From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.8 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 24447C388F9 for ; Thu, 22 Oct 2020 16:36:52 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id A1BAB2463F for ; Thu, 22 Oct 2020 16:36:51 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="zxo28P5s" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org A1BAB2463F Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=ACULAB.COM Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:MIME-Version:In-Reply-To:References:Message-ID:Date: Subject:To:From:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=M58H0HLgVY2i6ZuYsvl+0A52w4THw6F5nfVIeSwg3tI=; b=zxo28P5sf9RblrG8l2/s8TjaY 9GigaSplIIjrR7z0aAuhZqjdcL4iTnTRL3dzRukMUZ505qOiqQR/4nhYM5Bd21CCW9cAl0zcDVOul ES+VuvrMTkbC/ww04aLN21EEC5Na4fTmvkppfeefqSLLS22acqGsX+Aa/OI1sz6G2e4x8k9gJsAOJ B8dqq3oz3dPsVtSwsU1D0+CPv02cSFSIwBw+3wtCofHx2jK0tGgJ6CMwDdeT5FpxcDukZwwqk3zYN vj9nKXcqfq3ZpETqVJRxi8EzJzfxbyX9oXasq9GPzUAcTSxQVjLOIOR03F8ioyJNaW5pobX+FXxZ4 OAG2BVMxA==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1kVdYh-0001GD-L0; Thu, 22 Oct 2020 16:35:23 +0000 Received: from eu-smtp-delivery-151.mimecast.com ([207.82.80.151]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1kVdYf-0001FR-Ru for linux-arm-kernel@lists.infradead.org; Thu, 22 Oct 2020 16:35:22 +0000 Received: from AcuMS.aculab.com (156.67.243.126 [156.67.243.126]) (Using TLS) by relay.mimecast.com with ESMTP id uk-mta-276-A1zb3avLNamAEPsIomTLEw-1; Thu, 22 Oct 2020 17:35:18 +0100 X-MC-Unique: A1zb3avLNamAEPsIomTLEw-1 Received: from AcuMS.Aculab.com (fd9f:af1c:a25b:0:43c:695e:880f:8750) by AcuMS.aculab.com (fd9f:af1c:a25b:0:43c:695e:880f:8750) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Thu, 22 Oct 2020 17:35:17 +0100 Received: from AcuMS.Aculab.com ([fe80::43c:695e:880f:8750]) by AcuMS.aculab.com ([fe80::43c:695e:880f:8750%12]) with mapi id 15.00.1347.000; Thu, 22 Oct 2020 17:35:17 +0100 From: David Laight To: 'Christoph Hellwig' , David Hildenbrand Subject: RE: Buggy commit tracked to: "Re: [PATCH 2/9] iov_iter: move rw_copy_check_uvector() into lib/iov_iter.c" Thread-Topic: Buggy commit tracked to: "Re: [PATCH 2/9] iov_iter: move rw_copy_check_uvector() into lib/iov_iter.c" Thread-Index: AQHWqE5GNDfnH4y9nkGWtfqJueR1KKmjTCJQgAAN4UiAAAD2IIAAQY5tgAAwVkA= Date: Thu, 22 Oct 2020 16:35:17 +0000 Message-ID: <8f1fff0c358b4b669d51cc80098dbba1@AcuMS.aculab.com> References: <20201021233914.GR3576660@ZenIV.linux.org.uk> <20201022082654.GA1477657@kroah.com> <80a2e5fa-718a-8433-1ab0-dd5b3e3b5416@redhat.com> <5d2ecb24db1e415b8ff88261435386ec@AcuMS.aculab.com> <20201022090155.GA1483166@kroah.com> <5fd6003b-55a6-2c3c-9a28-8fd3a575ca78@redhat.com> <20201022132342.GB8781@lst.de> In-Reply-To: <20201022132342.GB8781@lst.de> Accept-Language: en-GB, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [10.202.205.107] MIME-Version: 1.0 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=C51A453 smtp.mailfrom=david.laight@aculab.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: aculab.com Content-Language: en-US X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20201022_123522_074238_3AFA65B2 X-CRM114-Status: GOOD ( 17.08 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: "linux-aio@kvack.org" , "linux-mips@vger.kernel.org" , David Howells , "linux-mm@kvack.org" , "keyrings@vger.kernel.org" , "sparclinux@vger.kernel.org" , "linux-arch@vger.kernel.org" , "linux-s390@vger.kernel.org" , "linux-scsi@vger.kernel.org" , "kernel-team@android.com" , Arnd Bergmann , "linux-block@vger.kernel.org" , Al Viro , "io-uring@vger.kernel.org" , "linux-arm-kernel@lists.infradead.org" , Jens Axboe , "linux-parisc@vger.kernel.org" , Greg KH , Nick Desaulniers , "linux-kernel@vger.kernel.org" , "linux-security-module@vger.kernel.org" , "netdev@vger.kernel.org" , "linux-fsdevel@vger.kernel.org" , Andrew Morton , "linuxppc-dev@lists.ozlabs.org" Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org From: Christoph Hellwig > Sent: 22 October 2020 14:24 > > On Thu, Oct 22, 2020 at 11:36:40AM +0200, David Hildenbrand wrote: > > My thinking: if the compiler that calls import_iovec() has garbage in > > the upper 32 bit > > > > a) gcc will zero it out and not rely on it being zero. > > b) clang will not zero it out, assuming it is zero. > > > > But > > > > a) will zero it out when calling the !inlined variant > > b) clang will zero it out when calling the !inlined variant > > > > When inlining, b) strikes. We access garbage. That would mean that we > > have calling code that's not generated by clang/gcc IIUC. > > Most callchains of import_iovec start with the assembly syscall wrappers. Wait... readv(2) defines: ssize_t readv(int fd, const struct iovec *iov, int iovcnt); But the syscall is defined as: SYSCALL_DEFINE3(readv, unsigned long, fd, const struct iovec __user *, vec, unsigned long, vlen) { return do_readv(fd, vec, vlen, 0); } I'm guessing that nothing actually masks the high bits that come from an application that is compiled with clang? The vlen is 'unsigned long' through the first few calls. So unless there is a non-inlined function than takes vlen as 'int' the high garbage bits from userspace are kept. Which makes it a bug in the kernel C syscall wrappers. They need to explicitly mask the high bits of 32bit arguments on arm64 but not x86-64. What does the ARM EABI say about register parameters? David - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales) _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel