From patchwork Sat Dec 16 03:35:48 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kent Overstreet X-Patchwork-Id: 13495441 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 741ABC4332F for ; Sat, 16 Dec 2023 03:36:15 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 1470D8D015F; Fri, 15 Dec 2023 22:36:13 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id F00518D015C; Fri, 15 Dec 2023 22:36:12 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D54228D015F; Fri, 15 Dec 2023 22:36:12 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id B99438D015C for ; Fri, 15 Dec 2023 22:36:12 -0500 (EST) Received: from smtpin14.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 9AC04A0578 for ; Sat, 16 Dec 2023 03:36:12 +0000 (UTC) X-FDA: 81571268184.14.940E4ED Received: from out-189.mta1.migadu.com (out-189.mta1.migadu.com [95.215.58.189]) by imf03.hostedemail.com (Postfix) with ESMTP id C184520002 for ; Sat, 16 Dec 2023 03:36:10 +0000 (UTC) Authentication-Results: imf03.hostedemail.com; dkim=pass header.d=linux.dev header.s=key1 header.b=k2LqHjje; spf=pass (imf03.hostedemail.com: domain of kent.overstreet@linux.dev designates 95.215.58.189 as permitted sender) smtp.mailfrom=kent.overstreet@linux.dev; dmarc=pass (policy=none) header.from=linux.dev ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1702697771; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=vu1t9phxzTSXpH+NH5TjLwnssQckaKv/rd6AdxtJ6QU=; b=NoHsP+WrZiZCeltxMeAYofE/1f/5jCndn+v/ucnESNhDxhKtn9aaK+p5AJCoeScaCBueXm 2EFfZD6ktQAkgzJIHHTCmMkBrNSeF9aGqG+c033vaRE0JSrBRkbxDAW88kmA1A5jFQCtOt DNcJjfAoP9Dq9sVeogJyDzR0dQagGpM= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1702697771; a=rsa-sha256; cv=none; b=sd1xf/brjSJJ99bu237VPBsfhxAvCiVbbv+esvaNQ3QZJ+A7WJkmRJ2ur1NaSaH5yhZJHO cQNoYDkzPhaLYWe1xZ3fP9uX5yUDn7V2MrfyjY3ptMMKDtS8aAvC1uQhvr3FNJzk3KMEV7 bIvlWxnAbL12mRbcl/ezZfSPZChFzzQ= ARC-Authentication-Results: i=1; imf03.hostedemail.com; dkim=pass header.d=linux.dev header.s=key1 header.b=k2LqHjje; spf=pass (imf03.hostedemail.com: domain of kent.overstreet@linux.dev designates 95.215.58.189 as permitted sender) smtp.mailfrom=kent.overstreet@linux.dev; dmarc=pass (policy=none) header.from=linux.dev X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1702697769; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=vu1t9phxzTSXpH+NH5TjLwnssQckaKv/rd6AdxtJ6QU=; b=k2LqHjjeXyWQcZtEDT3qPwqJuVwSn31XJPGOmS7I+9BpmD0M3wsbYtMoHVlHz4TYub/KKS DPM8Vz6e/Sk8rDIrenfyToVzwzlhXYIAl5YUo7wyNEGYRA0OZmX/Ixpt2NvbKJDE+mxSRw Xhh1YWwCbg1cSQ6BMyxwdiNZZiGXZS4= From: Kent Overstreet To: linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org Cc: Kent Overstreet , tglx@linutronix.de, x86@kernel.org, tj@kernel.org, peterz@infradead.org, mathieu.desnoyers@efficios.com, paulmck@kernel.org, keescook@chromium.org, dave.hansen@linux.intel.com, mingo@redhat.com, will@kernel.org, longman@redhat.com, boqun.feng@gmail.com, brauner@kernel.org Subject: [PATCH 