From patchwork Wed Oct 31 13:57:10 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Long X-Patchwork-Id: 149815 Delivered-To: patches@linaro.org Received: by 2002:a2e:299d:0:0:0:0:0 with SMTP id p29-v6csp6826779ljp; Wed, 31 Oct 2018 06:57:43 -0700 (PDT) X-Received: by 2002:ab0:918:: with SMTP id w24mr1439748uag.51.1540994263369; Wed, 31 Oct 2018 06:57:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1540994263; cv=none; d=google.com; s=arc-20160816; b=qZN/Dboi2LWyVColIkYx5Xb7v+AiBx3KL9kfUmsf/jiShtJPQJ9i8qDw23dv/jZfzE kc8QxmtWuRMWo0V9OAeJz6slrkhBIZnMWjiSjvGkgof9ZsDW0V8fnMsi/Vbs5XMJ5hdA esLLlOJyYEqUqofmBob0MpTgWVzTH/7r7IKIh+XjQks3/rDCni7YOZDjR4t3PRtg+Mi1 eWXk8uy4uMTUwbR4oXduMvWs8ljKBwdeMSKw29R/FhSv3FSf6IEgi4QE+3CEYwOEpcf9 PmCliCXEx/ezDJjw07oT1Q5Y+xMK93BGzYpm5N06sss482a8WEbW1cMPq4aJBPHCFL60 ux4A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=IaoQxTRrxrYBzQWir0u9ErhYqEdp4e5JRmU48kGigvg=; b=Ygbn2C0baH8+TB8XZoxNOyVXZhHc8aVK5TDIkQ6TcvczY8HsACiQZSa8fI0wntttYx JjIV454fuRdskdLcgro9xerNEKMFvGTM1Egi4CYwRSe2mrhmOPQDlrOGrSzN+THTo9c9 ft78rKwnE1AY25F7bLlwTGP9afOsLV2T/6WQ1f/kysyCauwL2zWY9jsXOas3+5dM+jfR 5hT+sOwRl0JHgRbXf+3Bvq5I9/zc4p49msW2DkZipUJR8KQB7/NirUYycEYZs5DXdv0x w3nAChRbIUHENPmNQpwqRAxbKpDcAqKKss3ErEEEnp6jLMSeIHTMx3B0rIL5CtvgljA1 /atA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=C2Cso859; spf=pass (google.com: domain of dave.long@linaro.org designates 209.85.220.65 as permitted sender) smtp.mailfrom=dave.long@linaro.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id g1sor11616663uak.55.2018.10.31.06.57.43 for (Google Transport Security); Wed, 31 Oct 2018 06:57:43 -0700 (PDT) Received-SPF: pass (google.com: domain of dave.long@linaro.org designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=C2Cso859; spf=pass (google.com: domain of dave.long@linaro.org designates 209.85.220.65 as permitted sender) smtp.mailfrom=dave.long@linaro.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=IaoQxTRrxrYBzQWir0u9ErhYqEdp4e5JRmU48kGigvg=; b=C2Cso859noA8Knne/ULe0lAPA8XwN3f+0I8icWb65k4M1ZnUBYYrqbgZ9KqW6yVXCi Qn16sz9RXd8lB8M70SU6shF4kVgs28oNCZTWBXg7UFO3bI2KwoQCxwqG/h6Yz5VZ1nBj mc6iJkNy2Uj3//jwy/AcMAPhvjq/xLb+pdIrk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=IaoQxTRrxrYBzQWir0u9ErhYqEdp4e5JRmU48kGigvg=; b=BnEivNYyK90GGTq/zUYC2gchzyqYQRDVEpvOaCYyb0oxIGCQC9r5SrGNRCXRms2EA3 qs35hJf/+s9ZpRGQP7k0yYqx3+zxbjzI7coLHB8I8plJxetSUTV8Vce/mXqXj/m+ae9E Tw5j3aj5lJL4dfhaQv5Tb0I4ZtMz34U2CTuLz/Gfjw4kylZ2gYJOetGQJqv8Duvd5AVa nAFVSjCdrlvu5jbgY8YZRPW4MvIuEKMNPyuolb3AIuRfaC177fo3QGG7PUmufFD9h4l2 cS6l+qtkRtZYa7rnp6aAG+Iy5dtCn4SpTaG5+WjnDKbLl44fAQI7Kl5CoUr6yp3BDkKb d/Qg== X-Gm-Message-State: AGRZ1gKd0q8OWyK3Jug8mzd0WgFXCsKeIf7UAoaGEWKW8hiqcAahr8av 6d+PqNGnoCfdEpSb87rYjiEbQNav X-Google-Smtp-Source: AJdET5ew0vpdRM11G/qRslcKsyNUy6AjqrkvYWJio9k95zmECbWCW3pN/y0tm9RgYV3BSHTVdAMnuA== X-Received: by 2002:ab0:481:: with SMTP id 1mr1363795uaw.59.1540994262862; Wed, 31 Oct 2018 06:57:42 -0700 (PDT) Return-Path: Received: from dave-Dell-System-XPS-L502X.hsd1.nh.comcast.net ([2603:3005:3403:7100:2c71:8680:34e1:a6aa]) by smtp.googlemail.com with ESMTPSA id s85-v6sm2275624vse.29.2018.10.31.06.57.41 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Oct 2018 06:57:42 -0700 (PDT) From: David Long To: stable@vger.kernel.org, Russell King - ARM Linux , Florian Fainelli , Tony Lindgren , Marc Zyngier , Mark Rutland Cc: Greg KH , Mark Brown Subject: [PATCH 4.9 21/24] ARM: oabi-compat: copy semops using __copy_from_user() Date: Wed, 31 Oct 2018 09:57:10 -0400 Message-Id: <20181031135713.2873-22-dave.long@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181031135713.2873-1-dave.long@linaro.org> References: <20181031135713.2873-1-dave.long@linaro.org> From: Russell King Commit 8c8484a1c18e3231648f5ba7cc5ffb7fd70b3ca4 upstream. __get_user_error() is used as a fast accessor to make copying structure members as efficient as possible. However, with software PAN and the recent Spectre variant 1, the efficiency is reduced as these are no longer fast accessors. In the case of software PAN, it has to switch the domain register around each access, and with Spectre variant 1, it would have to repeat the access_ok() check for each access. Rather than using __get_user_error() to copy each semops element member, copy each semops element in full using __copy_from_user(). Acked-by: Mark Rutland Signed-off-by: Russell King Signed-off-by: David A. Long --- arch/arm/kernel/sys_oabi-compat.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) -- 2.17.1 diff --git a/arch/arm/kernel/sys_oabi-compat.c b/arch/arm/kernel/sys_oabi-compat.c index 5f221acd21ae..640748e27035 100644 --- a/arch/arm/kernel/sys_oabi-compat.c +++ b/arch/arm/kernel/sys_oabi-compat.c @@ -328,9 +328,11 @@ asmlinkage long sys_oabi_semtimedop(int semid, return -ENOMEM; err = 0; for (i = 0; i < nsops; i++) { - __get_user_error(sops[i].sem_num, &tsops->sem_num, err); - __get_user_error(sops[i].sem_op, &tsops->sem_op, err); - __get_user_error(sops[i].sem_flg, &tsops->sem_flg, err); + struct oabi_sembuf osb; + err |= __copy_from_user(&osb, tsops, sizeof(osb)); + sops[i].sem_num = osb.sem_num; + sops[i].sem_op = osb.sem_op; + sops[i].sem_flg = osb.sem_flg; tsops++; } if (timeout) {