From patchwork Tue Jan 3 20:25:20 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Brown X-Patchwork-Id: 13088015 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id EFDE0C3DA7D for ; Tue, 3 Jan 2023 20:30:03 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Cc:To:In-Reply-To:References:Message-Id :MIME-Version:Subject:Date:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=gyZZ+ya3qlm96pAV3EtfInTb9fEH4FYgo/GbHOMRWsc=; b=Vwa2Tt0Q904bk4 69giJl4pg2JhcEaHyVvopl7fOgfYAUmyh/kft7Ga1oSJ3mAcErHSVhuwL8j6mxACgT9KXxm6IoWAL rOTSHjIkcCqSxX1aFMHbtZV9oH95UeUSMLgth3FESodq3A9C28qtvUm4h57RM63hi+Q8YkAV1VVQ7 lWfdtczJ1WFK4T4zrNjXDF9bbWlFWzloMTF0J9QEb/X6oCobr7WE9bVVpFH9a3Rt0Hb3zTO0+6EZC 2jt3rSgK1/A1MF20Wyz6wmUO4iQr4wE1MG/s4TOkvcq4rD5lo05aF/Ku3qDYMsEr5gf76cCuvJHYP kcw9YPKow0SXJ0JUhh/w==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pCntx-004k4G-6c; Tue, 03 Jan 2023 20:28:50 +0000 Received: from ams.source.kernel.org ([145.40.68.75]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pCnr1-004jBX-Ir for linux-arm-kernel@lists.infradead.org; Tue, 03 Jan 2023 20:25:49 +0000 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 5D778B81101; Tue, 3 Jan 2023 20:25:45 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 02C59C433F2; Tue, 3 Jan 2023 20:25:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1672777544; bh=R/W8mmKeaxpR93qWBCl3bp8iHKra8Il/mJ3al5xv2xs=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=I7qAR66ZRCypjHbZX5mvJtml3HXj5+Orkb/Q/6L+zYBGEQBpKFELl6bO+IG2dZ5Vv DSjhuSEI3WBV4Brcx0wvlPMAU9nDEblzXBXq47QmRHIpK7ZE5j/ywGeyuqagGrqAQ1 pDFgtnzlQZy5Q6og7FHp1VwVKmNWypSFHQXr0WfEOd/AQubz6XoOoIF1s5ftdNH0li SVcPWftl/RHHbVgc443jP0iskPxQ13CwZboO9E0eqZhF+kg0qP7mQFCRbt+M5z8iEu BBGtnal37FdUqPVvw3114WgqcEaSGkTYBwUS63al8tFI+7eZqCwzGRhayTHmO1xGFK y2haoNBQPiXyA== From: Mark Brown Date: Tue, 03 Jan 2023 20:25:20 +0000 Subject: [PATCH v2 6/6] arm64/signal: Only read new data when parsing the ZA context MIME-Version: 1.0 Message-Id: <20221212-arm64-signal-cleanup-v2-6-14a8f3e088b7@kernel.org> References: <20221212-arm64-signal-cleanup-v2-0-14a8f3e088b7@kernel.org> In-Reply-To: <20221212-arm64-signal-cleanup-v2-0-14a8f3e088b7@kernel.org> To: Catalin Marinas , Will Deacon Cc: linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, Mark Brown X-Mailer: b4 0.12-dev-214b3 X-Developer-Signature: v=1; a=openpgp-sha256; l=1541; i=broonie@kernel.org; h=from:subject:message-id; bh=R/W8mmKeaxpR93qWBCl3bp8iHKra8Il/mJ3al5xv2xs=; b=owEBbQGS/pANAwAKASTWi3JdVIfQAcsmYgBjtI89bC1hF4Oqw8vOg9ajAIq4OrFhynOGKQtYhWvC s9O/wm+JATMEAAEKAB0WIQSt5miqZ1cYtZ/in+ok1otyXVSH0AUCY7SPPQAKCRAk1otyXVSH0HYZB/ 0a2p8lwqzzdweZpr3X+MR3f1Vwopfqc66IJXP/cGcepmIu3RaicP/UdoqD7/LN1i+TucQizeWEAF0X RXWaVWKXA+8qJoR3K3catNwHz/xLJhNfqzpMTmiY9B0fU3lacN3ATTv1teTEnVYtNrsxxsBz8Qa+CS SP8EofQ1qegyC5AUOCzsSi9Yh8nHN7HO7WutfvFP/E6+1eY2iUjQc2/4rso11w9z1IM6JQTY0EvJLo i/x0ekIYFppGh28mkN6KV3k1tlCCPAys5Nkxbhp1ntXJdXGhNVjIwe0ipVu3pf/0HaiDVwrpNHB2iW rqestOwUMVUyibcD5BrDYP7wu1bMuU X-Developer-Key: i=broonie@kernel.org; a=openpgp; fpr=3F2568AAC26998F9E813A1C5C3F436CA30F5D8EB X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230103_122547_822343_83DB7FD3 X-CRM114-Status: GOOD ( 16.41 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org When we parse the ZA signal context we read the entire context from userspace, including the generic signal context header which was already read by parse_user_sigframe() and padding bytes that we ignore. Avoid the possibility of relying on the second read of the data read twice by only reading the data which we are actually going to use. Signed-off-by: Mark Brown --- arch/arm64/kernel/signal.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/arch/arm64/kernel/signal.c b/arch/arm64/kernel/signal.c index 26192ab56de4..bed27d4f8ce9 100644 --- a/arch/arm64/kernel/signal.c +++ b/arch/arm64/kernel/signal.c @@ -401,17 +401,18 @@ static int preserve_za_context(struct za_context __user *ctx) static int restore_za_context(struct user_ctxs *user) { - int err; + int err = 0; unsigned int vq; - struct za_context za; + u16 user_vl; if (user->za_size < sizeof(*user->za)) return -EINVAL; - if (__copy_from_user(&za, user->za, sizeof(za))) - return -EFAULT; + __get_user_error(user_vl, &(user->za->vl), err); + if (err) + return err; - if (za.vl != task_get_sme_vl(current)) + if (user_vl != task_get_sme_vl(current)) return -EINVAL; if (user->za_size == sizeof(*user->za)) { @@ -419,7 +420,7 @@ static int restore_za_context(struct user_ctxs *user) return 0; } - vq = sve_vq_from_vl(za.vl); + vq = sve_vq_from_vl(user_vl); if (user->za_size < ZA_SIG_CONTEXT_SIZE(vq)) return -EINVAL;