From patchwork Wed May 29 07:25:40 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Sebastian Andrzej Siewior X-Patchwork-Id: 10966239 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D3B9576 for ; Wed, 29 May 2019 07:25:51 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B8D5528767 for ; Wed, 29 May 2019 07:25:51 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id ABB3128795; Wed, 29 May 2019 07:25:51 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 15EB928767 for ; Wed, 29 May 2019 07:25:51 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 3E0DF6B026D; Wed, 29 May 2019 03:25:50 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 38EC26B026E; Wed, 29 May 2019 03:25:50 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 27F746B0270; Wed, 29 May 2019 03:25:50 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com [209.85.128.69]) by kanga.kvack.org (Postfix) with ESMTP id D02856B026D for ; Wed, 29 May 2019 03:25:49 -0400 (EDT) Received: by mail-wm1-f69.google.com with SMTP id 20so653194wma.2 for ; Wed, 29 May 2019 00:25:49 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:date:from:to :cc:subject:message-id:references:mime-version:content-disposition :content-transfer-encoding:in-reply-to:user-agent; bh=bomsryVb7O/EfEAtrXt07PzTGwnGlwCL33oL4IAcx5I=; b=smIfBvEl/7xjqlXg8k1eh9OJP93VTj10ornu3qSz7zJa754a2nM3qgsRt6F6vIvF+y rQCwRzDLyBdebtzT2BO+CcPIU5kF9DPrND4LBW5797VCz+F2ID6pbOSQCLLsFmxbiO1x 6YPIg/L/yg0woVk++0zxmSXV4pe/XeG6ZzBOGvJFI71NAweC7T2XRb/a/r79hG4eG/51 NRB5zc7SvzeuUvKIGa31k9WM5zFCKOGnEu5MjQRVYV25Q6pQXUIDup6/AMQonqTbz+Sm 1/otcmv4j+s65n9FKJ5nYf/AbNCcC1xOLLkT318lb2PNIky21L98YvFXzdZeMrsQE+bl Chvg== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of bigeasy@linutronix.de designates 2a01:7a0:2:106d:700::1 as permitted sender) smtp.mailfrom=bigeasy@linutronix.de X-Gm-Message-State: APjAAAX7TNiXLrEuVjz1rlcdZBhgs6SJh7dX+pkKoGCLIaPRBJoCLdUj a+y1W7Upoffk0hAhl2Gc3Vszcv3xi4cfjKGZu8CNAAU9wO4HIzQNIwxMRVML+btQKMDdQvvFpvH 3AVbNabCMDij1FPRSqLuNuEY6q0igx6LWxAyIxfeNRJc38cvtviK+xDZuqk4wVKG1VQ== X-Received: by 2002:a7b:c344:: with SMTP id l4mr5664747wmj.25.1559114749375; Wed, 29 May 2019 00:25:49 -0700 (PDT) X-Google-Smtp-Source: APXvYqx5Hf9ddfgdVr8UXBOdqZHxGnpVHzont+NThK7hLxYew2LePwn+zJRlrWfE/D4ogxjHFrFA X-Received: by 2002:a7b:c344:: with SMTP id l4mr5664700wmj.25.1559114748343; Wed, 29 May 2019 00:25:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559114748; cv=none; d=google.com; s=arc-20160816; b=zGfJvO87BfbkYXLdz3D5viTU09KfR1SayzknYfhin9x7OkX4qcCMCsdneTJyPgsMwO DZFDH/Sofwlsm+8i9z6labLGAzyUh/LBHZonLfWQuyVq27DQUEJWpzNrOYKd5gMMomDn A5lLOD0Z24mh9vbYa61SKQX4tU+Y+fII4Si0iCEtZopjVHKSsiWU93ufnm6wZnC1moBP pPRna2UpKlc9FMo59cFDOMa+Exy9cICBwbEeVrJu+gQ/883+kPkQWEF8h1SVw7gkeTj1 cliGO56EkZJhtysA2LmSuTwtpXJEHQZ8CJId3EJoc1ZOh+Dma5TvRJt/+6/kPB3Rfj1p 6v4w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=user-agent:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=bomsryVb7O/EfEAtrXt07PzTGwnGlwCL33oL4IAcx5I=; b=uoVxqZCgBwUTJaJgeQfPflyeNJUxjTef6gCAy4XjG5Bc/l8HwZbG+RZCqrnVKNa8Zf fvzHoVcqK/jdKDMlWG3BxBJage//H09x2amoZYusWUDRtYWOfkAaSlAlq1W3REPS52se m+W/ZB7Tx7cz4xf7yE8YYJTRA86vLLqA2eEr/OvuO5QagTtWHX5VasB69pUGShrRv15i +cRdvPy2XKzyMaP3wBhzHa47+gxB1VzHclgWmKUlawHpA51Vci+086S76L2GwFdtvGJ6 27O6C7YLSlLo7u5WEcvVgEF0U9I+FX2bBEESXVV+FPukNRwJbZ2gfWdAk2DMZQD3f5Vm SAWQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of