From: Christoph Hellwig <hch@lst.de> To: "David S. Miller" <davem@davemloft.net>, Jakub Kicinski <kuba@kernel.org>, Alexei Starovoitov <ast@kernel.org>, Daniel Borkmann <daniel@iogearbox.net>, Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>, Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>, Eric Dumazet <edumazet@google.com> Cc: linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, bpf@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, linux-sctp@vger.kernel.org, linux-hams@vger.kernel.org, linux-bluetooth@vger.kernel.org, bridge@lists.linux-foundation.org, linux-can@vger.kernel.org, dccp@vger.kernel.org, linux-decnet-user@lists.sourceforge.net, linux-wpan@vger.kernel.org, linux-s390@vger.kernel.org, mptcp@lists.01.org, lvs-devel@vger.kernel.org, rds-devel@oss.oracle.com, linux-afs@lists.infradead.org, tipc-discussion@lists.sourceforge.net, linux-x25@vger.kernel.org Subject: [PATCH 26/26] net: optimize the sockptr_t for unified kernel/user address spaces Date: Thu, 23 Jul 2020 08:09:08 +0200 Message-ID: <20200723060908.50081-27-hch@lst.de> (raw) In-Reply-To: <20200723060908.50081-1-hch@lst.de> For architectures like x86 and arm64 we don't need the separate bit to indicate that a pointer is a kernel pointer as the address spaces are unified. That way the sockptr_t can be reduced to a union of two pointers, which leads to nicer calling conventions. The only caveat is that we need to check that users don't pass in kernel address and thus gain access to kernel memory. Thus the USER_SOCKPTR helper is replaced with a init_user_sockptr function that does this check and returns an error if it fails. Signed-off-by: Christoph Hellwig <hch@lst.de> --- include/linux/sockptr.h | 32 ++++++++++++++++++++++++++++++-- net/ipv4/bpfilter/sockopt.c | 14 ++++++++------ net/socket.c | 6 +++++- 3 files changed, 43 insertions(+), 9 deletions(-) diff --git a/include/linux/sockptr.h b/include/linux/sockptr.h index 700856e13ea0c4..7d5cdb2b30b5f0 100644 --- a/include/linux/sockptr.h +++ b/include/linux/sockptr.h @@ -8,9 +8,34 @@ #ifndef _LINUX_SOCKPTR_H #define _LINUX_SOCKPTR_H +#include <linux/compiler.h> #include <linux/slab.h> #include <linux/uaccess.h> +#ifdef CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE +typedef union { + void *kernel; + void __user *user; +} sockptr_t; + +static inline bool sockptr_is_kernel(sockptr_t sockptr) +{ + return (unsigned long)sockptr.kernel >= TASK_SIZE; +} + +static inline sockptr_t KERNEL_SOCKPTR(void *p) +{ + return (sockptr_t) { .kernel = p }; +} + +static inline int __must_check init_user_sockptr(sockptr_t *sp, void __user *p) +{ + if ((unsigned long)p >= TASK_SIZE) + return -EFAULT; + sp->user = p; + return 0; +} +#else /* CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE */ typedef struct { union { void *kernel; @@ -29,10 +54,13 @@ static inline sockptr_t KERNEL_SOCKPTR(void *p) return (sockptr_t) { .kernel = p, .is_kernel = true }; } -static inline sockptr_t USER_SOCKPTR(void __user *p) +static inline int __must_check init_user_sockptr(sockptr_t *sp, void __user *p) { - return (sockptr_t) { .user = p }; + sp->user = p; + sp->is_kernel = false; + return 0; } +#endif /* CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE */ static inline bool sockptr_is_null(sockptr_t sockptr) { diff --git a/net/ipv4/bpfilter/sockopt.c b/net/ipv4/bpfilter/sockopt.c index 1b34cb9a7708ec..94f18d2352d007 100644 --- a/net/ipv4/bpfilter/sockopt.c +++ b/net/ipv4/bpfilter/sockopt.c @@ -57,16 +57,18 @@ int bpfilter_ip_set_sockopt(struct sock *sk, int optname, sockptr_t optval, return bpfilter_mbox_request(sk, optname, optval, optlen, true); } -int bpfilter_ip_get_sockopt(struct sock *sk, int optname, char __user *optval, - int __user *optlen) +int bpfilter_ip_get_sockopt(struct sock *sk, int optname, + char __user *user_optval, int __user *optlen) { - int len; + sockptr_t optval; + int err, len; if (get_user(len, optlen)) return -EFAULT; - - return bpfilter_mbox_request(sk, optname, USER_SOCKPTR(optval), len, - false); + err = init_user_sockptr(&optval, user_optval); + if (err) + return err; + return bpfilter_mbox_request(sk, optname, optval, len, false); } static int __init bpfilter_sockopt_init(void) diff --git a/net/socket.c b/net/socket.c index e44b8ac47f6f46..94ca4547cd7c53 100644 --- a/net/socket.c +++ b/net/socket.c @@ -2097,7 +2097,7 @@ static bool sock_use_custom_sol_socket(const struct socket *sock) int __sys_setsockopt(int fd, int level, int optname, char __user *user_optval, int optlen) { - sockptr_t optval = USER_SOCKPTR(user_optval); + sockptr_t optval; char *kernel_optval = NULL; int err, fput_needed; struct socket *sock; @@ -2105,6 +2105,10 @@ int __sys_setsockopt(int fd, int level, int optname, char __user *user_optval, if (optlen < 0) return -EINVAL; + err = init_user_sockptr(&optval, user_optval); + if (err) + return err; + sock = sockfd_lookup_light(fd, &err, &fput_needed); if (!sock) return err; -- 2.27.0
next prev parent reply index Thread overview: 64+ messages / expand[flat|nested] mbox.gz Atom feed top 2020-07-23 6:08 get rid of the address_space override in setsockopt v2 Christoph Hellwig 2020-07-23 6:08 ` [PATCH 01/26] bpfilter: fix up a sparse annotation Christoph Hellwig 2020-07-23 11:14 ` Luc Van Oostenryck 2020-07-23 6:08 ` [PATCH 02/26] net/bpfilter: split __bpfilter_process_sockopt Christoph Hellwig 2020-07-23 6:08 ` [PATCH 03/26] bpfilter: reject kernel addresses Christoph Hellwig 2020-07-23 14:42 ` David Laight 2020-07-23 14:44 ` 'Christoph Hellwig' 2020-07-23 14:56 ` David Laight 2020-07-23 6:08 ` [PATCH 04/26] net: add a new sockptr_t type Christoph Hellwig 2020-07-23 15:40 ` Jan Engelhardt 2020-07-23 16:40 ` Eric Dumazet 2020-07-23 16:44 ` Christoph Hellwig 2020-07-23 6:08 ` [PATCH 05/26] net: switch copy_bpf_fprog_from_user to sockptr_t Christoph Hellwig 2020-07-23 6:08 ` [PATCH 06/26] net: switch sock_setbindtodevice " Christoph Hellwig 2020-07-23 6:08 ` [PATCH 07/26] net: switch sock_set_timeout " Christoph Hellwig 2020-07-23 6:08 ` [PATCH 08/26] " Christoph Hellwig 2020-07-23 8:39 ` [MPTCP] " Matthieu Baerts 2020-07-23 6:08 ` [PATCH 09/26] net/xfrm: switch xfrm_user_policy " Christoph Hellwig 2020-07-23 6:08 ` [PATCH 10/26] netfilter: remove the unused user argument to do_update_counters Christoph Hellwig 2020-07-23 6:08 ` [PATCH 11/26] netfilter: switch xt_copy_counters to sockptr_t Christoph Hellwig 2020-07-23 6:08 ` [PATCH 12/26] netfilter: switch nf_setsockopt " Christoph Hellwig 2020-07-27 15:03 ` Jason A. Donenfeld 2020-07-27 15:06 ` Christoph Hellwig 2020-07-27 16:16 ` Jason A. Donenfeld 2020-07-27 16:23 ` Christoph Hellwig 2020-07-28 8:07 ` David Laight 2020-07-28 8:17 ` Jason A. Donenfeld 2020-07-27 16:16 ` Christoph Hellwig 2020-07-27 16:21 ` Jason A. Donenfeld 2020-07-23 6:08 ` [PATCH 13/26] bpfilter: switch bpfilter_ip_set_sockopt " Christoph Hellwig 2020-07-23 11:16 ` David Laight 