From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.5 required=3.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5D30BC28CBC for ; Wed, 6 May 2020 06:23:14 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 186B52073A for ; Wed, 6 May 2020 06:23:14 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (2048-bit key) header.d=infradead.org header.i=@infradead.org header.b="Oyixt2C6" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 186B52073A Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=lst.de Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 2A7288E0013; Wed, 6 May 2020 02:23:11 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 2073B8E0010; Wed, 6 May 2020 02:23:11 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 0A6F08E0013; Wed, 6 May 2020 02:23:10 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0187.hostedemail.com [216.40.44.187]) by kanga.kvack.org (Postfix) with ESMTP id D97548E0010 for ; Wed, 6 May 2020 02:23:10 -0400 (EDT) Received: from smtpin26.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay03.hostedemail.com (Postfix) with ESMTP id A007E824C723 for ; Wed, 6 May 2020 06:23:10 +0000 (UTC) X-FDA: 76785301740.26.lunch25_1bb460eb0df31 X-HE-Tag: lunch25_1bb460eb0df31 X-Filterd-Recvd-Size: 5190 Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) by imf16.hostedemail.com (Postfix) with ESMTP for ; Wed, 6 May 2020 06:23:10 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=bombadil.20170209; h=Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender :Reply-To:Content-Type:Content-ID:Content-Description; bh=73xwWdERJOWUidTf3k9x6ajdY4gu8lH6d9hC6e9Kw30=; b=Oyixt2C6FuXCADF1Z+bzaBBZEJ 7tisz3mAxiH6My9gPYayi+8kQ0EDYfM7Fbww+XIZZaZxILzafqEE0OP3nRspxSPy9NbA/AAiYQa1Q B2+IJamBj3lig3cxkULH/b83CXpuMXvUPGt/yMfttVFhQOPvp9XtIh6j0JYcQ8a+iWNULMkP+ofni MKyeTyxPqBoBp/rIdfm/PUJ3LQKbN/u9JT+3y5dC5eWulRhVg4fq9zF2m4M7ixp71P0XOMKEFD/b7 ykJq5/awg9XkD1SwTBiY8MZ2NNd2qO5Bxzr4svUU8/UDdRP++K9rAJXDPxGkRGzdP6Bl3HcwWyHRA qgaJ27hw==; Received: from [2001:4bb8:191:66b6:c70:4a89:bc61:2] (helo=localhost) by bombadil.infradead.org with esmtpsa (Exim 4.92.3 #3 (Red Hat Linux)) id 1jWDSV-0006q8-ME; Wed, 06 May 2020 06:23:08 +0000 From: Christoph Hellwig To: x86@kernel.org, Alexei Starovoitov , Daniel Borkmann , Masami Hiramatsu , Linus Torvalds , Andrew Morton Cc: linux-parisc@vger.kernel.org, linux-um@lists.infradead.org, netdev@vger.kernel.org, bpf@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org Subject: [PATCH 14/15] maccess: allow architectures to provide kernel probing directly Date: Wed, 6 May 2020 08:22:22 +0200 Message-Id: <20200506062223.30032-15-hch@lst.de> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200506062223.30032-1-hch@lst.de> References: <20200506062223.30032-1-hch@lst.de> MIME-Version: 1.0 X-SRS-Rewrite: SMTP reverse-path rewritten from by bombadil.infradead.org. See http://www.infradead.org/rpr.html Content-Transfer-Encoding: quoted-printable X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Provide alternative versions of probe_kernel_read, probe_kernel_write and strncpy_from_kernel_unsafe that don't need set_fs magic, but instead use arch hooks that are modelled after unsafe_{get,put}_user to access kernel memory in an exception safe way. Signed-off-by: Christoph Hellwig --- mm/maccess.c | 76 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 76 insertions(+) diff --git a/mm/maccess.c b/mm/maccess.c index aa59967d9b658..d99a5a67fa9b3 100644 --- a/mm/maccess.c +++ b/mm/maccess.c @@ -12,6 +12,81 @@ bool __weak probe_kernel_read_allowed(void *dst, const= void *unsafe_src, return true; } =20 +#ifdef HAVE_ARCH_PROBE_KERNEL + +#define probe_kernel_read_loop(dst, src, len, type, err_label) \ + while (len >=3D sizeof(type)) { \ + arch_kernel_read(dst, src, type, err_label); \ + dst +=3D sizeof(type); \ + src +=3D sizeof(type); \ + len -=3D sizeof(type); \ + } + +long probe_kernel_read(void *dst, const void *src, size_t size) +{ + if (!probe_kernel_read_allowed(dst, src, size)) + return -EFAULT; + + pagefault_disable(); + probe_kernel_read_loop(dst, src, size, u64, Efault); + probe_kernel_read_loop(dst, src, size, u32, Efault); + probe_kernel_read_loop(dst, src, size, u16, Efault); + probe_kernel_read_loop(dst, src, size, u8, Efault); + pagefault_enable(); + return 0; +Efault: + pagefault_enable(); + return -EFAULT; +} +EXPORT_SYMBOL_GPL(probe_kernel_read); + +#define probe_kernel_write_loop(dst, src, len, type, err_label) \ + while (len >=3D sizeof(type)) { \ + arch_kernel_write(dst, src, type, err_label); \ + dst +=3D sizeof(type); \ + src +=3D sizeof(type); \ + len -=3D sizeof(type); \ + } + +long probe_kernel_write(void *dst, const void *src, size_t size) +{ + pagefault_disable(); + probe_kernel_write_loop(dst, src, size, u64, Efault); + probe_kernel_write_loop(dst, src, size, u32, Efault); + probe_kernel_write_loop(dst, src, size, u16, Efault); + probe_kernel_write_loop(dst, src, size, u8, Efault); + pagefault_enable(); + return 0; +Efault: + pagefault_enable(); + return -EFAULT; +} + +long strncpy_from_kernel_unsafe(char *dst, const void *unsafe_addr, long= count) +{ + const void *src =3D unsafe_addr; + + if (unlikely(count <=3D 0)) + return 0; + if (!probe_kernel_read_allowed(dst, unsafe_addr, count)) + return -EFAULT; + + pagefault_disable(); + do { + arch_kernel_read(dst, src, u8, Efault); + dst++; + src++; + } while (dst[-1] && src - unsafe_addr < count); + pagefault_enable(); + + dst[-1] =3D '\0'; + return src - unsafe_addr; +Efault: + pagefault_enable(); + dst[-1] =3D '\0'; + return -EFAULT; +} +#else /* HAVE_ARCH_PROBE_KERNEL */ /** * probe_kernel_read(): safely attempt to read from kernel-space * @dst: pointer to the buffer that shall take the data @@ -114,6 +189,7 @@ long strncpy_from_kernel_unsafe(char *dst, const void= *unsafe_addr, long count) =20 return ret ? -EFAULT : src - unsafe_addr; } +#endif /* HAVE_ARCH_PROBE_KERNEL */ =20 /** * probe_user_read(): safely attempt to read from a user-space location --=20 2.26.2