Konovalov
2019-06-24 15:00 ` Kees Cook
2019-06-24 14:32 ` [PATCH v18 10/15] drm/radeon: untag user pointers in radeon_gem_userptr_ioctl Andrey Konovalov
2019-06-24 15:01 ` Kees Cook
2019-06-24 15:02 ` Kees Cook
2019-06-26 17:50 ` Khalid Aziz
2019-06-24 14:32 ` [PATCH v18 11/15] IB/mlx4: untag user pointers in mlx4_get_umem_mr Andrey Konovalov
2019-06-24 15:01 ` Kees Cook
2019-06-24 17:40 ` Catalin Marinas
2019-07-15 16:01 ` Andrey Konovalov
2019-07-15 18:05 ` Jason Gunthorpe
2019-07-16 10:42 ` Andrey Konovalov
2019-07-16 12:06 ` Jason Gunthorpe
2019-07-17 11:42 ` Andrey Konovalov
2019-07-17 11:44 ` Andrey Konovalov
2019-07-17 11:58 ` Jason Gunthorpe
2019-07-17 13:36 ` Andrey Konovalov
2019-06-24 14:32 ` [PATCH v18 12/15] media/v4l2-core: untag user pointers in videobuf_dma_contig_user_get Andrey Konovalov
2019-06-24 14:32 ` [PATCH v18 13/15] tee/shm: untag user pointers in tee_shm_register Andrey Konovalov
2019-06-24 14:32 ` [PATCH v18 14/15] vfio/type1: untag user pointers in vaddr_get_pfn Andrey Konovalov
2019-06-24 14:33 ` [PATCH v18 15/15] selftests, arm64: add a selftest for passing tagged pointers to kernel Andrey Konovalov
2019-06-24 15:02 ` Kees Cook
2019-06-24 17:38 ` Catalin Marinas
2019-08-23 13:56 ` Cristian Marussi
2019-08-23 17:16 ` Andrey Konovalov
2019-08-23 17:49 ` Cristian Marussi
2019-09-04 14:52 ` Andrey Konovalov
2019-09-04 16:22 ` Cristian Marussi
2019-09-04 16:42 ` Andrey Konovalov
2019-06-26 17:18 ` [PATCH v18 00/15] arm64: untag user pointers passed to the kernel Catalin Marinas
Reply instructions:
You may reply publically to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1a53da43d69d644793110e85671d20158ebf29cb.1561386715.git.andreyknvl@google.com \
--to=andreyknvl@google.com \
--cc=Alexander.Deucher@amd.com \
--cc=Christian.Koenig@amd.com \
--cc=Dave.Martin@arm.com \
--cc=Felix.Kuehling@amd.com \
--cc=Jacob.Bramley@arm.com \
--cc=Lee.Smith@arm.com \
--cc=Ramana.Radhakrishnan@arm.com \
--cc=Ruben.Ayrapetyan@arm.com \
--cc=Szabolcs.Nagy@arm.com \
--cc=akpm@linux-foundation.org \
--cc=alex.williamson@redhat.com \
--cc=amd-gfx@lists.freedesktop.org \
--cc=catalin.marinas@arm.com \
--cc=dri-devel@lists.freedesktop.org \
--cc=dvyukov@google.com \
--cc=enh@google.com \
--cc=eugenis@google.com \
--cc=gregkh@linuxfoundation.org \
--cc=hch@infradead.org \
--cc=jens.wiklander@linaro.org \
--cc=jgg@ziepe.ca \
--cc=kcc@google.com \
--cc=keescook@chromium.org \
--cc=kevin.brodsky@arm.com \
--cc=khalid.aziz@oracle.com \
--cc=kvm@vger.kernel.org \
--cc=leon@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-media@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-rdma@vger.kernel.org \
--cc=luc.vanoostenryck@gmail.com \
--cc=mark.rutland@arm.com \
--cc=mchehab@kernel.org \
--cc=robin.murphy@arm.com \
--cc=vincenzo.frascino@arm.com \
--cc=will.deacon@arm.com \
--cc=yishaih@mellanox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
KVM Archive on lore.kernel.org
Archives are clonable:
git clone --mirror https://lore.kernel.org/kvm/0 kvm/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 kvm kvm/ https://lore.kernel.org/kvm \
kvm@vger.kernel.org
public-inbox-index kvm
Example config snippet for mirrors
Newsgroup available over NNTP:
nntp://nntp.lore.kernel.org/org.kernel.vger.kvm
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git