From patchwork Tue Jul 23 17:58:45 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11054873 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D665F746 for ; Tue, 23 Jul 2019 17:59:35 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C7D66286C6 for ; Tue, 23 Jul 2019 17:59:35 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id BA8C8286F1; Tue, 23 Jul 2019 17:59:35 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, USER_IN_DEF_DKIM_WL autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3483C286C6 for ; Tue, 23 Jul 2019 17:59:35 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D80C98E000F; Tue, 23 Jul 2019 13:59:33 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id D09448E0002; Tue, 23 Jul 2019 13:59:33 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BFABC8E000F; Tue, 23 Jul 2019 13:59:33 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-qk1-f198.google.com (mail-qk1-f198.google.com [209.85.222.198]) by kanga.kvack.org (Postfix) with ESMTP id 9843D8E0002 for ; Tue, 23 Jul 2019 13:59:33 -0400 (EDT) Received: by mail-qk1-f198.google.com with SMTP id 5so37135897qki.2 for ; Tue, 23 Jul 2019 10:59:33 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=mo6ZyD7PJiiiTnkBfnFT33xmRSSjLb2erTRpgEGb4jw=; b=AP4yQG3ynMtfmwSOB/wBxM/Z0Mp5sksPGnuKuH0Sb+JJuuA+q0u8WtCIHQhpXe1mTe Bc7mS7UvYTTt2bFxm00zJ6zLgzzSRoDV2jSEVbta6gOtDcYDVYxcDNw20JvgWi//63Ga +tK97IX/c2g2IQRywLdeUAwi2lWw3wN97hEKKkD/NaMPirGPd0l7mW6kECN5oc1v1oNh q8jiJnmWRH/UfLxV6pbQfvmBNhYwRSvpTzpb6uoq82yDZS/ZEY+DK4xFBXnOiXbFknhS Xbl1sWnCXxjrSXh8E/TG0t0h/66NDFPh7yBfuieZghWZo8yYIC0S8l6d8JEamnWjC7/G pLqw== X-Gm-Message-State: APjAAAWLfVeZnm8GrkQUrCd2lePqXWJZ31nTBoxLkdyZ1GKTtlTgmhel 2Caox1EpJIwjS4AeD53eqwd1yVqf99qjHtVH57iS28lwygfcrIivDmkloMKIww6LjSlBSSfzNUX XUQv0lmrwA9skEdFT/OTHBmLd7sMsYYRI9zFqqBDfa4JWWV2PbOiZJQ+xXAVVQ3L7Sw== X-Received: by 2002:a37:a692:: with SMTP id p140mr49586643qke.432.1563904773333; Tue, 23 Jul 2019 10:59:33 -0700 (PDT) X-Received: by 2002:a37:a692:: with SMTP id p140mr49586629qke.432.1563904772579; Tue, 23 Jul 2019 10:59:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1563904772; cv=none; d=google.com; s=arc-20160816; b=fm8GxGaBg/z0rX7/wB4uLBD18kFvgFoX9MivmaklgJo0qKDruTmK9+kGpTWfNiGhBN Ri6f6q8BlYB0NzedN3AewN8Unv/NsaZB88Zvqllpl4y7zjahlnRV3FvOfI8P7xqiTXaC kUPbPVpEo2w4iraQQyOu1aqldbJHr9y2XrB+SN9e7SSlrS44FsfP/geX/6za1zRILXLZ wwvfk++0se1MV5LP+HPHljyR2wCujBjLOb5p/csTovaRfZMutbld7PqpHdjOzpMFrvKl 4J5KyydMY0kws+HjiIhyfYrZodNlxdyNfe8mvVo9HX8YHl601WDBOK4fsUAIrhpzO+Qz C7sA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:dkim-signature; bh=mo6ZyD7PJiiiTnkBfnFT33xmRSSjLb2erTRpgEGb4jw=; b=cDBEVWVobXUKrJuAzcoecCdITWWVUayy9ovbVVO7UOJQmdZB8DXXWeVKGyKjERLxo5 zrKewoXZMY0DgdBpF0vmRWitkXXpjhr5UaDMpKN0+nJSC1PU3/iexZP0u4onBk6sAOWJ KQQzNpbVFXf5OCqwEBnxvr2AMck87Uv6akJzsSdqAmdUCsaVFptYy04X7RTrmlmyVKgm xzWrQVv+2yzK3X1+YDGm7mevkwG3+LXgy0kwlx26OJ08V+my7rUreo+xEvv8oF7mNlh4 