bigeasy@linutronix.de designates 2a01:7a0:2:106d:700::1 as permitted sender) smtp.mailfrom=bigeasy@linutronix.de Received: from Galois.linutronix.de (Galois.linutronix.de. [2a01:7a0:2:106d:700::1]) by mx.google.com with ESMTPS id x23si2893705wrd.77.2019.05.29.00.25.48 for (version=TLS1_2 cipher=AES128-SHA bits=128/128); Wed, 29 May 2019 00:25:48 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of bigeasy@linutronix.de designates 2a01:7a0:2:106d:700::1 as permitted sender) client-ip=2a01:7a0:2:106d:700::1; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of bigeasy@linutronix.de designates 2a01:7a0:2:106d:700::1 as permitted sender) smtp.mailfrom=bigeasy@linutronix.de Received: from bigeasy by Galois.linutronix.de with local (Exim 4.80) (envelope-from ) id 1hVsxw-0002SA-HC; Wed, 29 May 2019 09:25:40 +0200 Date: Wed, 29 May 2019 09:25:40 +0200 From: Sebastian Andrzej Siewior To: Andrew Morton Cc: Hugh Dickins , x86@kernel.org, Mike Rapoport , Andrea Arcangeli , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Borislav Petkov , Pavel Machek , Dave Hansen Subject: [PATCH v2] x86/fpu: Use fault_in_pages_writeable() for pre-faulting Message-ID: <20190529072540.g46j4kfeae37a3iu@linutronix.de> References: <20190526173325.lpt5qtg7c6rnbql5@linutronix.de> <20190528211826.0fa593de5f2c7480357d3ca5@linux-foundation.org> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20190528211826.0fa593de5f2c7480357d3ca5@linux-foundation.org> User-Agent: NeoMutt/20180716 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Hugh Dickins Since commit d9c9ce34ed5c8 ("x86/fpu: Fault-in user stack if copy_fpstate_to_sigframe() fails") we use get_user_pages_unlocked() to pre-faulting user's memory if a write generates a pagefault while the handler is disabled. This works in general and uncovered a bug as reported by Mike Rapoport. It has been pointed out that this function may be fragile and a simple pre-fault as in fault_in_pages_writeable() would be a better solution. Better as in taste and simplicity: That write (as performed by the alternative function) performs exactly the same faulting of memory that we had before. This was suggested by Hugh Dickins and Andrew Morton. Use fault_in_pages_writeable() for pre-faulting of user's stack. Fixes: d9c9ce34ed5c8 ("x86/fpu: Fault-in user stack if copy_fpstate_to_sigframe() fails") Suggested-by: Andrew Morton Signed-off-by: Hugh Dickins [bigeasy: patch description] Signed-off-by: Sebastian Andrzej Siewior Tested-by: Chris Wilson --- v1…v2: Added a Fixes tag. arch/x86/kernel/fpu/signal.c | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/arch/x86/kernel/fpu/signal.c b/arch/x86/kernel/fpu/signal.c index 5a8d118bc423e..060d6188b4533 100644 --- a/arch/x86/kernel/fpu/signal.c +++ b/arch/x86/kernel/fpu/signal.c @@ -5,6 +5,7 @@ #include #include +#include #include #include @@ -189,15 +190,7 @@ int copy_fpstate_to_sigframe(void __user *buf, void __user *buf_fx, int size) fpregs_unlock(); if (ret) { - int aligned_size; - int nr_pages; - - aligned_size = offset_in_page(buf_fx) + fpu_user_xstate_size; - nr_pages = DIV_ROUND_UP(aligned_size, PAGE_SIZE); - - ret = get_user_pages_unlocked((unsigned long)buf_fx, nr_pages, - NULL, FOLL_WRITE); - if (ret == nr_pages) + if (!fault_in_pages_writeable(buf_fx, fpu_user_xstate_size)) goto retry; return -EFAULT; }