From: Akira Tsukamoto <akira.tsukamoto@gmail.com>
To: Paul Walmsley <paul.walmsley@sifive.com>,
Palmer Dabbelt <palmer@dabbelt.com>,
Guenter Roeck <linux@roeck-us.net>,
Geert Uytterhoeven <geert@linux-m68k.org>,
Albert Ou <aou@eecs.berkeley.edu>,
linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org
Subject: [PATCH 1/4] riscv: __asm_copy_to-from_user: Fix: overrun copy
Date: Tue, 20 Jul 2021 17:50:52 +0900 [thread overview]
Message-ID: <415f9adf-8dd6-2467-8e74-0ed9d5cdfed9@gmail.com> (raw)
In-Reply-To: <37097718-c472-025a-2058-55667badc5b9@gmail.com>
There were two causes for the overrun memory access.
The threshold size was too small.
The aligning dst require one SZREG and unrolling word copy requires
8*SZREG, total have to be at least 9*SZREG.
Inside the unrolling copy, the subtracting -(8*SZREG-1) would make
iteration happening one extra loop. Proper value is -(8*SZREG).
Signed-off-by: Akira Tsukamoto <akira.tsukamoto@gmail.com>
---
arch/riscv/lib/uaccess.S | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/arch/riscv/lib/uaccess.S b/arch/riscv/lib/uaccess.S
index bceb0629e440..8bbeca89a93f 100644
--- a/arch/riscv/lib/uaccess.S
+++ b/arch/riscv/lib/uaccess.S
@@ -35,7 +35,7 @@ ENTRY(__asm_copy_from_user)
/*
* Use byte copy only if too small.
*/
- li a3, 8*SZREG /* size must be larger than size in word_copy */
+ li a3, 9*SZREG /* size must be larger than size in word_copy */
bltu a2, a3, .Lbyte_copy_tail
/*
@@ -75,7 +75,7 @@ ENTRY(__asm_copy_from_user)
* a3 - a1 & mask:(SZREG-1)
* t0 - end of aligned dst
*/
- addi t0, t0, -(8*SZREG-1) /* not to over run */
+ addi t0, t0, -(8*SZREG) /* not to over run */
2:
fixup REG_L a4, 0(a1), 10f
fixup REG_L a5, SZREG(a1), 10f
@@ -97,7 +97,7 @@ ENTRY(__asm_copy_from_user)
addi a1, a1, 8*SZREG
bltu a0, t0, 2b
- addi t0, t0, 8*SZREG-1 /* revert to original value */
+ addi t0, t0, 8*SZREG /* revert to original value */
j .Lbyte_copy_tail
.Lshift_copy:
--
2.17.1
_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv
next prev parent reply other threads:[~2021-07-20 8:51 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-20 8:49 [PATCH 0/4] __asm_copy_to-from_user: Fixes Akira Tsukamoto
2021-07-20 8:50 ` Akira Tsukamoto [this message]
2021-07-20 8:51 ` [PATCH 2/4] riscv: __asm_copy_to-from_user: Fix: fail on RV32 Akira Tsukamoto
2021-07-20 9:49 ` Geert Uytterhoeven
2021-07-20 10:18 ` Akira Tsukamoto
2021-07-20 8:52 ` [PATCH 3/4] riscv: __asm_copy_to-from_user: Remove unnecessary size check Akira Tsukamoto
2021-07-20 8:53 ` [PATCH 4/4] riscv: __asm_copy_to-from_user: Fix: Typos in comments Akira Tsukamoto
2021-07-20 9:31 ` [PATCH 0/4] __asm_copy_to-from_user: Fixes Geert Uytterhoeven
2021-07-20 14:19 ` Guenter Roeck
2021-07-21 1:12 ` Qiu Wenbo
2021-07-24 0:58 ` Palmer Dabbelt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=415f9adf-8dd6-2467-8e74-0ed9d5cdfed9@gmail.com \
--to=akira.tsukamoto@gmail.com \
--cc=aou@eecs.berkeley.edu \
--cc=geert@linux-m68k.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-riscv@lists.infradead.org \
--cc=linux@roeck-us.net \
--cc=palmer@dabbelt.com \
--cc=paul.walmsley@sifive.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox