mirror of
https://github.com/AuxXxilium/linux_dsm_epyc7002.git
synced 2024-12-26 13:05:08 +07:00
51bb38cb78
If raw_copy_from_user(to, from, N) returns K, callers expect the first N - K bytes starting at to to have been replaced with the contents of corresponding area starting at from and the last K bytes of destination *left* *unmodified*. What arch/sky/lib/usercopy.c is doing is broken - it can lead to e.g. data corruption on write(2). raw_copy_to_user() is inaccurate about return value, which is a bug, but consequences are less drastic than for raw_copy_from_user(). And just what are those access_ok() doing in there? I mean, look into linux/uaccess.h; that's where we do that check (as well as zero tail on failure in the callers that need zeroing). AFAICS, all of that shouldn't be hard to fix; something like a patch below might make a useful starting point. I would suggest moving these macros into usercopy.c (they are never used anywhere else) and possibly expanding them there; if you leave them alive, please at least rename __copy_user_zeroing(). Again, it must not zero anything on failed read. Said that, I'm not sure we won't be better off simply turning usercopy.c into usercopy.S - all that is left there is a couple of functions, each consisting only of inline asm. Guo Ren reply: Yes, raw_copy_from_user is wrong, it's no need zeroing code. unsigned long _copy_from_user(void *to, const void __user *from, unsigned long n) { unsigned long res = n; might_fault(); if (likely(access_ok(from, n))) { kasan_check_write(to, n); res = raw_copy_from_user(to, from, n); } if (unlikely(res)) memset(to + (n - res), 0, res); return res; } EXPORT_SYMBOL(_copy_from_user); You are right and access_ok() should be removed. but, how about: do { ... "2: stw %3, (%1, 0) \n" \ + " subi %0, 4 \n" \ "9: stw %4, (%1, 4) \n" \ + " subi %0, 4 \n" \ "10: stw %5, (%1, 8) \n" \ + " subi %0, 4 \n" \ "11: stw %6, (%1, 12) \n" \ + " subi %0, 4 \n" \ " addi %2, 16 \n" \ " addi %1, 16 \n" \ Don't expand __ex_table AI Viro reply: Hey, I've no idea about the instruction scheduling on csky - if that doesn't slow the things down, all the better. It's just that copy_to_user() and friends are on fairly hot codepaths, and in quite a few situations they will dominate the speed of e.g. read(2). So I tried to keep the fast path unchanged. Up to the architecture maintainers, obviously. Which would be you... As for the fixups size increase (__ex_table size is unchanged)... You have each of those macros expanded exactly once. So the size is not a serious argument, IMO - useless complexity would be, if it is, in fact, useless; the size... not really, especially since those extra subi will at least offset it. Again, up to you - asm optimizations of (essentially) memcpy()-style loops are tricky and can depend upon the fairly subtle details of architecture. So even on something I know reasonably well I would resort to direct experiments if I can't pass the buck to architecture maintainers. It *is* worth optimizing - this is where read() from a file that is already in page cache spends most of the time, etc. Guo Ren reply: Thx, after fixup some typo “sub %0, 4”, apply the patch. TODO: - user copy/from codes are still need optimizing. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Guo Ren <guoren@linux.alibaba.com>
259 lines
7.7 KiB
C
259 lines
7.7 KiB
C
// SPDX-License-Identifier: GPL-2.0
|
|
// Copyright (C) 2018 Hangzhou C-SKY Microsystems co.,ltd.
|
|
|
|
#include <linux/uaccess.h>
|
|
#include <linux/types.h>
|
|
|
|
unsigned long raw_copy_from_user(void *to, const void *from,
|
|
unsigned long n)
|
|
{
|
|
___copy_from_user(to, from, n);
|
|
return n;
|
|
}
|
|
EXPORT_SYMBOL(raw_copy_from_user);
|
|
|
|
unsigned long raw_copy_to_user(void *to, const void *from,
|
|
unsigned long n)
|
|
{
|
|
___copy_to_user(to, from, n);
|
|
return n;
|
|
}
|
|
EXPORT_SYMBOL(raw_copy_to_user);
|
|
|
|
|
|
/*
|
|
* copy a null terminated string from userspace.
|
|
*/
|
|
#define __do_strncpy_from_user(dst, src, count, res) \
|
|
do { \
|
|
int tmp; \
|
|
long faultres; \
|
|
asm volatile( \
|
|
" cmpnei %3, 0 \n" \
|
|
" bf 4f \n" \
|
|
"1: cmpnei %1, 0 \n" \
|
|
" bf 5f \n" \
|
|
"2: ldb %4, (%3, 0) \n" \
|
|
" stb %4, (%2, 0) \n" \
|
|
" cmpnei %4, 0 \n" \
|
|
" bf 3f \n" \
|
|
" addi %3, 1 \n" \
|
|
" addi %2, 1 \n" \
|
|
" subi %1, 1 \n" \
|
|
" br 1b \n" \
|
|
"3: subu %0, %1 \n" \
|
|
" br 5f \n" \
|
|
"4: mov %0, %5 \n" \
|
|
" br 5f \n" \
|
|
".section __ex_table, \"a\" \n" \
|
|
".align 2 \n" \
|
|
".long 2b, 4b \n" \
|
|
".previous \n" \
|
|
"5: \n" \
|
|
: "=r"(res), "=r"(count), "=r"(dst), \
|
|
"=r"(src), "=r"(tmp), "=r"(faultres) \
|
|
: "5"(-EFAULT), "0"(count), "1"(count), \
|
|
"2"(dst), "3"(src) \
|
|
: "memory", "cc"); \
|
|
} while (0)
|
|
|
|
/*
|
|
* __strncpy_from_user: - Copy a NUL terminated string from userspace,
|
|
* with less checking.
|
|
* @dst: Destination address, in kernel space. This buffer must be at
|
|
* least @count bytes long.
|
|
* @src: Source address, in user space.
|
|
* @count: Maximum number of bytes to copy, including the trailing NUL.
|
|
*
|
|
* Copies a NUL-terminated string from userspace to kernel space.
|
|
* Caller must check the specified block with access_ok() before calling
|
|
* this function.
|
|
*
|
|
* On success, returns the length of the string (not including the trailing
|
|
* NUL).
|
|
*
|
|
* If access to userspace fails, returns -EFAULT (some data may have been
|
|
* copied).
|
|
*
|
|
* If @count is smaller than the length of the string, copies @count bytes
|
|
* and returns @count.
|
|
*/
|
|
long __strncpy_from_user(char *dst, const char *src, long count)
|
|
{
|
|
long res;
|
|
|
|
__do_strncpy_from_user(dst, src, count, res);
|
|
return res;
|
|
}
|
|
EXPORT_SYMBOL(__strncpy_from_user);
|
|
|
|
/*
|
|
* strncpy_from_user: - Copy a NUL terminated string from userspace.
|
|
* @dst: Destination address, in kernel space. This buffer must be at
|
|
* least @count bytes long.
|
|
* @src: Source address, in user space.
|
|
* @count: Maximum number of bytes to copy, including the trailing NUL.
|
|
*
|
|
* Copies a NUL-terminated string from userspace to kernel space.
|
|
*
|
|
* On success, returns the length of the string (not including the trailing
|
|
* NUL).
|
|
*
|
|
* If access to userspace fails, returns -EFAULT (some data may have been
|
|
* copied).
|
|
*
|
|
* If @count is smaller than the length of the string, copies @count bytes
|
|
* and returns @count.
|
|
*/
|
|
long strncpy_from_user(char *dst, const char *src, long count)
|
|
{
|
|
long res = -EFAULT;
|
|
|
|
if (access_ok(src, 1))
|
|
__do_strncpy_from_user(dst, src, count, res);
|
|
return res;
|
|
}
|
|
EXPORT_SYMBOL(strncpy_from_user);
|
|
|
|
/*
|
|
* strlen_user: - Get the size of a string in user space.
|
|
* @str: The string to measure.
|
|
* @n: The maximum valid length
|
|
*
|
|
* Get the size of a NUL-terminated string in user space.
|
|
*
|
|
* Returns the size of the string INCLUDING the terminating NUL.
|
|
* On exception, returns 0.
|
|
* If the string is too long, returns a value greater than @n.