tkLxFWpdaUMZIG+fpjbWBdhTJqIglgJ8xolOtWojyj24mE7v41s7WCUTfjIBBFxPMFNe lZSA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=cRcOEH0i; spf=pass (google.com: domain of 3bes3xqokcgcfsiwjdpsaqlttlqj.htrqnszc-rrpafhp.twl@flex--andreyknvl.bounces.google.com designates 209.85.220.73 as permitted sender) smtp.mailfrom=3BEs3XQoKCGcFSIWJdPSaQLTTLQJ.HTRQNSZc-RRPaFHP.TWL@flex--andreyknvl.bounces.google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from mail-sor-f73.google.com (mail-sor-f73.google.com. [209.85.220.73]) by mx.google.com with SMTPS id f84sor25234583qkb.28.2019.07.23.10.59.32 for (Google Transport Security); Tue, 23 Jul 2019 10:59:32 -0700 (PDT) Received-SPF: pass (google.com: domain of 3bes3xqokcgcfsiwjdpsaqlttlqj.htrqnszc-rrpafhp.twl@flex--andreyknvl.bounces.google.com designates 209.85.220.73 as permitted sender) client-ip=209.85.220.73; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=cRcOEH0i; spf=pass (google.com: domain of 3bes3xqokcgcfsiwjdpsaqlttlqj.htrqnszc-rrpafhp.twl@flex--andreyknvl.bounces.google.com designates 209.85.220.73 as permitted sender) smtp.mailfrom=3BEs3XQoKCGcFSIWJdPSaQLTTLQJ.HTRQNSZc-RRPaFHP.TWL@flex--andreyknvl.bounces.google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=mo6ZyD7PJiiiTnkBfnFT33xmRSSjLb2erTRpgEGb4jw=; b=cRcOEH0iv2407FEeEXiGtfbNaRtJQIzg5XbYICzGVGc43sPOA3+CZIMWAHKgebQ1Fd NhXvQ2XcNcF8R9x/znx8/B+ZWBuFc0pppCQj6IxF/91ZQehMjq/FUgtTO1kgaD+sdo+u g0fX97ge7Kl52ZUaa6b+4pEh6IxUyFSuMDNJlzhUpxY5RLeNi8LIb5QOqygzH5YcXwTw u/vwHZkzfH96V/r4aumfuyQXlNmESoQtl9/gLW/U3oOdnKUbG/Ywu4Xo6BgLwOzrtBVU Gf76BaPylfmhv0ijCpRq3ZN2WZ9BE8VMsOdxcjRzxf/93AljoTsAfpUOJtPXkeNJ+1FY hU+A== X-Google-Smtp-Source: APXvYqwqXUnbT9S2ecddRPfsS72rTxoBtLQXpIQx9JM0kIhhjvtv5eSOcsPLQ4y/4499Xb23XuIGaF+KOaOVjXRR X-Received: by 2002:a37:47d1:: with SMTP id u200mr49170508qka.21.1563904772061; Tue, 23 Jul 2019 10:59:32 -0700 (PDT) Date: Tue, 23 Jul 2019 19:58:45 +0200 In-Reply-To: Message-Id: Mime-Version: 1.0 References: X-Mailer: git-send-email 2.22.0.709.g102302147b-goog Subject: [PATCH v19 08/15] userfaultfd: untag user pointers From: Andrey Konovalov To: linux-arm-kernel@lists.infradead.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, amd-gfx@lists.freedesktop.org, dri-devel@lists.freedesktop.org, linux-rdma@vger.kernel.org, linux-media@vger.kernel.org, kvm@vger.kernel.org, linux-kselftest@vger.kernel.org Cc: Catalin Marinas , Vincenzo Frascino , Will Deacon , Mark Rutland , Andrew Morton , Greg Kroah-Hartman , Kees Cook , Yishai Hadas , Felix Kuehling , Alexander Deucher , Christian Koenig , Mauro Carvalho Chehab , Jens Wiklander , Alex Williamson , Leon Romanovsky , Luc Van Oostenryck , Dave Martin , Khalid Aziz , enh , Jason Gunthorpe , Christoph Hellwig , Dmitry Vyukov , Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Robin Murphy , Kevin Brodsky , Szabolcs Nagy , Andrey Konovalov , Mike Rapoport X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP This patch is a part of a series that extends kernel ABI to allow to pass tagged user pointers (with the top byte set to something else other than 0x00) as syscall arguments. userfaultfd code use provided user pointers for vma lookups, which can only by done with untagged pointers. Untag user pointers in validate_range(). Reviewed-by: Mike Rapoport Reviewed-by: Vincenzo Frascino Reviewed-by: Catalin Marinas Reviewed-by: Kees Cook Signed-off-by: Andrey Konovalov --- fs/userfaultfd.c | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/fs/userfaultfd.c b/fs/userfaultfd.c index ccbdbd62f0d8..6284a4e719cb 100644 --- a/fs/userfaultfd.c +++ b/fs/userfaultfd.c @@ -1271,21 +1271,23 @@ static __always_inline void wake_userfault(struct userfaultfd_ctx *ctx, } static __always_inline int validate_range(struct mm_struct *mm, - __u64 start, __u64 len) + __u64 *start, __u64 len) { __u64 task_size = mm->task_size; - if (start & ~PAGE_MASK) + *start = untagged_addr(*start); + + if (*start & ~PAGE_MASK) return -EINVAL; if (len & ~PAGE_MASK) return -EINVAL; if (!len) return -EINVAL; - if (start < mmap_min_addr) + if (*start < mmap_min_addr) return -EINVAL; - if (start >= task_size) + if (*start >= task_size) return -EINVAL; - if (len > task_size - start) + if (len > task_size - *start) return -EINVAL; return 0; } @@ -1335,7 +1337,7 @@ static int userfaultfd_register(struct userfaultfd_ctx *ctx, goto out; } - ret = validate_range(mm, uffdio_register.range.start, + ret = validate_range(mm, &uffdio_register.range.start, uffdio_register.range.len); if (ret) goto out; @@ -1524,7 +1526,7 @@ static int userfaultfd_unregister(struct userfaultfd_ctx *ctx, if (copy_from_user(&uffdio_unregister, buf, sizeof(uffdio_unregister))) goto out; - ret = validate_range(mm, uffdio_unregister.start, + ret = validate_range(mm, &uffdio_unregister.start, uffdio_unregister.len); if (ret) goto out; @@ -1675,7 +1677,7 @@ static int userfaultfd_wake(struct userfaultfd_ctx *ctx, if (copy_from_user(&uffdio_wake, buf, sizeof(uffdio_wake))) goto out; - ret = validate_range(ctx->mm, uffdio_wake.start, uffdio_wake.len); + ret = validate_range(ctx->mm, &uffdio_wake.start, uffdio_wake.len); if (ret) goto out; @@ -1715,7 +1717,7 @@ static int userfaultfd_copy(struct userfaultfd_ctx *ctx, sizeof(uffdio_copy)-sizeof(__s64))) goto out; - ret = validate_range(ctx->mm, uffdio_copy.dst, uffdio_copy.len); + ret = validate_range(ctx->mm, &uffdio_copy.dst, uffdio_copy.len); if (ret) goto out; /* @@ -1771,7 +1773,7 @@ static int userfaultfd_zeropage(struct userfaultfd_ctx *ctx, sizeof(uffdio_zeropage)-sizeof(__s64))) goto out; - ret = validate_range(ctx->mm, uffdio_zeropage.range.start, + ret = validate_range(ctx->mm, &uffdio_zeropage.range.start, uffdio_zeropage.range.len); if (ret) goto out;