From: Guenter Roeck <linux@roeck-us.net>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: linux-kernel@vger.kernel.org,
Alexander Viro <viro@zeniv.linux.org.uk>,
linux-fsdevel@vger.kernel.org
Subject: Re: [PATCH] Convert filldir[64]() from __put_user() to unsafe_put_user()
Date: Sun, 6 Oct 2019 15:20:46 -0700 [thread overview]
Message-ID: <20191006222046.GA18027@roeck-us.net> (raw)
On Sat, May 21, 2016 at 09:59:07PM -0700, Linus Torvalds wrote:
> We really should avoid the "__{get,put}_user()" functions entirely,
> because they can easily be mis-used and the original intent of being
> used for simple direct user accesses no longer holds in a post-SMAP/PAN
> world.
>
> Manually optimizing away the user access range check makes no sense any
> more, when the range check is generally much cheaper than the "enable
> user accesses" code that the __{get,put}_user() functions still need.
>
> So instead of __put_user(), use the unsafe_put_user() interface with
> user_access_{begin,end}() that really does generate better code these
> days, and which is generally a nicer interface. Under some loads, the
> multiple user writes that filldir() does are actually quite noticeable.
>
> This also makes the dirent name copy use unsafe_put_user() with a couple
> of macros. We do not want to make function calls with SMAP/PAN
> disabled, and the code this generates is quite good when the
> architecture uses "asm goto" for unsafe_put_user() like x86 does.
>
> Note that this doesn't bother with the legacy cases. Nobody should use
> them anyway, so performance doesn't really matter there.
>
> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Linus,
this patch causes all my sparc64 emulations to stall during boot. It causes
all alpha emulations to crash with [1a] and [1b] when booting from a virtual
disk, and one of the xtensa emulations to crash with [2].
Reverting this patch fixes the problem.
Guenter
---
[1a]
Unable to handle kernel paging request at virtual address 0000000000000004
rcS(47): Oops -1
pc = [<0000000000000004>] ra = [<fffffc00004512e4>] ps = 0000 Not tainted
pc is at 0x4
ra is at filldir64+0x64/0x320
v0 = 0000000000000000 t0 = 0000000000000000 t1 = 0000000120117e8b
t2 = 646e617275303253 t3 = 646e617275300000 t4 = 0000000000007fe8
t5 = 0000000120117e78 t6 = 0000000000000000 t7 = fffffc0007ec8000
s0 = fffffc0007dbca56 s1 = 000000000000000a s2 = 0000000000000020
s3 = fffffc0007ecbec8 s4 = 0000000000000008 s5 = 0000000000000021
s6 = 1cd2631fe897bf5a
a0 = fffffc0007dbca56 a1 = 2f2f2f2f2f2f2f2f a2 = 000000000000000a
a3 = 1cd2631fe897bf5a a4 = 0000000000000021 a5 = 0000000000000008
t8 = 0000000000000020 t9 = 0000000000000000 t10= fffffc0007dbca60
t11= 0000000000000001 pv = fffffc0000b9a810 at = 0000000000000001
gp = fffffc0000f03930 sp = (____ptrval____)
Disabling lock debugging due to kernel taint
Trace:
[<fffffc00004e7a08>] call_filldir+0xe8/0x1b0
[<fffffc00004e8684>] ext4_readdir+0x924/0xa70
[<fffffc0000ba3088>] _raw_spin_unlock+0x18/0x30
[<fffffc00003f751c>] __handle_mm_fault+0x9fc/0xc30
[<fffffc0000450c68>] iterate_dir+0x198/0x240
[<fffffc0000450b2c>] iterate_dir+0x5c/0x240
