From patchwork Thu Sep  7 15:30:47 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Kees Cook <keescook@chromium.org>
X-Patchwork-Id: 9942435
Return-Path: 
 <linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	97F92604D5 for <patchwork-linux-arm@patchwork.kernel.org>;
	Thu,  7 Sep 2017 15:31:53 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9FEF628724
	for <patchwork-linux-arm@patchwork.kernel.org>;
	Thu,  7 Sep 2017 15:31:53 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 9497328726; Thu,  7 Sep 2017 15:31:53 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1
Received: from bombadil.infradead.org (bombadil.infradead.org
	[65.50.211.133])
	(using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 1DD2E2873B
	for <patchwork-linux-arm@patchwork.kernel.org>;
	Thu,  7 Sep 2017 15:31:52 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20170209; h=Sender:
	Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe:
	List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References:
	In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID:
	Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
	:Resent-Message-ID:List-Owner;
	bh=MZnS4ehL25E4PVdcVo1hrZewOmgI9xzBo7rczXjjzf8=;
	b=JjZywasLdO22+IutR7kixDjdAO
	bqZezBjSsT8EaEQVfIdMTT6G3TVoJluvw81a+U5OFIq/t3k7/4UAt/L1FScThoD2bp4xqll2ZCvtm
	/5Usv2cpStlzt6Legfal108BrVS9Gdbn3hTLgeaufvlhxrnF3Npoko8PkkXf1CTPUfkPthYleeLOT
	MB/YZrr5LxJH726K7JFcJ8nXyPNudCw8AbUkuF7gWhrthqwMKYH/ZFBRJc+i9X37gL5q8AS/jM+fS
	cbAqrFTWzR7gXcR3Xr/SaEFUZQfnSZTzHNL90I5nQQI7Uu1GPnczCoYkvWvy2rN2S0FgpYh9AV1Rl
	OFf5KgUA==;
Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.87 #1 (Red Hat Linux))
	id 1dpymR-0003Fj-EB; Thu, 07 Sep 2017 15:31:47 +0000
Received: from mail-pg0-x229.google.com ([2607:f8b0:400e:c05::229])
	by bombadil.infradead.org with esmtps (Exim 4.87 #1 (Red Hat Linux))
	id 1dpym3-0003BJ-0n for linux-arm-kernel@lists.infradead.org;
	Thu, 07 Sep 2017 15:31:24 +0000
Received: by mail-pg0-x229.google.com with SMTP id m9so107762pgd.3
	for <linux-arm-kernel@lists.infradead.org>;
	Thu, 07 Sep 2017 08:31:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org;
	s=google;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=xX51d9Dh56Y5Wkg7W7ArKtNZgt1NUjO75Lei0S2Gkl8=;
	b=oXZhgZ72ATSyCLM9ENGTvV2359J9KyIlOBWynlATZ/lLx1R6xHDhk97BNwg9ruWMQh
	7l+kWc4CcyQHv5aNBsO2myVXflmpP0z57EUTDqTP0U9uCMjcUcsl6xR9/cn5/II6fMS4
	VXZgfn7EEKR28SUd+/EbiT1CXFpr1UnEBbqaQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=xX51d9Dh56Y5Wkg7W7ArKtNZgt1NUjO75Lei0S2Gkl8=;
	b=HBOiCa6HXvwXLHrOZRDMWuvhejZQpHHdk1YpqqEOJuURx67J71Oowplh1zOojqSOTi
	G6pFcqpu1+FR4VuBos/pllxmaIyMbd+mrOqD/F0Y5Rx/0dAAdJTiMO1htEb6gUkqFglI
	5Fsd/uyn2dBNCzNIMnJKJhzkARd8U7C/xtSxup0fHP725P/CzDmXdE4qnd0U5M8c9lHx
	q55tZ78GmP+QkThQqfMUQkjbCo0TBmxS83ZaH//j3iqqs+M0PJJ2pZldtGSe3CVoqHIH
	v6gdQr77xXedTQAjRMQZbugtku0lQEylcA9QevrKl78JnSWVu5+ej0ZM2uzrIY7LyYVw
	QVLg==
X-Gm-Message-State: AHPjjUju1Fz6d3RIw2/LDelmPE6GEWSq7xtKHKFofGPjlVUPZLE+XHPZ
	0cv+1K2z5MbLUYqe
X-Google-Smtp-Source: 
 ADKCNb6nRQO2i8ocVyO9w6nk+UkV5p5Io0NrpXQcHekeabRmdvjeRZ0iHhYbICZbAKAXU64pZAIQMQ==
