| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <201305221604.49185.arnd@arndb.de> Date: Wed, 22 May 2013 16:04:48 +0200 From: Arnd Bergmann <arnd@...db.de> To: "Russell King - ARM Linux" <linux@....linux.org.uk> Cc: "Michael S. Tsirkin" <mst@...hat.com>, linux-m32r-ja@...linux-m32r.org, kvm@...r.kernel.org, Peter Zijlstra <peterz@...radead.org>, Catalin Marinas <catalin.marinas@....com>, Will Deacon <will.deacon@....com>, David Howells <dhowells@...hat.com>, linux-mm@...ck.org, Paul Mackerras <paulus@...ba.org>, "H. Peter Anvin" <hpa@...or.com>, linux-arch@...r.kernel.org, linux-am33-list@...hat.com, Hirokazu Takata <takata@...ux-m32r.org>, x86@...nel.org, Ingo Molnar <mingo@...hat.com>, Benjamin Herrenschmidt <benh@...nel.crashing.org>, microblaze-uclinux@...e.uq.edu.au, Chris Metcalf <cmetcalf@...era.com>, Thomas Gleixner <tglx@...utronix.de>, linux-arm-kernel@...ts.infradead.org, Michal Simek <monstr@...str.eu>, linux-m32r@...linux-m32r.org, linux-kernel@...r.kernel.org, Koichi Yasutake <yasutake.koichi@...panasonic.com>, linuxppc-dev@...ts.ozlabs.org Subject: Re: [PATCH v2 00/10] uaccess: better might_sleep/might_fault behavior On Wednesday 22 May 2013, Russell King - ARM Linux wrote: > On Wed, May 22, 2013 at 11:25:36AM +0200, Arnd Bergmann wrote: > > Given the most commonly used functions and a couple of architectures > > I'm familiar with, these are the ones that currently call might_fault() > > > > x86-32 x86-64 arm arm64 powerpc s390 generic > > copy_to_user - x - - - x x > > copy_from_user - x - - - x x > > put_user x x x x x x x > > get_user x x x x x x x > > __copy_to_user x x - - x - - > > __copy_from_user x x - - x - - > > __put_user - - x - x - - > > __get_user - - x - x - - > > > > WTF? > > I think your table is rather screwed - especially on ARM. Tell me - > how can __copy_to_user() use might_fault() but copy_to_user() not when > copy_to_user() is implemented using __copy_to_user() ? Same for > copy_from_user() but the reverse argument - there's nothing special > in our copy_from_user() which would make it do might_fault() when > __copy_from_user() wouldn't. I think something went wrong with formatting of the tabstobs in the table. I've tried to correct it above to the same version I see on the mailing list. > The correct position for ARM is: our (__)?(pu|ge)t_user all use > might_fault(), but (__)?copy_(to|from)_user do not. Neither does > (__)?clear_user. We might want to fix those to use might_fault(). Yes, that sounds like a good idea, especially since they are all implemented out-of-line. For __get_user()/__put_user(), I would probably do the reverse and make them not call might_fault() though, like we do on most other architectures: Look at the object code produced for setup_sigframe for instance, it calls might_fault() around 25 times where one should really be enough. Using __put_user() instead of put_user() is normally an indication that the author of that function has made performance considerations and move the (trivial) access_ok() call out, but now we add a more expensive call instead. Arnd -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists