[PATCH] RFC: riscv: evaluate put_user() arg before enabling user access
Ben Dooks
ben.dooks at codethink.co.uk
Thu Mar 18 23:46:24 GMT 2021
On 18/03/2021 22:48, Arnd Bergmann wrote:
> On Thu, Mar 18, 2021 at 11:41 PM Ben Dooks <ben.dooks at codethink.co.uk> wrote:
>>
>> The <asm/uaccess.h> header has a problem with
>> put_user(a, ptr) if the 'a' is not a simple
>> variable, such as a function. This can lead
>> to the compiler producing code as so:
>>
>> 1: enable_user_access()
>> 2: evaluate 'a'
>> 3: put 'a' to 'ptr'
>> 4: disable_user_acess()
>>
>> The issue is that 'a' is now being evaluated
>> with the user memory protections disabled. So
>> we try and force the evaulation by assinging
>> 'x' to __val at the start, and hoping the
>> compiler barriers in enable_user_access()
>> do the job of ordering step 2 before step 1.
>>
>> This has shown up in a bug where 'a' sleeps
>> and thus schedules out and loses the SR_SUM
>> flag. This isn't sufficient to fully fix, but
>> should reduce the window of opportunity.
>>
>> Cc: Arnd Bergman <arnd at arndb.de>
>
> Reviewed-by: Arnd Bergman <arnd at arndb.de>
>
> Note: your Signed-off-by seems to be missing.
Sorry, forgot as was intending smaller RFC release.
Thanks for the help sorting out the compile issues
I need to review the patch description anyway and make it flow
closer to 73 columns instead of the rather truncated version it is.
--
Ben Dooks http://www.codethink.co.uk/
Senior Engineer Codethink - Providing Genius
https://www.codethink.co.uk/privacy.html
More information about the linux-riscv
mailing list