2020-07-23 11:44 ` 'Christoph Hellwig' 2020-07-23 6:08 ` [PATCH 14/26] net/ipv4: switch ip_mroute_setsockopt " Christoph Hellwig 2020-07-23 6:08 ` [PATCH 15/26] net/ipv4: merge ip_options_get and ip_options_get_from_user Christoph Hellwig 2020-07-23 6:08 ` [PATCH 16/26] net/ipv4: switch do_ip_setsockopt to sockptr_t Christoph Hellwig 2020-07-23 6:08 ` [PATCH 17/26] net/ipv6: switch ip6_mroute_setsockopt " Christoph Hellwig 2020-07-23 6:09 ` [PATCH 18/26] net/ipv6: split up ipv6_flowlabel_opt Christoph Hellwig 2020-07-23 6:09 ` [PATCH 19/26] net/ipv6: switch ipv6_flowlabel_opt to sockptr_t Christoph Hellwig 2020-07-27 12:15 ` Ido Schimmel 2020-07-27 13:00 ` Christoph Hellwig 2020-07-27 13:33 ` Ido Schimmel 2020-07-27 16:15 ` Christoph Hellwig 2020-07-27 18:22 ` Ido Schimmel 2020-07-27 13:24 ` David Laight 2020-07-23 6:09 ` [PATCH 20/26] net/ipv6: factor out a ipv6_set_opt_hdr helper Christoph Hellwig 2020-07-23 6:09 ` [PATCH 21/26] net/ipv6: switch do_ipv6_setsockopt to sockptr_t Christoph Hellwig 2020-07-23 6:09 ` [PATCH 22/26] net/udp: switch udp_lib_setsockopt " Christoph Hellwig 2020-07-23 6:09 ` [PATCH 23/26] net/tcp: switch ->md5_parse " Christoph Hellwig 2020-07-23 6:09 ` [PATCH 24/26] net/tcp: switch do_tcp_setsockopt " Christoph Hellwig 2020-07-23 6:09 ` [PATCH 25/26] net: pass a sockptr_t into ->setsockopt Christoph Hellwig 2020-07-23 8:39 ` [MPTCP] " Matthieu Baerts 2020-08-06 22:21 ` Eric Dumazet 2020-08-07 7:21 ` Christoph Hellwig 2020-08-07 9:18 ` David Laight 2020-08-07 18:29 ` Eric Dumazet 2020-08-08 13:54 ` David Laight 2020-07-23 6:09 ` Christoph Hellwig [this message] 2020-07-24 22:43 ` get rid of the address_space override in setsockopt v2 David Miller 2020-07-26 7:03 ` Christoph Hellwig 2020-07-26 7:08 ` Andreas Schwab 2020-07-26 7:46 ` David Miller 2020-07-27 9:51 ` David Laight 2020-07-27 13:48 ` Al Viro 2020-07-27 14:09 ` David Laight
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20200723060908.50081-27-hch@lst.de \ --to=hch@lst.de \ --cc=ast@kernel.org \ --cc=bpf@vger.kernel.org \ --cc=bridge@lists.linux-foundation.org \ --cc=coreteam@netfilter.org \ --cc=daniel@iogearbox.net \ --cc=davem@davemloft.net \ --cc=dccp@vger.kernel.org \ --cc=edumazet@google.com \ --cc=kuba@kernel.org \ --cc=kuznet@ms2.inr.ac.ru \ --cc=linux-afs@lists.infradead.org \ --cc=linux-bluetooth@vger.kernel.org \ --cc=linux-can@vger.kernel.org \ --cc=linux-crypto@vger.kernel.org \ --cc=linux-decnet-user@lists.sourceforge.net \ --cc=linux-hams@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-s390@vger.kernel.org \ --cc=linux-sctp@vger.kernel.org \ --cc=linux-wpan@vger.kernel.org \ --cc=linux-x25@vger.kernel.org \ --cc=lvs-devel@vger.kernel.org \ --cc=mptcp@lists.01.org \ --cc=netdev@vger.kernel.org \ --cc=netfilter-devel@vger.kernel.org \ --cc=rds-devel@oss.oracle.com \ --cc=tipc-discussion@lists.sourceforge.net \ --cc=yoshfuji@linux-ipv6.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
Linux-WPAN Archive on lore.kernel.org Archives are clonable: git clone --mirror https://lore.kernel.org/linux-wpan/0 linux-wpan/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 linux-wpan linux-wpan/ https://lore.kernel.org/linux-wpan \ linux-wpan@vger.kernel.org public-inbox-index linux-wpan Example config snippet for mirrors Newsgroup available over NNTP: nntp://nntp.lore.kernel.org/org.kernel.vger.linux-wpan AGPL code for this site: git clone https://public-inbox.org/public-inbox.git