lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ce2c8557-cda6-4211-9873-9afd993c0580@csgroup.eu>
Date: Tue, 24 Jun 2025 07:34:48 +0200
From: Christophe Leroy <christophe.leroy@...roup.eu>
To: David Laight <david.laight.linux@...il.com>
Cc: Michael Ellerman <mpe@...erman.id.au>, Nicholas Piggin
 <npiggin@...il.com>, Naveen N Rao <naveen@...nel.org>,
 Madhavan Srinivasan <maddy@...ux.ibm.com>,
 Alexander Viro <viro@...iv.linux.org.uk>,
 Christian Brauner <brauner@...nel.org>, Jan Kara <jack@...e.cz>,
 Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>,
 Peter Zijlstra <peterz@...radead.org>, Darren Hart <dvhart@...radead.org>,
 Davidlohr Bueso <dave@...olabs.net>, Andre Almeida <andrealmeid@...lia.com>,
 Andrew Morton <akpm@...ux-foundation.org>,
 Dave Hansen <dave.hansen@...ux.intel.com>,
 Linus Torvalds <torvalds@...ux-foundation.org>,
 linux-kernel@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org,
 linux-fsdevel@...r.kernel.org, linux-mm@...ck.org
Subject: Re: [PATCH 1/5] uaccess: Add masked_user_{read/write}_access_begin



Le 22/06/2025 à 18:35, David Laight a écrit :
> On Sun, 22 Jun 2025 11:52:39 +0200
> Christophe Leroy <christophe.leroy@...roup.eu> wrote:
> 
>> Allthough masked_user_access_begin() seems to only be used when reading
>> data from user at the moment, introduce masked_user_read_access_begin()
>> and masked_user_write_access_begin() in order to match
>> user_read_access_begin() and user_write_access_begin().
>>
>> Have them default to masked_user_access_begin() when they are
>> not defined.
>>
>> Signed-off-by: Christophe Leroy <christophe.leroy@...roup.eu>
>> ---
>>   fs/select.c             | 2 +-
>>   include/linux/uaccess.h | 8 ++++++++
>>   kernel/futex/futex.h    | 4 ++--
>>   lib/strncpy_from_user.c | 2 +-
>>   lib/strnlen_user.c      | 2 +-
>>   5 files changed, 13 insertions(+), 5 deletions(-)
>>
>> diff --git a/fs/select.c b/fs/select.c
>> index 9fb650d03d52..d8547bedf5eb 100644
>> --- a/fs/select.c
>> +++ b/fs/select.c
>> @@ -777,7 +777,7 @@ static inline int get_sigset_argpack(struct sigset_argpack *to,
>>   	// the path is hot enough for overhead of copy_from_user() to matter
>>   	if (from) {
>>   		if (can_do_masked_user_access())
>> -			from = masked_user_access_begin(from);
>> +			from = masked_user_read_access_begin(from);
>>   		else if (!user_read_access_begin(from, sizeof(*from)))
>>   			return -EFAULT;
>>   		unsafe_get_user(to->p, &from->p, Efault);
>> diff --git a/include/linux/uaccess.h b/include/linux/uaccess.h
>> index 7c06f4795670..682a0cd2fe51 100644
>> --- a/include/linux/uaccess.h
>> +++ b/include/linux/uaccess.h
>> @@ -41,6 +41,14 @@
> 
>>   #ifdef masked_user_access_begin
>>    #define can_do_masked_user_access() 1
>>   #else
>>    #define can_do_masked_user_access() 0
>>    #define masked_user_access_begin(src) NULL
>>    #define mask_user_address(src) (src)
>>   #endif
>>   
>> +#ifndef masked_user_write_access_begin
>> +#define masked_user_write_access_begin masked_user_access_begin
>> +#endif
>> +#ifndef masked_user_read_access_begin
>> +#define masked_user_read_access_begin masked_user_access_begin
>> +#endif
> 
> I think that needs merging with the bit above.
> Perhaps generating something like:
> 
> #ifdef masked_user_access_begin
> #define masked_user_read_access_begin masked_user_access_begin
> #define masked_user_write_access_begin masked_user_access_begin
> #endif
> 
> #ifdef masked_user_read_access_begin
>    #define can_do_masked_user_access() 1
> #else
>    #define can_do_masked_user_access() 0
>    #define masked_user_read_access_begin(src) NULL
>    #define masked_user_write_access_begin(src) NULL
>    #define mask_user_address(src) (src)
> #endif
> 
> Otherwise you'll have to #define masked_user_access_begin even though
> it is never used.

I'm not sure I understand what you mean.

masked_user_access_begin() is used, for instance in 
arch/x86/include/asm/futex.h so it will remain.

masked_user_access_begin() is the analogy of user_access_begin(), it 
starts a read-write user access and is worth it.

> 
> Two more patches could change x86-64 to define both and then remove
> the 'then unused' first check - but that has to be for later.
> 

Christophe

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