From: "H. Peter Anvin" <hpa@linux.intel.com>
To: Linus Torvalds <torvalds@linux-foundation.org>,
Ingo Molnar <mingo@kernel.org>
Cc: Peter Anvin <hpa@zytor.com>,
tglx@linutronix.de, linux-tip-commits@vger.kernel.org,
fenghua.yu@intel.com, linux-kernel@vger.kernel.org
Subject: Re: [tip:x86/asm] x86-64, copy_user: Remove zero byte check before copy user buffer.
Date: Wed, 20 Nov 2013 11:28:33 -0800 [thread overview]
Message-ID: <528D0D61.1030902@linux.intel.com> (raw)
In-Reply-To: <CA+55aFyFz_6oy8-1jb5Jzk+4VC5MLA5d0KbqhZxki0=+DmggBg@mail.gmail.com>
On 11/16/2013 10:44 PM, Linus Torvalds wrote:
> So this doesn't do the 32-bit truncation in the error path of the
> generic string copy. Oversight?
>
> Linus
I looked at the code again, and it turns out to be false alarm.
We *do* do 32-bit truncation in every path, still:
> ENTRY(copy_user_generic_string)
> CFI_STARTPROC
> ASM_STAC
> cmpl $8,%edx
> jb 2f /* less than 8 bytes, go to byte copy loop */
-> If we jump here, we will truncate at 2:
> ALIGN_DESTINATION
> movl %edx,%ecx
-> If we don't jb 2f we end up
> shrl $3,%ecx
32-bit truncation here...
> andl $7,%edx
> 1: rep
> movsq
> 2: movl %edx,%ecx
32-bit truncation here...
> 3: rep
> movsb
> xorl %eax,%eax
> ASM_CLAC
> ret
>
> .section .fixup,"ax"
> 11: lea (%rdx,%rcx,8),%rcx
> 12: movl %ecx,%edx /* ecx is zerorest also */
-> Even if %rdx+%rcx*8 > 2^32 we end up truncating at 12: -- not that it
matters, since both arguments are prototyped as "unsigned" and therefore
the C compiler is supposed to guarantee the upper 32 bits are ignored.
So I think Fenghua's patch is fine as-is.
-hpa
next prev parent reply other threads:[~2013-11-20 19:28 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-11-16 20:37 [PATCH] x86/copy_user.S: Remove zero byte check before copy user buffer Fenghua Yu
2013-11-17 6:18 ` [tip:x86/asm] x86-64, copy_user: " tip-bot for Fenghua Yu
[not found] ` <CA+55aFyFz_6oy8-1jb5Jzk+4VC5MLA5d0KbqhZxki0=+DmggBg@mail.gmail.com>
2013-11-17 6:51 ` H. Peter Anvin
2013-11-19 4:37 ` H. Peter Anvin
2013-11-19 19:38 ` Linus Torvalds
2013-11-20 19:12 ` H. Peter Anvin
2013-11-20 19:28 ` H. Peter Anvin [this message]
2013-11-20 20:13 ` Linus Torvalds
2013-11-20 20:36 ` H. Peter Anvin
2013-11-20 21:44 ` Linus Torvalds
2013-11-20 20:54 ` [tip:x86/asm] x86-64, copy_user: Use leal to produce 32-bit results tip-bot for H. Peter Anvin
2013-11-20 22:00 ` tip-bot for H. Peter Anvin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=528D0D61.1030902@linux.intel.com \
--to=hpa@linux.intel.com \
--cc=fenghua.yu@intel.com \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-tip-commits@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox