* [PATCH] MIPS: get_user: set the parameter @x to zero on error
@ 2014-11-18 6:34 ` bin.jiang
0 siblings, 0 replies; 5+ messages in thread
From: bin.jiang @ 2014-11-18 6:34 UTC (permalink / raw)
To: linux-mips; +Cc: bin.jiang, ralf
From: Bin Jiang <bin.jiang@windriver.com>
The following compile warning is caused to use uninitialized variables:
fs/compat_ioctl.c: In function 'compat_SyS_ioctl':
arch/mips/include/asm/uaccess.h:451:2: warning: 'length' may be used \
uninitialized in this function [-Wmaybe-uninitialized]
__asm__ __volatile__( \
^
fs/compat_ioctl.c:208:6: note: 'length' was declared here
int length, err;
^
In get_user function, the parameter @x is used to store result. If the
function return error, the @x won't be set and cause above warning.
According to the description of get_user function, the parameter @x should
be set to zero on error.
Signed-off-by: Bin Jiang <bin.jiang@windriver.com>
---
arch/mips/include/asm/uaccess.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/mips/include/asm/uaccess.h b/arch/mips/include/asm/uaccess.h
index a109510..07e9755 100644
--- a/arch/mips/include/asm/uaccess.h
+++ b/arch/mips/include/asm/uaccess.h
@@ -301,7 +301,8 @@ do { \
__get_kernel_common((x), size, __gu_ptr); \
else \
__get_user_common((x), size, __gu_ptr); \
- } \
+ } else \
+ (x) = (__typeof__(*(ptr)))0; \
\
__gu_err; \
})
--
1.7.10.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH] MIPS: get_user: set the parameter @x to zero on error
@ 2014-11-18 6:34 ` bin.jiang
0 siblings, 0 replies; 5+ messages in thread
From: bin.jiang @ 2014-11-18 6:34 UTC (permalink / raw)
To: linux-mips; +Cc: bin.jiang, ralf
From: Bin Jiang <bin.jiang@windriver.com>
The following compile warning is caused to use uninitialized variables:
fs/compat_ioctl.c: In function 'compat_SyS_ioctl':
arch/mips/include/asm/uaccess.h:451:2: warning: 'length' may be used \
uninitialized in this function [-Wmaybe-uninitialized]
__asm__ __volatile__( \
^
fs/compat_ioctl.c:208:6: note: 'length' was declared here
int length, err;
^
In get_user function, the parameter @x is used to store result. If the
function return error, the @x won't be set and cause above warning.
According to the description of get_user function, the parameter @x should
be set to zero on error.
Signed-off-by: Bin Jiang <bin.jiang@windriver.com>
---
arch/mips/include/asm/uaccess.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/mips/include/asm/uaccess.h b/arch/mips/include/asm/uaccess.h
index a109510..07e9755 100644
--- a/arch/mips/include/asm/uaccess.h
+++ b/arch/mips/include/asm/uaccess.h
@@ -301,7 +301,8 @@ do { \
__get_kernel_common((x), size, __gu_ptr); \
else \
__get_user_common((x), size, __gu_ptr); \
- } \
+ } else \
+ (x) = (__typeof__(*(ptr)))0; \
\
__gu_err; \
})
--
1.7.10.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH] MIPS: get_user: set the parameter @x to zero on error
2014-11-18 6:34 ` bin.jiang
(?)
@ 2014-11-18 11:22 ` Ralf Baechle
2014-11-18 17:19 ` Ralf Baechle
-1 siblings, 1 reply; 5+ messages in thread
From: Ralf Baechle @ 2014-11-18 11:22 UTC (permalink / raw)
To: bin.jiang; +Cc: linux-mips
On Tue, Nov 18, 2014 at 02:34:56PM +0800, bin.jiang@windriver.com wrote:
> From: Bin Jiang <bin.jiang@windriver.com>
>
> The following compile warning is caused to use uninitialized variables:
>
> fs/compat_ioctl.c: In function 'compat_SyS_ioctl':
> arch/mips/include/asm/uaccess.h:451:2: warning: 'length' may be used \
> uninitialized in this function [-Wmaybe-uninitialized]
> __asm__ __volatile__( \
> ^
> fs/compat_ioctl.c:208:6: note: 'length' was declared here
> int length, err;
> ^
>
> In get_user function, the parameter @x is used to store result. If the
> function return error, the @x won't be set and cause above warning.
>
> According to the description of get_user function, the parameter @x should
> be set to zero on error.
You're not the first to send such a patch, see
http://patchwork.linux-mips.org/patch/1307/
However I've hesistated to apply the previous patch which only claimed to
resolve a warning because __get_user and get_user get expanded very often
in the kernel so a small innocent looking change like this results in a
surprisingly large bloat.
A smart compiler will reorder this:
int x;
if (...) {
...
} else
x = 0;
into:
int x = 0;
if (...) {
...
}
Which avoids the branches otherwise necessary for the else construct. However
both the original and your patch fail to take care of the case where the
if is taken but __get_user_asm aborts due to an inaccessible fault.
That case is only fixed by manually doing above reordering - a compiler can't
know that the inline assembler won't assign anything in that case.
The comment btw was cut and paste and - blame me - it seems I failed to read
what it promises about @x for the error case; I had implemented get_user under
the assumption that the returned value was undefined in case of an -EFAULT
error.
Thanks for reporting this!
Ralf
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] MIPS: get_user: set the parameter @x to zero on error
2014-11-18 11:22 ` Ralf Baechle
@ 2014-11-18 17:19 ` Ralf Baechle
2014-11-18 20:48 ` Ralf Baechle
0 siblings, 1 reply; 5+ messages in thread
From: Ralf Baechle @ 2014-11-18 17:19 UTC (permalink / raw)
To: bin.jiang; +Cc: linux-mips
On Tue, Nov 18, 2014 at 12:22:59PM +0100, Ralf Baechle wrote:
> On Tue, Nov 18, 2014 at 02:34:56PM +0800, bin.jiang@windriver.com wrote:
>
> > From: Bin Jiang <bin.jiang@windriver.com>
> >
> > The following compile warning is caused to use uninitialized variables:
> >
> > fs/compat_ioctl.c: In function 'compat_SyS_ioctl':
> > arch/mips/include/asm/uaccess.h:451:2: warning: 'length' may be used \
> > uninitialized in this function [-Wmaybe-uninitialized]
> > __asm__ __volatile__( \
> > ^
> > fs/compat_ioctl.c:208:6: note: 'length' was declared here
> > int length, err;
> > ^
> >
> > In get_user function, the parameter @x is used to store result. If the
> > function return error, the @x won't be set and cause above warning.
> >
> > According to the description of get_user function, the parameter @x should
> > be set to zero on error.
>
> You're not the first to send such a patch, see
>
> http://patchwork.linux-mips.org/patch/1307/
>
> However I've hesistated to apply the previous patch which only claimed to
> resolve a warning because __get_user and get_user get expanded very often
> in the kernel so a small innocent looking change like this results in a
> surprisingly large bloat.
>
> A smart compiler will reorder this:
>
> int x;
>
> if (...) {
> ...
> } else
> x = 0;
>
> into:
>
> int x = 0;
>
> if (...) {
> ...
> }
>
> Which avoids the branches otherwise necessary for the else construct. However
> both the original and your patch fail to take care of the case where the
> if is taken but __get_user_asm aborts due to an inaccessible fault.
>
> That case is only fixed by manually doing above reordering - a compiler can't
> know that the inline assembler won't assign anything in that case.
>
> The comment btw was cut and paste and - blame me - it seems I failed to read
> what it promises about @x for the error case; I had implemented get_user under
> the assumption that the returned value was undefined in case of an -EFAULT
> error.
>
> Thanks for reporting this!
On a closer look my proposed solution has issues if the expression to be
assigned to has side effects, say for something like
get_user(array[index++], ptr);
so I came back to the solution you had proposed initially. Still as mentioned
in my previous email that leaves the case unsolved where access_ok() succeeds
but the load from userland then causes a fault. So combining the two things
I ended up with below patch.
The 64 bit loads from user space for 32 bit kernel were already zeroing the
register in the fixup code. For these loads there was the interesting
special case were one of the loads might succeed, the other one fault. This
behavious was obviously least useful, hence the clearing of the destination
register.
Ralf
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
arch/mips/include/asm/uaccess.h | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/arch/mips/include/asm/uaccess.h b/arch/mips/include/asm/uaccess.h
index 826329f..c034ce3 100644
--- a/arch/mips/include/asm/uaccess.h
+++ b/arch/mips/include/asm/uaccess.h
@@ -301,7 +301,8 @@ do { \
__get_kernel_common((x), size, __gu_ptr); \
else \
__get_user_common((x), size, __gu_ptr); \
- } \
+ } else \
+ (x) = 0; \
\
__gu_err; \
})
@@ -316,6 +317,7 @@ do { \
" .insn \n" \
" .section .fixup,\"ax\" \n" \
"3: li %0, %4 \n" \
+ " move %0, $0 \n" \
" j 2b \n" \
" .previous \n" \
" .section __ex_table,\"a\" \n" \
@@ -630,6 +632,7 @@ do { \
" .insn \n" \
" .section .fixup,\"ax\" \n" \
"3: li %0, %4 \n" \
+ " move %1, $zero \n" \
" j 2b \n" \
" .previous \n" \
" .section __ex_table,\"a\" \n" \
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH] MIPS: get_user: set the parameter @x to zero on error
2014-11-18 17:19 ` Ralf Baechle
@ 2014-11-18 20:48 ` Ralf Baechle
0 siblings, 0 replies; 5+ messages in thread
From: Ralf Baechle @ 2014-11-18 20:48 UTC (permalink / raw)
To: bin.jiang; +Cc: linux-mips
On Tue, Nov 18, 2014 at 06:19:48PM +0100, Ralf Baechle wrote:
FWIW, I dove into the history of this. The issue got introduced in
4feb8f8f ([MIPS] Bullet proof uaccess.h against 4.0.1 miss-compilation.),
then backported to 2.4.
Ralf
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2014-11-18 20:48 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-11-18 6:34 [PATCH] MIPS: get_user: set the parameter @x to zero on error bin.jiang
2014-11-18 6:34 ` bin.jiang
2014-11-18 11:22 ` Ralf Baechle
2014-11-18 17:19 ` Ralf Baechle
2014-11-18 20:48 ` Ralf Baechle
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.