47/50] thread_info, uaccess.h: Move HARDENED_USERCOPY to better location Date: Fri, 15 Dec 2023 22:35:48 -0500 Message-ID: <20231216033552.3553579-4-kent.overstreet@linux.dev> In-Reply-To: <20231216033552.3553579-1-kent.overstreet@linux.dev> References: <20231216024834.3510073-1-kent.overstreet@linux.dev> <20231216033552.3553579-1-kent.overstreet@linux.dev> MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-Rspamd-Queue-Id: C184520002 X-Rspam-User: X-Stat-Signature: iehbrdqwj45a44xg3g55abbhgnginfus X-Rspamd-Server: rspam03 X-HE-Tag: 1702697770-414018 X-HE-Meta: U2FsdGVkX1/ZcIIuENPGVMUxsRKU4AIkrBdLPG/jYl7ZHw7HJQVfZumamOjW0rjQKuB8OBZLT3ybNzJtzpGHjlvVrQpAnUwZk1hXjTHeLHWNnnyaYLDQc+zwtqlUExhRClE/+J7ibMNBAoZReWGUpt60n/Z/75Irm7wHDB4tDSv0zCYa1rc7whU1r0lnWqH91gUA33fOgqstadN0BnzxZHGMAlM3KaCDwM5EJOAhU7TsqxLEtPJWpNUMWx4DLzmHAekq6SdM3umH23sxU/T3/ZnNEkPVq++PuDXDAibwH2FV4PvIxXG8Z4EDsQAqRK6rqK4h1vjpclPexf8FOjaOkHELuGj6XdnKXwf4XJ8A8qA9fURhIRgB0cRnVW6wok8R4fPwROE+oja0XO/qrjnsCzFXC++ucAaKyJ7DjMm91IR16pQjVxuc7hOlvGgaBMPqT+jN3Ftw5dvoCtsa0K7Dv/XZVc8hpFbqc6AJWVDVfYkP3drupeS0CIIFJqmpzHqg/orlqSxk6AyygwG37ZPEUJ9TOJQ6iu3YWLEgBnCKx/+oBUHNCj2UXhHbKrTOmGzzpbM9lbsi3gZ2wDmbndtMLKME9KJDqHcFLTD5/9FCgrC9V23an6oshpAoEjiFUXYbaWc8C/RB6cHjkezMZxNjMyFAi57qhc54aJalW56vGjGhIDfVEdk+7At/acy7/gBTFTGWmmoGkXIQvlevNEKAqIlF3peSW91knaiD4FQhF6aDogPCPZmxrxsYsJvFvu25zwwFA3JJ85opGen26kNua17eBhMcjAuG8wuaTtOI04sCdjv8Cgpwj9us2Dl9UupTcLb/Z4leJKBYgoDBYjVrUL9h1AR0XHmViCAz3ZVwh9TqqrG8wotwKFxyxl5E4UDPRs1AuuCXzNl9HHjUq3RCYOulRsUuazOw2qNBYHxeOgDrfyDSK+qeRuTKi1BfXg8ScPqT9UB8wBmX1nvsMNb ZSs2VtdG hRQvZ2HiPozha93FU9Tew/jt4hRVoWqsK8K+CbohCyeuZtGIgn7OnYOpnylYTwJGIXP0zNe8md0gXu/WhKtqINVvl6+OxewURS/Qi3u33EURl2vEJJlNAUoK9gcRfK05sxpYLki8jwu2aYrI8xtwPFoGpfGGM/K4V12eW5DeDGi+HQ6uFrK6ieea3/E9KDVbdIpKI1MrF5tuyoI0= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: thread_info.h is needed by sched.h, and we're trying to slim down dependencies there - bug.h is a big one. And the HARDENED_USERCOPY stuff is used in uaccess.h, so it makes more sense there anyways. Signed-off-by: Kent Overstreet --- include/linux/thread_info.h | 49 ------------------------------------- include/linux/uaccess.h | 49 +++++++++++++++++++++++++++++++++++++ include/linux/uio.h | 2 +- 3 files changed, 50 insertions(+), 50 deletions(-) diff --git a/include/linux/thread_info.h b/include/linux/thread_info.h index 9ea0b28068f4..85d99c556cb5 100644 --- a/include/linux/thread_info.h +++ b/include/linux/thread_info.h @@ -10,7 +10,6 @@ #include #include -#include #include #include @@ -204,54 +203,6 @@ static inline int arch_within_stack_frames(const void * const stack, } #endif -#ifdef CONFIG_HARDENED_USERCOPY -extern void __check_object_size(const void *ptr, unsigned long n, - bool to_user); - -static __always_inline void check_object_size(const void *ptr, unsigned long n, - bool to_user) -{ - if (!__builtin_constant_p(n)) - __check_object_size(ptr, n, to_user); -} -#else -static inline void check_object_size(const void *ptr, unsigned long n, - bool to_user) -{ } -#endif /* CONFIG_HARDENED_USERCOPY */ - -extern void __compiletime_error("copy source size is too small") -__bad_copy_from(void); -extern void __compiletime_error("copy destination size is too small") -__bad_copy_to(void); - -void __copy_overflow(int size, unsigned long count); - -static inline void copy_overflow(int size, unsigned long count) -{ - if (IS_ENABLED(CONFIG_BUG)) - __copy_overflow(size, count); -} - -static __always_inline __must_check bool -check_copy_size(const void *addr, size_t bytes, bool is_source) -{ - int sz = __builtin_object_size(addr, 0); - if (unlikely(sz >= 0 && sz < bytes)) { - if (!__builtin_constant_p(bytes)) - copy_overflow(sz, bytes); - else if (is_source) - __bad_copy_from(); - else - __bad_copy_to(); - return false; - } - if (WARN_ON_ONCE(bytes > INT_MAX)) - return false; - check_object_size(addr, bytes, is_source); - return true; -} - #ifndef arch_setup_new_exec static inline void arch_setup_new_exec(void) { } #endif diff --git a/include/linux/uaccess.h b/include/linux/uaccess.h index 3064314f4832..3e93ee64d6f8 100644 --- a/include/linux/uaccess.h +++ b/include/linux/uaccess.h @@ -2,6 +2,7 @@ #ifndef __LINUX_UACCESS_H__ #define __LINUX_UACCESS_H__ +#include #include #include #include @@ -32,6 +33,54 @@ }) #endif +#ifdef CONFIG_HARDENED_USERCOPY +extern void __check_object_size(const void *ptr, unsigned long n, + bool to_user); + +static __always_inline void check_object_size(const void *ptr, unsigned long n, + bool to_user) +{ + if (!__builtin_constant_p(n)) + __check_object_size(ptr, n, to_user); +} +#else +static inline void check_object_size(const void *ptr, unsigned long n, + bool to_user) +{ } +#endif /* CONFIG_HARDENED_USERCOPY */ + +extern void __compiletime_error("copy source size is too small") +__bad_copy_from(void); +extern void __compiletime_error("copy destination size is too small") +__bad_copy_to(void); + +void __copy_overflow(int size, unsigned long count); + +static inline void copy_overflow(int size, unsigned long count) +{ + if (IS_ENABLED(CONFIG_BUG)) + __copy_overflow(size, count); +} + +static __always_inline __must_check bool +check_copy_size(const void *addr, size_t bytes, bool is_source) +{ + int sz = __builtin_object_size(addr, 0); + if (unlikely(sz >= 0 && sz < bytes)) { + if (!__builtin_constant_p(bytes)) + copy_overflow(sz, bytes); + else if (is_source) + __bad_copy_from(); + else + __bad_copy_to(); + return false; + } + if (WARN_ON_ONCE(bytes > INT_MAX)) + return false; + check_object_size(addr, bytes, is_source); + return true; +} + /* * Architectures should provide two primitives (raw_copy_{to,from}_user()) * and get rid of their private instances of copy_{to,from}_user() and diff --git a/include/linux/uio.h b/include/linux/uio.h index b6214cbf2a43..084262b68106 100644 --- a/include/linux/uio.h +++ b/include/linux/uio.h @@ -6,7 +6,7 @@ #define __LINUX_UIO_H #include -#include +#include #include #include