| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 3 Feb 2022 19:11:40 +0100
From: Janis Schoetterl-Glausch <scgl@...ux.ibm.com>
To: scgl@...ux.ibm.com
Cc: akpm@...ux-foundation.org, arnd@...db.de,
borntraeger@...ux.ibm.com, hca@...ux.ibm.com,
keescook@...omium.org, linux-kernel@...r.kernel.org,
viro@...iv.linux.org.uk
Subject: [RFC PATCH 1/2] uaccess: Add mechanism for arch specific user access with argument
KVM on s390 needs a mechanism to do accesses to guest memory
that honor storage key protection.
On s390 each physical page is associated with 4 access control bits.
On access these are compared with an access key, which is either
provided by the instruction or taken from the CPU state.
Based on that comparison, the access either succeeds or is prevented.
KVM on s390 needs to be able emulate this behavior, for example during
instruction emulation. KVM usually accesses the guest via
__copy_from/to_user, but in this case we need to also pass the access key.
Introduce __copy_from/to_user_opaque functions KVM can use to achieve
this by forwarding an architecture specific argument.
These functions are the same as their non _opaque counterparts, except
for the additional argument and also reside in include/linux/uaccess.h
so that they will not go out of sync should their counterparts change.
Signed-off-by: Janis Schoetterl-Glausch <scgl@...ux.ibm.com>
---
include/linux/uaccess.h | 28 ++++++++++++++++++++++++++++
1 file changed, 28 insertions(+)
diff --git a/include/linux/uaccess.h b/include/linux/uaccess.h
index ac0394087f7d..cc2c7c6e2b92 100644
--- a/include/linux/uaccess.h
+++ b/include/linux/uaccess.h
@@ -114,6 +114,20 @@ __copy_from_user(void *to, const void __user *from, unsigned long n)
return raw_copy_from_user(to, from, n);
}
+#ifdef uaccess_opaque
+static __always_inline __must_check unsigned long
+__copy_from_user_opaque(void *to, const void __user *from, unsigned long n,
+ struct uaccess_opaque opaque)
+{
+ might_fault();
+ if (should_fail_usercopy())
+ return n;
+ instrument_copy_from_user(to, from, n);
+ check_object_size(to, n, false);
+ return raw_copy_from_user_opaque(to, from, n, opaque);
+}
+#endif /* uaccess_opaque */
+
/**
* __copy_to_user_inatomic: - Copy a block of data into user space, with less checking.
* @to: Destination address, in user space.
@@ -148,6 +162,20 @@ __copy_to_user(void __user *to, const void *from, unsigned long n)
return raw_copy_to_user(to, from, n);
}
+#ifdef uaccess_opaque
+static __always_inline __must_check unsigned long
+__copy_to_user_opaque(void __user *to, const void *from, unsigned long n,
+ struct uaccess_opaque opaque)
+{
+ might_fault();
+ if (should_fail_usercopy())
+ return n;
+ instrument_copy_to_user(to, from, n);
+ check_object_size(from, n, true);
+ return raw_copy_to_user_opaque(to, from, n, opaque);
+}
+#endif /* uaccess_opaque */
+
#ifdef INLINE_COPY_FROM_USER
static inline __must_check unsigned long
_copy_from_user(void *to, const void __user *from, unsigned long n)
--
2.32.0
Powered by blists - more mailing lists