| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <b779beed-e44e-4a5e-9551-4647682b0d21@rivosinc.com>
Date: Tue, 29 Apr 2025 09:07:09 +0200
From: Clément Léger <cleger@...osinc.com>
To: Nylon Chen <nylon.chen@...ive.com>
Cc: Alexandre Ghiti <alex@...ti.fr>, linux-kernel@...r.kernel.org,
linux-riscv@...ts.infradead.org, paul.walmsley@...ive.com,
palmer@...belt.com, aou@...s.berkeley.edu, charlie@...osinc.com,
jesse@...osinc.com, evan@...osinc.com, zhangchunyan@...as.ac.cn,
samuel.holland@...ive.com, zong.li@...ive.com
Subject: Re: [PATCH 2/2] riscv: misaligned: fix sleeping function called
during misaligned access handling
On 29/04/2025 07:57, Nylon Chen wrote:
> Hi Clément,
>
> Thank you for sharing your patch. I’ve reviewed the changes, but I’m
> not sure I fully grasp the design rationale.
> Could you please briefly explain the main considerations behind this
> modification?
>
> We’re also discussing internally the differences between my _nofault
> approach and your IRQ-enable approach, and I’d appreciate your
> perspective on the pros and cons of each.
Hi Nylon,
There is not really pro vs cons. Using nofault would lead to failure to
read from user memory that is paged out for instance. This is not really
acceptable, we should handle user misaligned access even at an address
that would generate a page fault. One way to do so is to reenable IRQs
when coming from userspace and use copy_from/to_user() since it can
sleep while accessing memory. My latest version of the series [1] now
reenables interrupts only when coming from userspace.
Thanks,
Clément
[1]
https://lore.kernel.org/linux-riscv/20250422162324.956065-1-cleger@rivosinc.com/
>
> Looking forward to your suggestions!
>
> Nylon
>
> Clément Léger <cleger@...osinc.com> 於 2025年4月11日 週五 下午4:38寫道:
>>
>>
>>
>> On 11/04/2025 10:35, Alexandre Ghiti wrote:
>>> Hi Clément,
>>>
>>> On 11/04/2025 09:36, Clément Léger wrote:
>>>> Hi Nylon,
>>>>
>>>> I already have a pending fix for that bug which is to reenable
>>>> interrupts while handling misaligned faults. Please see:
>>>> https://lore.kernel.org/linux-riscv/20250317170625.1142870-12-
>>>> cleger@...osinc.com/
>>>
>>>
>>> Can you extract this fix from the series so that it can be merged in 6.15?
>>
>> Hi Alex,
>>
>> Yes sure, I can send a small series as well. However, I'd like the
>> associated kselftest to be reviewed since it would allow to catch such
>> behavior (there is no test for misaligned delegation yet).
>>
>> Thanks,
>>
>> Clément
>>
>>>
>>> Thanks,
>>>
>>> Alex
>>>
>>>
>>>>
>>>> Thanks,
>>>>
>>>> Clément
>>>>
>>>> On 11/04/2025 09:38, Nylon Chen wrote:
>>>>> Use copy_from_user_nofault() and copy_to_user_nofault() instead of
>>>>> copy_from/to_user functions in the misaligned access trap handlers.
>>>>>
>>>>> The following bug report was found when executing misaligned memory
>>>>> accesses:
>>>>>
>>>>> BUG: sleeping function called from invalid context at ./include/
>>>>> linux/uaccess.h:162
>>>>> in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 115, name: two
>>>>> preempt_count: 0, expected: 0
>>>>> CPU: 0 UID: 0 PID: 115 Comm: two Not tainted 6.14.0-rc5 #24
>>>>> Hardware name: riscv-virtio,qemu (DT)
>>>>> Call Trace:
>>>>> [<ffffffff800160ea>] dump_backtrace+0x1c/0x24
>>>>> [<ffffffff80002304>] show_stack+0x28/0x34
>>>>> [<ffffffff80010fae>] dump_stack_lvl+0x4a/0x68
>>>>> [<ffffffff80010fe0>] dump_stack+0x14/0x1c
>>>>> [<ffffffff8004e44e>] __might_resched+0xfa/0x104
>>>>> [<ffffffff8004e496>] __might_sleep+0x3e/0x62
>>>>> [<ffffffff801963c4>] __might_fault+0x1c/0x24
>>>>> [<ffffffff80425352>] _copy_from_user+0x28/0xaa
>>>>> [<ffffffff8000296c>] handle_misaligned_store+0x204/0x254
>>>>> [<ffffffff809eae82>] do_trap_store_misaligned+0x24/0xee
>>>>> [<ffffffff809f4f1a>] handle_exception+0x146/0x152
>>>>>
>>>>> Fixes: b686ecdeacf6 ("riscv: misaligned: Restrict user access to
>>>>> kernel memory")
>>>>> Fixes: 441381506ba7 ("riscv: misaligned: remove CONFIG_RISCV_M_MODE
>>>>> specific code")
>>>>>
>>>>> Signed-off-by: Zong Li <zong.li@...ive.com>
>>>>> Signed-off-by: Nylon Chen <nylon.chen@...ive.com>
>>>>> ---
>>>>> arch/riscv/kernel/traps_misaligned.c | 4 ++--
>>>>> 1 file changed, 2 insertions(+), 2 deletions(-)
>>>>>
>>>>> diff --git a/arch/riscv/kernel/traps_misaligned.c b/arch/riscv/
>>>>> kernel/traps_misaligned.c
>>>>> index d7275dfb6b7e..563f73f88fa8 100644
>>>>> --- a/arch/riscv/kernel/traps_misaligned.c
>>>>> +++ b/arch/riscv/kernel/traps_misaligned.c
>>>>> @@ -455,7 +455,7 @@ static int handle_scalar_misaligned_load(struct
>>>>> pt_regs *regs)
>>>>> val.data_u64 = 0;
>>>>> if (user_mode(regs)) {
>>>>> - if (copy_from_user(&val, (u8 __user *)addr, len))
>>>>> + if (copy_from_user_nofault(&val, (u8 __user *)addr, len))
>>>>> return -1;
>>>>> } else {
>>>>> memcpy(&val, (u8 *)addr, len);
>>>>> @@ -556,7 +556,7 @@ static int handle_scalar_misaligned_store(struct
>>>>> pt_regs *regs)
>>>>> return -EOPNOTSUPP;
>>>>> if (user_mode(regs)) {
>>>>> - if (copy_to_user((u8 __user *)addr, &val, len))
>>>>> + if (copy_to_user_nofault((u8 __user *)addr, &val, len))
>>>>> return -1;
>>>>> } else {
>>>>> memcpy((u8 *)addr, &val, len);
>>>>
>>>> _______________________________________________
>>>> linux-riscv mailing list
>>>> linux-riscv@...ts.infradead.org
>>>> http://lists.infradead.org/mailman/listinfo/linux-riscv
>>
Powered by blists - more mailing lists