From: Luc Van Oostenryck <luc.vanoostenryck@gmail.com>
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Andrey Konovalov <andreyknvl@google.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Mark Rutland <mark.rutland@arm.com>,
Kate Stewart <kstewart@linuxfoundation.org>,
linux-doc@vger.kernel.org, Will Deacon <will.deacon@arm.com>,
Kostya Serebryany <kcc@google.com>,
linux-kselftest@vger.kernel.org,
Chintan Pandya <cpandya@codeaurora.org>,
Shuah Khan <shuah@kernel.org>, Ingo Molnar <mingo@kernel.org>,
linux-arch@vger.kernel.org, Jacob Bramley <Jacob.Bramley@arm.com>,
Dmitry Vyukov <dvyukov@google.com>,
Evgeniy Stepanov <eugenis@google.com>,
Kees Cook <keescook@chromium.org>,
Ruben Ayrapetyan <Ruben.Ayrapetyan@arm.com>,
Ramana Radhakrishnan <Ramana.Radhakrishnan@arm.com>,
Al Viro <viro@zeniv.linux.org.uk>,
Linux ARM <linux-arm-kernel@lists.infradead.org>,
Linux Memory Management List <linux-mm@kvack.org>,
LKML <linux-kernel@vger.kernel.org>,
Lee Smith <Lee.Smith@arm.com>,
Andrew Morton <akpm@linux-foundation.org>,
Robin Murphy <robin.murphy@arm.com>,
"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
Matthew Wilcox <willy@infradead.org>
Subject: Re: [PATCH v4 0/7] arm64: untag user pointers passed to the kernel
Date: Mon, 6 Aug 2018 21:12:53 +0200 [thread overview]
Message-ID: <CAExDi1T=s1ASPz6wMbV-G+Wiq8u9zu9cFztaCQ1kDy_TDQkXvg@mail.gmail.com> (raw)
In-Reply-To: <20180803150945.GC9297@kroah.com>
On Fri, Aug 3, 2018 at 5:09 PM, Greg Kroah-Hartman
<gregkh@linuxfoundation.org> wrote:
> On Fri, Aug 03, 2018 at 04:59:18PM +0200, Andrey Konovalov wrote:
>> On Thu, Aug 2, 2018 at 5:00 PM, Andrey Konovalov <andreyknvl@google.com> wrote:
>> > On Wed, Aug 1, 2018 at 7:42 PM, Catalin Marinas <catalin.marinas@arm.com> wrote:
>> >> On Mon, Jul 16, 2018 at 01:25:59PM +0200, Andrey Konovalov wrote:
>> >>> On Thu, Jun 28, 2018 at 9:30 PM, Andrey Konovalov <andreyknvl@google.com> wrote:
>> >>> So the checker reports ~100 different places where a __user pointer
>> >>> being casted. I've looked through them and found 3 places where we
>> >>> need to add untagging. Source code lines below come from 4.18-rc2+
>> >>> (6f0d349d).
>> >> [...]
>> >>> I'll add the 3 patches with fixes to v5 of this patchset.
>> >>
>> >> Thanks for investigating. You can fix those three places in your code
>> >
>> > OK, will do.
>> >
>> >> but I was rather looking for a way to check such casting in the future
>> >> for newly added code. While for the khwasan we can assume it's a debug
>> >> option, the tagged user pointers are ABI and we need to keep it stable.
>> >>
>> >> We could we actually add some macros for explicit conversion between
>> >> __user ptr and long and silence the warning there (I guess this would
>> >> work better for sparse). We can then detect new ptr to long casts as
>> >> they appear. I just hope that's not too intrusive.
>> >>
>> >> (I haven't tried the sparse patch yet, hopefully sometime this week)
>> >
>> > Haven't look at that sparse patch yet myself, but sounds doable.
>> > Should these macros go into this patchset or should they go
>> > separately?
>>
>> Started looking at this. When I run sparse with default checks enabled
>> (make C=1) I get countless warnings. Does anybody actually use it?
>
> Try using a more up-to-date version of sparse. Odds are you are using
> an old one, there is a newer version in a different branch on kernel.org
> somewhere...
>
> greg k-h
>
Quoting Linus in [1]:
Honestly, I'd like to just encourage people to get the sparse update
from Luc Van Oostenryck instead.
For a while there it looked like Chris Li would just pull from Luc,
and we'd have timely releases, but that really doesn't seem to have
ended up happening after all. So right now it's probably just best to
get Luc's tree instead from
https://github.com/lucvoo/sparse-dev
which also ends up fixing a lot of other issues.
[1] https://lore.kernel.org/lkml/CA+55aFzYEnZR2GZLR-DwpONjMNYGYoDy+6AWLCVNayWiaZuqoA@mail.gmail.com/T/#u
prev parent reply other threads:[~2018-08-06 19:12 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-06-20 15:24 [PATCH v4 0/7] arm64: untag user pointers passed to the kernel Andrey Konovalov
2018-06-20 15:24 ` [PATCH v4 1/7] arm64: add type casts to untagged_addr macro Andrey Konovalov
2018-06-20 15:24 ` [PATCH v4 2/7] uaccess: add untagged_addr definition for other arches Andrey Konovalov
2018-06-20 15:24 ` [PATCH v4 3/7] arm64: untag user addresses in access_ok and __uaccess_mask_ptr Andrey Konovalov
2018-06-20 15:24 ` [PATCH v4 4/7] mm, arm64: untag user addresses in mm/gup.c Andrey Konovalov
2018-06-20 15:24 ` [PATCH v4 5/7] lib, arm64: untag addrs passed to strncpy_from_user and strnlen_user Andrey Konovalov
2018-06-20 15:24 ` [PATCH v4 6/7] arm64: update Documentation/arm64/tagged-pointers.txt Andrey Konovalov
2018-06-20 15:24 ` [PATCH v4 7/7] selftests, arm64: add a selftest for passing tagged pointers to kernel Andrey Konovalov
2018-06-26 12:47 ` [PATCH v4 0/7] arm64: untag user pointers passed to the kernel Andrey Konovalov
2018-06-26 17:29 ` Catalin Marinas
2018-06-27 15:05 ` Andrey Konovalov
2018-06-27 15:08 ` Ramana Radhakrishnan
2018-06-27 17:17 ` Catalin Marinas
2018-06-28 6:17 ` Luc Van Oostenryck
2018-06-28 10:27 ` Catalin Marinas
2018-06-28 10:46 ` Luc Van Oostenryck
2018-06-28 14:48 ` Catalin Marinas
2018-06-28 15:28 ` Luc Van Oostenryck
2018-06-29 15:27 ` David Laight
2018-06-28 23:21 ` [PATCH] sparse: stricter warning for explicit cast to ulong Luc Van Oostenryck
2018-06-28 19:30 ` [PATCH v4 0/7] arm64: untag user pointers passed to the kernel Andrey Konovalov
2018-06-29 15:19 ` Andrey Konovalov
2018-06-29 15:20 ` Andrey Konovalov
2018-07-16 11:25 ` Andrey Konovalov
2018-07-31 13:23 ` Andrey Konovalov
2018-08-01 17:42 ` Catalin Marinas
2018-08-02 15:00 ` Andrey Konovalov
2018-08-03 14:59 ` Andrey Konovalov
2018-08-03 15:09 ` Greg Kroah-Hartman
2018-08-03 16:43 ` Matthew Wilcox
2018-08-03 16:54 ` Andrey Konovalov
2018-08-06 19:12 ` Luc Van Oostenryck [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAExDi1T=s1ASPz6wMbV-G+Wiq8u9zu9cFztaCQ1kDy_TDQkXvg@mail.gmail.com' \
--to=luc.vanoostenryck@gmail.com \
--cc=Jacob.Bramley@arm.com \
--cc=Lee.Smith@arm.com \
--cc=Ramana.Radhakrishnan@arm.com \
--cc=Ruben.Ayrapetyan@arm.com \
--cc=akpm@linux-foundation.org \
--cc=andreyknvl@google.com \
--cc=catalin.marinas@arm.com \
--cc=cpandya@codeaurora.org \
--cc=dvyukov@google.com \
--cc=eugenis@google.com \
--cc=gregkh@linuxfoundation.org \
--cc=kcc@google.com \
--cc=keescook@chromium.org \
--cc=kirill.shutemov@linux.intel.com \
--cc=kstewart@linuxfoundation.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mark.rutland@arm.com \
--cc=mingo@kernel.org \
--cc=robin.murphy@arm.com \
--cc=shuah@kernel.org \
--cc=viro@zeniv.linux.org.uk \
--cc=will.deacon@arm.com \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).