X-Received: by 10.99.117.91 with SMTP id f27mr3049533pgn.376.1504798261168;
	Thu, 07 Sep 2017 08:31:01 -0700 (PDT)
Received: from www.outflux.net
	(173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133])
	by smtp.gmail.com with ESMTPSA id
	i84sm5492550pfj.105.2017.09.07.08.30.58
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Thu, 07 Sep 2017 08:30:58 -0700 (PDT)
From: Kees Cook <keescook@chromium.org>
To: Ingo Molnar <mingo@kernel.org>
Subject: [PATCH 4/4] arm64/syscalls: Move address limit check in loop
Date: Thu,  7 Sep 2017 08:30:47 -0700
Message-Id: <1504798247-48833-5-git-send-email-keescook@chromium.org>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1504798247-48833-1-git-send-email-keescook@chromium.org>
References: <1504798247-48833-1-git-send-email-keescook@chromium.org>
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20170907_083123_098963_76B0CA34 
X-CRM114-Status: GOOD (  13.49  )
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
	<mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
	<mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Cc: Pratyush Anand <panand@redhat.com>, linux-kernel@vger.kernel.org,
	Will Drewry <wad@chromium.org>, Kees Cook <keescook@chromium.org>,
	Arnd Bergmann <arnd@arndb.de>,
	Catalin Marinas <catalin.marinas@arm.com>,
	Will Deacon <will.deacon@arm.com>, Russell King <linux@armlinux.org.uk>,
	Andy Lutomirski <luto@amacapital.net>,
	David Howells <dhowells@redhat.com>,
	Dave Hansen <dave.hansen@intel.com>, Al Viro <viro@zeniv.linux.org.uk>,
	linux-api@vger.kernel.org, Yonghong Song <yhs@fb.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Thomas Garnier <thgarnie@google.com>,
	linux-arm-kernel@lists.infradead.org, Dave Martin <Dave.Martin@arm.com>
MIME-Version: 1.0
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org
X-Virus-Scanned: ClamAV using ClamSMTP

From: Thomas Garnier <thgarnie@google.com>

A bug was reported on ARM where set_fs might be called after it was
checked on the work pending function. ARM64 is not affected by this bug
but has a similar construct. In order to avoid any similar problems in
the future, the addr_limit_user_check function is moved at the beginning
of the loop.

Fixes: cf7de27ab351 ("arm64/syscalls: Check address limit on user-mode return")
Reported-by: Leonard Crestez <leonard.crestez@nxp.com>
Signed-off-by: Thomas Garnier <thgarnie@google.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
---
 arch/arm64/kernel/signal.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/arch/arm64/kernel/signal.c b/arch/arm64/kernel/signal.c
index c45214f8fb54..0bdc96c61bc0 100644
--- a/arch/arm64/kernel/signal.c
+++ b/arch/arm64/kernel/signal.c
@@ -751,10 +751,10 @@ asmlinkage void do_notify_resume(struct pt_regs *regs,
 	 */
 	trace_hardirqs_off();
 
-	/* Check valid user FS if needed */
-	addr_limit_user_check();
-
 	do {
+		/* Check valid user FS if needed */
+		addr_limit_user_check();
+
 		if (thread_flags & _TIF_NEED_RESCHED) {
 			schedule();
 		} else {