From: Ben Dooks <ben.dooks@codethink.co.uk>
To: Arnd Bergmann <arnd@arndb.de>
Cc: Paul Walmsley <paul.walmsley@sifive.com>,
Palmer Dabbelt <palmer@dabbelt.com>,
linux-riscv <linux-riscv@lists.infradead.org>,
Terry Hu <kejia.hu@codethink.co.uk>
Subject: Re: [PATCH] RFC: riscv: evaluate put_user() arg before enabling user access
Date: Thu, 18 Mar 2021 23:46:24 +0000 [thread overview]
Message-ID: <983c5b8e-b5dc-9c8f-66ed-7a7bf0033ff8@codethink.co.uk> (raw)
In-Reply-To: <CAK8P3a1re8s4nacPQn=E2PnkxM5TQEihDu6XvV1Tg9y1J8iseQ@mail.gmail.com>
On 18/03/2021 22:48, Arnd Bergmann wrote:
> On Thu, Mar 18, 2021 at 11:41 PM Ben Dooks <ben.dooks@codethink.co.uk> wrote:
>>
>> The <asm/uaccess.h> header has a problem with
>> put_user(a, ptr) if the 'a' is not a simple
>> variable, such as a function. This can lead
>> to the compiler producing code as so:
>>
>> 1: enable_user_access()
>> 2: evaluate 'a'
>> 3: put 'a' to 'ptr'
>> 4: disable_user_acess()
>>
>> The issue is that 'a' is now being evaluated
>> with the user memory protections disabled. So
>> we try and force the evaulation by assinging
>> 'x' to __val at the start, and hoping the
>> compiler barriers in enable_user_access()
>> do the job of ordering step 2 before step 1.
>>
>> This has shown up in a bug where 'a' sleeps
>> and thus schedules out and loses the SR_SUM
>> flag. This isn't sufficient to fully fix, but
>> should reduce the window of opportunity.
>>
>> Cc: Arnd Bergman <arnd@arndb.de>
>
> Reviewed-by: Arnd Bergman <arnd@arndb.de>
>
> Note: your Signed-off-by seems to be missing.
Sorry, forgot as was intending smaller RFC release.
Thanks for the help sorting out the compile issues
I need to review the patch description anyway and make it flow
closer to 73 columns instead of the rather truncated version it is.
--
Ben Dooks http://www.codethink.co.uk/
Senior Engineer Codethink - Providing Genius
https://www.codethink.co.uk/privacy.html
_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv
next prev parent reply other threads:[~2021-03-18 23:47 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-18 22:41 [PATCH] RFC: riscv: evaluate put_user() arg before enabling user access Ben Dooks
2021-03-18 22:48 ` Arnd Bergmann
2021-03-18 23:46 ` Ben Dooks [this message]
2021-03-19 13:05 ` Christoph Hellwig
2021-03-19 14:19 ` Ben Dooks
2021-03-19 15:03 ` Alex Ghiti
2021-03-19 15:09 ` Ben Dooks
2021-03-19 16:12 ` Alex Ghiti
2021-03-19 21:56 ` Ben Dooks
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=983c5b8e-b5dc-9c8f-66ed-7a7bf0033ff8@codethink.co.uk \
--to=ben.dooks@codethink.co.uk \
--cc=arnd@arndb.de \
--cc=kejia.hu@codethink.co.uk \
--cc=linux-riscv@lists.infradead.org \
--cc=palmer@dabbelt.com \
--cc=paul.walmsley@sifive.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox