From patchwork Thu Mar 9 17:05:53 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Russell King (Oracle)" X-Patchwork-Id: 9613687 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id BD245604D9 for ; Thu, 9 Mar 2017 17:08:02 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A9DF9286A9 for ; Thu, 9 Mar 2017 17:08:02 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 9E043286BA; Thu, 9 Mar 2017 17:08:02 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID autolearn=ham version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [65.50.211.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 0037C286A9 for ; Thu, 9 Mar 2017 17:08:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References: Message-ID:Subject:To:From:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=kn2vXJ/a7PUpNFNlDhYh146HWibwKOuqoe8uiMC0JMU=; b=Z0rFfvZNV3HlUE E6bL+dfj+yMk04MAAHfVFVKgmRC0WosgbA4hbxv+iFB3cLK5PP19OYQhfDQG2hK+as4Euv3RfmGf2 2rgpvNl3RsV1pD51YKaO3jpAAg10dK04F/M7n8H+hfszXVPSbClGGRv+KzxlV5d2gVuC1tthgYNjK Rc0yIGrcIBKxVWCWXhe5g/2tW27b/OWVT+K4JhW99qANOLcSYJeYghYU5v0WbzUVPvhb1ShZvYb80 mVTgKQ9HjcAfAUes9bx+8dP2qsEr++vpEitj6En8m+RoRSnsEaiIh/keG9CXbW/PXVQp0a/NRoAEF X0NCo77aVIcXENJQSscQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.87 #1 (Red Hat Linux)) id 1cm1Xl-0000bx-Px; Thu, 09 Mar 2017 17:08:01 +0000 Received: from pandora.armlinux.org.uk ([2001:4d48:ad52:3201:214:fdff:fe10:1be6]) by bombadil.infradead.org with esmtps (Exim 4.87 #1 (Red Hat Linux)) id 1cm1Xf-0000ZZ-PZ for linux-arm-kernel@lists.infradead.org; Thu, 09 Mar 2017 17:07:59 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=armlinux.org.uk; s=pandora-2014; h=Sender:In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject:Cc:To:From:Date; bh=tzQtdnBXyr9bmRtSNhYKjBFP4lwu7TRP4QBe35GqWl0=; b=JjMrB5I0hqWoNA59rUGzUzei4kBbCgiroPIqBSzy8GsOwg06wW+V0BiASIlZ5CrlKgCjBYEsIHWotNzdp33a5X6tvVDEWZYRV3PpFbSz0dXbrX/+D5XlX3tAPVH9R/CdUYUWkCVWr8s0zNj94Wyz8qcV8deVXXXjxPVvPqn3qRc=; Received: from n2100.armlinux.org.uk ([2002:4e20:1eda:1:214:fdff:fe10:4f86]:36790) by pandora.armlinux.org.uk with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.82_1-5b7a7c0-XX) (envelope-from ) id 1cm1Vl-0006Lg-NG; Thu, 09 Mar 2017 17:05:57 +0000 Received: from linux by n2100.armlinux.org.uk with local (Exim 4.76) (envelope-from ) id 1cm1Vh-0002UF-Ij; Thu, 09 Mar 2017 17:05:53 +0000 Date: Thu, 9 Mar 2017 17:05:53 +0000 From: Russell King - ARM Linux To: Thomas Garnier Subject: Re: [PATCH v2 4/4] arm64/syscalls: Specific usage of verify_pre_usermode_state Message-ID: <20170309170553.GO21222@n2100.armlinux.org.uk> References: <20170309012456.5631-1-thgarnie@google.com> <20170309012456.5631-4-thgarnie@google.com> <20170309122354.GB6320@leverpostej> <20170309162613.GN21222@n2100.armlinux.org.uk> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20170309_090757_218700_C88D8542 X-CRM114-Status: GOOD ( 16.89 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Mark Rutland , Nicolas Pitre , Kernel Hardening , Frederic Weisbecker , Sebastian Andrzej Siewior , Will Deacon , LKML , David Howells , Dave Hansen , Jan Beulich , "H . Peter Anvin" , Borislav Petkov , Ingo Molnar , Pavel Tikhomirov , Chris Metcalf , Pratyush Anand , Helge Deller , the arch/x86 maintainers , Christian Borntraeger , =?iso-8859-1?Q?Ren=E9?= Nyffenegger , Catalin Marinas , "Paul E . McKenney" , Stephen Smalley , Petr Mladek , Rik van Riel , Vladimir Murzin , Kees Cook , Arnd Bergmann , He Chen , Brian Gerst , Stanislav Kinsburskiy , Andre Przywara , John Stultz , Al Viro , Andy Lutomirski , Josh Poimboeuf , Thomas Gleixner , Ingo Molnar , linux-arm-kernel@lists.infradead.org, Ard Biesheuvel , Linux API , Oleg Nesterov , Sergey Senozhatsky , "Luis R . Rodriguez" , James Morse , Paolo Bonzini , Andrew Morton , "David S . Miller" Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP On Thu, Mar 09, 2017 at 08:35:30AM -0800, Thomas Garnier wrote: > On Thu, Mar 9, 2017 at 8:26 AM, Russell King - ARM Linux > wrote: > > I wouldn't call what you've done on ARM an "optimisation", because my > > comment about making the fast path worthless still stands. > > Why does it still stands on the latest proposal? It's still having to needlessly save stuff when there's nothing wrong. Remember, syscalls are a fast path, so the minimum we can do is good. Calling into C functions is not ideal, because they will tend to be _very_ expensive compared to hand crafted assembly, especially for something like this. It's possible to check the address limit in just three instructions, which is way less than will be incurred by calling a C function. Note: This patch is completely untested. arch/arm/kernel/entry-common.S | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/arch/arm/kernel/entry-common.S b/arch/arm/kernel/entry-common.S index eb5cd77bf1d8..6b43c6d73117 100644 --- a/arch/arm/kernel/entry-common.S +++ b/arch/arm/kernel/entry-common.S @@ -41,8 +41,11 @@ UNWIND(.cantunwind ) disable_irq_notrace @ disable interrupts ldr r1, [tsk, #TI_FLAGS] @ re-check for syscall tracing + ldr r2, [tsk, #TI_ADDR_LIMIT] tst r1, #_TIF_SYSCALL_WORK | _TIF_WORK_MASK bne fast_work_pending + cmp r2, #TASK_SIZE + blgt addr_limit_fail /* perform architecture specific actions before user return */ arch_ret_to_user r1, lr @@ -67,6 +70,7 @@ ENDPROC(ret_fast_syscall) str r0, [sp, #S_R0 + S_OFF]! @ save returned r0 disable_irq_notrace @ disable interrupts ldr r1, [tsk, #TI_FLAGS] @ re-check for syscall tracing + ldr r2, [tsk, #TI_ADDR_LIMIT] tst r1, #_TIF_SYSCALL_WORK | _TIF_WORK_MASK beq no_work_pending UNWIND(.fnend ) @@ -82,6 +86,7 @@ ENDPROC(ret_fast_syscall) mov r2, why @ 'syscall' bl do_work_pending cmp r0, #0 + ldreq r2, [tsk, #TI_ADDR_LIMIT] beq no_work_pending movlt scno, #(__NR_restart_syscall - __NR_SYSCALL_BASE) ldmia sp, {r0 - r6} @ have to reload r0 - r6 @@ -99,9 +104,12 @@ ENTRY(ret_to_user) disable_irq_notrace @ disable interrupts ENTRY(ret_to_user_from_irq) ldr r1, [tsk, #TI_FLAGS] + ldr r2, [tsk, #TI_ADDR_LIMIT] tst r1, #_TIF_WORK_MASK bne slow_work_pending no_work_pending: + cmp r2, #TASK_SIZE + blgt addr_limit_fail asm_trace_hardirqs_on save = 0 /* perform architecture specific actions before user return */ @@ -125,6 +133,16 @@ ENTRY(ret_from_fork) b ret_slow_syscall ENDPROC(ret_from_fork) +addr_limit_fail: +#ifdef CONFIG_BUG_ON_DATA_CORRUPTION + stmfd sp!, {r0, lr} + bl verify_pre_usermode_state + ldmfd sp!, {r0, lr} +#endif + mov r2, #TASK_SIZE + str r2, [tsk, #TI_ADDR_LIMIT] + ret lr + /*============================================================================= * SWI handler *-----------------------------------------------------------------------------