[PATCHv4 12/17] arm64: uaccess: split user/kernel routines

James Morse james.morse at arm.com
Thu Nov 26 13:42:24 EST 2020 

Hi Mark,

On 13/11/2020 12:49, Mark Rutland wrote:
> This patch separates arm64's user and kernel memory access primitives
> into distinct routines, adding new __{get,put}_kernel_nofault() helpers
> to acess kernel memory, upon which core code builds larger copy

(access)

> routines.
> 
> The kernel access routines (using LDR/STR) are not affected by PAN (when
> legitimately accessing kernel memory), nor are they affected by UAO.
> Switching to KERNEL_DS may set UAO, but this does not adversely affect
> the kernel access routines.
> 
> The user access routines (using LDTR/STTR) are not affected by PAN (when
> legitimately accessing user memory), but are affected by UAO. As these
> are only legitimate to use under USER_DS with UAO clear, this should not
> be problematic.
> 
> Routines performing atomics to user memory (futex and deprecated
> instruction emulation) still need to transiently clear PAN, and these
> are left as-is. These are never used on kernel memory.
> 
> Subsequent patches will refactor the uaccess helpers to remove redundant
> code, and will also remove the redundant PAN/UAO manipulation.

> diff --git a/arch/arm64/include/asm/uaccess.h b/arch/arm64/include/asm/uaccess.h
> index 743f209d3fab..8687ec27dd00 100644
> --- a/arch/arm64/include/asm/uaccess.h
> +++ b/arch/arm64/include/asm/uaccess.h
> @@ -253,10 +255,9 @@ static inline void __user *__uaccess_mask_ptr(const void __user *ptr)
>   * The "__xxx_error" versions set the third argument to -EFAULT if an error
>   * occurs, and leave it unchanged on success.
>   */
> -#define __get_mem_asm(instr, alt_instr, reg, x, addr, err, feature)	\

> +#define __get_mem_asm(ldr, reg, x, addr, err)				\

('ldr' as variable name where you need to output something other than ldr does my head in)


>  	asm volatile(							\
> -	"1:"ALTERNATIVE(instr "     " reg "1, [%2]\n",			\
> -			alt_instr " " reg "1, [%2]\n", feature)		\
> +	"1:	" ldr "	" reg "1, [%2]\n"				\
>  	"2:\n"								\
>  	"	.section .fixup, \"ax\"\n"				\
>  	"	.align	2\n"						\


> @@ -323,10 +320,19 @@ do {									\
>  
>  #define get_user	__get_user
>  
> -#define __put_mem_asm(instr, alt_instr, reg, x, addr, err, feature)	\
> +#define __get_kernel_nofault(dst, src, type, err_label)			\
> +do {									\
> +	int __gkn_err = 0;						\
> +									\
> +	__raw_get_mem("ldr", *((type *)(dst)),				\
> +		      (__force type __user *)(src), __gkn_err);		\

Is the __user needed as you moved __chk_user_ptr() out of __raw_get_mem() in the previous
patch?

(your branch on kernel.org does something different here, not sure if its ahead or behind v4)


> +	if (unlikely(__gkn_err))					\
> +		goto err_label;						\
> +} while(0)


Thanks,

James

More information about the linux-arm-kernel mailing list