|
|
*/
|
|
long strnlen_user(const char *s, long n)
|
|
{
|
|
unsigned long res, tmp;
|
|
|
|
if (s == NULL)
|
|
return 0;
|
|
|
|
asm volatile(
|
|
" cmpnei %1, 0 \n"
|
|
" bf 3f \n"
|
|
"1: cmpnei %0, 0 \n"
|
|
" bf 3f \n"
|
|
"2: ldb %3, (%1, 0) \n"
|
|
" cmpnei %3, 0 \n"
|
|
" bf 3f \n"
|
|
" subi %0, 1 \n"
|
|
" addi %1, 1 \n"
|
|
" br 1b \n"
|
|
"3: subu %2, %0 \n"
|
|
" addi %2, 1 \n"
|
|
" br 5f \n"
|
|
"4: movi %0, 0 \n"
|
|
" br 5f \n"
|
|
".section __ex_table, \"a\" \n"
|
|
".align 2 \n"
|
|
".long 2b, 4b \n"
|
|
".previous \n"
|
|
"5: \n"
|
|
: "=r"(n), "=r"(s), "=r"(res), "=r"(tmp)
|
|
: "0"(n), "1"(s), "2"(n)
|
|
: "memory", "cc");
|
|
|
|
return res;
|
|
}
|
|
EXPORT_SYMBOL(strnlen_user);
|
|
|
|
#define __do_clear_user(addr, size) \
|
|
do { \
|
|
int __d0, zvalue, tmp; \
|
|
\
|
|
asm volatile( \
|
|
"0: cmpnei %1, 0 \n" \
|
|
" bf 7f \n" \
|
|
" mov %3, %1 \n" \
|
|
" andi %3, 3 \n" \
|
|
" cmpnei %3, 0 \n" \
|
|
" bf 1f \n" \
|
|
" br 5f \n" \
|
|
"1: cmplti %0, 32 \n" /* 4W */ \
|
|
" bt 3f \n" \
|
|
"8: stw %2, (%1, 0) \n" \
|
|
"10: stw %2, (%1, 4) \n" \
|
|
"11: stw %2, (%1, 8) \n" \
|
|
"12: stw %2, (%1, 12) \n" \
|
|
"13: stw %2, (%1, 16) \n" \
|
|
"14: stw %2, (%1, 20) \n" \
|
|
"15: stw %2, (%1, 24) \n" \
|
|
"16: stw %2, (%1, 28) \n" \
|
|
" addi %1, 32 \n" \
|
|
" subi %0, 32 \n" \
|
|
" br 1b \n" \
|
|
"3: cmplti %0, 4 \n" /* 1W */ \
|
|
" bt 5f \n" \
|
|
"4: stw %2, (%1, 0) \n" \
|
|
" addi %1, 4 \n" \
|
|
" subi %0, 4 \n" \
|
|
" br 3b \n" \
|
|
"5: cmpnei %0, 0 \n" /* 1B */ \
|
|
"9: bf 7f \n" \
|
|
"6: stb %2, (%1, 0) \n" \
|
|
" addi %1, 1 \n" \
|
|
" subi %0, 1 \n" \
|
|
" br 5b \n" \
|
|
".section __ex_table,\"a\" \n" \
|
|
".align 2 \n" \
|
|
".long 8b, 9b \n" \
|
|
".long 10b, 9b \n" \
|
|
".long 11b, 9b \n" \
|
|
".long 12b, 9b \n" \
|
|
".long 13b, 9b \n" \
|
|
".long 14b, 9b \n" \
|
|
".long 15b, 9b \n" \
|
|
".long 16b, 9b \n" \
|
|
".long 4b, 9b \n" \
|
|
".long 6b, 9b \n" \
|
|
".previous \n" \
|
|
"7: \n" \
|
|
: "=r"(size), "=r" (__d0), \
|
|
"=r"(zvalue), "=r"(tmp) \
|
|
: "0"(size), "1"(addr), "2"(0) \
|
|
: "memory", "cc"); \
|
|
} while (0)
|
|
|
|
/*
|
|
* clear_user: - Zero a block of memory in user space.
|
|
* @to: Destination address, in user space.
|
|
* @n: Number of bytes to zero.
|
|
*
|
|
* Zero a block of memory in user space.
|
|
*
|
|
* Returns number of bytes that could not be cleared.
|
|
* On success, this will be zero.
|
|
*/
|
|
unsigned long
|
|
clear_user(void __user *to, unsigned long n)
|
|
{
|
|
if (access_ok(to, n))
|
|
__do_clear_user(to, n);
|
|
return n;
|
|
}
|
|
EXPORT_SYMBOL(clear_user);
|
|
|
|
/*
|
|
* __clear_user: - Zero a block of memory in user space, with less checking.
|
|
* @to: Destination address, in user space.
|
|
* @n: Number of bytes to zero.
|
|
*
|
|
* Zero a block of memory in user space. Caller must check
|
|
* the specified block with access_ok() before calling this function.
|
|
*
|
|
* Returns number of bytes that could not be cleared.
|
|
* On success, this will be zero.
|
|
*/
|
|
unsigned long
|
|
__clear_user(void __user *to, unsigned long n)
|
|
{
|
|
__do_clear_user(to, n);
|
|
return n;
|
|
}
|
|
EXPORT_SYMBOL(__clear_user);
|