[<fffffc00004518b8>] ksys_getdents64+0xa8/0x160
[<fffffc0000451990>] sys_getdents64+0x20/0x40
[<fffffc0000451280>] filldir64+0x0/0x320
[<fffffc0000311634>] entSys+0xa4/0xc0
---
[1b]
Unable to handle kernel paging request at virtual address 0000000000000004
reboot(50): Oops -1
pc = [<0000000000000004>] ra = [<fffffc00004512e4>] ps = 0000 Tainted: G D
pc is at 0x4
ra is at filldir64+0x64/0x320
v0 = 0000000000000000 t0 = 0000000067736d6b t1 = 000000012011445b
t2 = 0000000000000000 t3 = 0000000000000000 t4 = 0000000000007ef8
t5 = 0000000120114448 t6 = 0000000000000000 t7 = fffffc0007eec000
s0 = fffffc000792b5c3 s1 = 0000000000000004 s2 = 0000000000000018
s3 = fffffc0007eefec8 s4 = 0000000000000008 s5 = 00000000f00000a3
s6 = 000000000000000b
a0 = fffffc000792b5c3 a1 = 2f2f2f2f2f2f2f2f a2 = 0000000000000004
a3 = 000000000000000b a4 = 00000000f00000a3 a5 = 0000000000000008
t8 = 0000000000000018 t9 = 0000000000000000 t10= 0000000022e1d02a
t11= 000000011f8fd3b8 pv = fffffc0000b9a810 at = 0000000022e1ccf8
gp = fffffc0000f03930 sp = (____ptrval____)
Trace:
[<fffffc00004ccba0>] proc_readdir_de+0x170/0x300
[<fffffc0000451280>] filldir64+0x0/0x320
[<fffffc00004c565c>] proc_root_readdir+0x3c/0x80
[<fffffc0000450c68>] iterate_dir+0x198/0x240
[<fffffc00004518b8>] ksys_getdents64+0xa8/0x160
[<fffffc0000451990>] sys_getdents64+0x20/0x40
[<fffffc0000451280>] filldir64+0x0/0x320
[<fffffc0000311634>] entSys+0xa4/0xc0
---
[2]
Unable to handle kernel paging request at virtual address 0000000000000004
reboot(50): Oops -1
pc = [<0000000000000004>] ra = [<fffffc00004512e4>] ps = 0000 Tainted: G D
pc is at 0x4
ra is at filldir64+0x64/0x320
v0 = 0000000000000000 t0 = 0000000067736d6b t1 = 000000012011445b
t2 = 0000000000000000 t3 = 0000000000000000 t4 = 0000000000007ef8
t5 = 0000000120114448 t6 = 0000000000000000 t7 = fffffc0007eec000
s0 = fffffc000792b5c3 s1 = 0000000000000004 s2 = 0000000000000018
s3 = fffffc0007eefec8 s4 = 0000000000000008 s5 = 00000000f00000a3
s6 = 000000000000000b
a0 = fffffc000792b5c3 a1 = 2f2f2f2f2f2f2f2f a2 = 0000000000000004
a3 = 000000000000000b a4 = 00000000f00000a3 a5 = 0000000000000008
t8 = 0000000000000018 t9 = 0000000000000000 t10= 0000000022e1d02a
t11= 000000011fd6f3b8 pv = fffffc0000b9a810 at = 0000000022e1ccf8
gp = fffffc0000f03930 sp = (____ptrval____)
Trace:
[<fffffc00004ccba0>] proc_readdir_de+0x170/0x300
[<fffffc0000451280>] filldir64+0x0/0x320
[<fffffc00004c565c>] proc_root_readdir+0x3c/0x80
[<fffffc0000450c68>] iterate_dir+0x198/0x240
[<fffffc00004518b8>] ksys_getdents64+0xa8/0x160
[<fffffc0000451990>] sys_getdents64+0x20/0x40
[<fffffc0000451280>] filldir64+0x0/0x320
[<fffffc0000311634>] entSys+0xa4/0xc0
Code:
00000000
00063301
000007a3
00001111
00003f64
Segmentation fault
next reply other threads:[~2019-10-06 22:20 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-06 22:20 Guenter Roeck [this message]
2019-10-06 23:06 ` [PATCH] Convert filldir[64]() from __put_user() to unsafe_put_user() Linus Torvalds
2019-10-06 23:35 ` Linus Torvalds
2019-10-07 0:04 ` Guenter Roeck
2019-10-07 1:17 ` Linus Torvalds
2019-10-07 1:24 ` Al Viro
2019-10-07 2:06 ` Linus Torvalds
2019-10-07 2:50 ` Al Viro
2019-10-07 3:11 ` Linus Torvalds
2019-10-07 15:40 ` David Laight
2019-10-07 18:11 ` Linus Torvalds
2019-10-08 9:58 ` David Laight
2019-10-07 17:34 ` Al Viro
2019-10-07 18:13 ` Linus Torvalds
2019-10-07 18:22 ` Al Viro
2019-10-07 18:26 ` Linus Torvalds
2019-10-07 18:36 ` Tony Luck
2019-10-07 19:08 ` Linus Torvalds
2019-10-07 19:49 ` Tony Luck
2019-10-07 20:04 ` Linus Torvalds
2019-10-08 3:29 ` Al Viro
2019-10-08 4:09 ` Linus Torvalds
2019-10-08 4:14 ` Linus Torvalds
2019-10-08 5:02 ` Al Viro
2019-10-08 4:24 ` Linus Torvalds
2019-10-10 19:55 ` Al Viro
2019-10-10 22:12 ` Linus Torvalds
2019-10-11 0:11 ` Al Viro
2019-10-11 0:31 ` Linus Torvalds
2019-10-13 18:13 ` Al Viro
2019-10-13 18:43 ` Linus Torvalds
2019-10-13 19:10 ` Al Viro
2019-10-13 19:22 ` Linus Torvalds
2019-10-13 19:59 ` Al Viro
2019-10-13 20:20 ` Linus Torvalds
2019-10-15 3:46 ` Michael Ellerman
2019-10-15 18:08 ` Al Viro
2019-10-15 19:00 ` Linus Torvalds
2019-10-15 19:40 ` Al Viro
2019-10-15 20:18 ` Al Viro
2019-10-16 12:12 ` [RFC] change of calling conventions for arch_futex_atomic_op_inuser() Al Viro
2019-10-16 12:24 ` Thomas Gleixner
2019-10-16 20:25 ` [PATCH] Convert filldir[64]() from __put_user() to unsafe_put_user() Al Viro
2019-10-17 19:36 ` [RFC][PATCHES] drivers/scsi/sg.c uaccess cleanups/fixes Al Viro
2019-10-17 19:39 ` [RFC PATCH 1/8] sg_ioctl(): fix copyout handling Al Viro
2019-10-17 19:39 ` [RFC PATCH 2/8] sg_new_write(): replace access_ok() + __copy_from_user() with copy_from_user() Al Viro
2019-10-17 19:39 ` [RFC PATCH 3/8] sg_write(): __get_user() can fail Al Viro
2019-10-17 19:39 ` [RFC PATCH 4/8] sg_read(): simplify reading ->pack_id of userland sg_io_hdr_t Al Viro
2019-10-17 19:39 ` [RFC PATCH 5/8] sg_new_write(): don't bother with access_ok Al Viro
2019-10-17 19:39 ` [RFC PATCH 6/8] sg_read(): get rid of access_ok()/__copy_..._user() Al Viro
2019-10-17 19:39 ` [RFC PATCH 7/8] sg_write(): get rid of access_ok()/__copy_from_user()/__get_user() Al Viro
2019-10-17 19:39 ` [RFC PATCH 8/8] SG_IO: get rid of access_ok() Al Viro
2019-10-17 21:44 ` [RFC][PATCHES] drivers/scsi/sg.c uaccess cleanups/fixes Douglas Gilbert
2019-11-05 4:54 ` Martin K. Petersen
2019-11-05 5:25 ` Al Viro
2019-11-06 4:29 ` Martin K. Petersen
2019-10-18 0:27 ` [RFC] csum_and_copy_from_user() semantics Al Viro
2019-10-25 14:01 ` [PATCH] Convert filldir[64]() from __put_user() to unsafe_put_user() Thomas Gleixner
2019-10-08 4:57 ` Al Viro
2019-10-08 13:14 ` Greg KH
2019-10-08 15:29 ` Al Viro
2019-10-08 15:38 ` Greg KH
2019-10-08 17:06 ` Al Viro
2019-10-08 19:58 ` Al Viro
2019-10-08 20:16 ` Al Viro
2019-10-08 20:34 ` Al Viro
2019-10-07 2:30 ` Guenter Roeck
2019-10-07 3:12 ` Linus Torvalds
2019-10-07 0:23 ` Guenter Roeck
2019-10-07 4:04 ` Max Filippov
2019-10-07 12:16 ` Guenter Roeck
2019-10-07 19:21 ` Linus Torvalds
2019-10-07 20:29 ` Guenter Roeck
2019-10-07 23:27 ` Guenter Roeck
2019-10-08 6:28 ` Geert Uytterhoeven
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191006222046.GA18027@roeck-us.net \
--to=linux@roeck-us.net \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).