From patchwork Wed Oct 31 14:04:33 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Long X-Patchwork-Id: 149833 Delivered-To: patches@linaro.org Received: by 2002:a2e:299d:0:0:0:0:0 with SMTP id p29-v6csp6836441ljp; Wed, 31 Oct 2018 07:05:03 -0700 (PDT) X-Received: by 2002:ab0:6448:: with SMTP id j8mr1474040uap.48.1540994703550; Wed, 31 Oct 2018 07:05:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1540994703; cv=none; d=google.com; s=arc-20160816; b=olapSa5y0maqvn56LYIiXXwSsq3WxUU0g8nLhV6Jeo4NjESJNE1sgvODHEMxk3q+pQ HN8d4FZ+JDULrnGGYkp+3FbMmhDrSTw+Zz/vUplVTs8S8KFm8Www4eoIxCuvm2XAiR+6 iFb8cbEQxoHWJpbCD9I6gZ4usGk9nSYY1M0kc5lPXqjaQmOA3XceDh0a/Hq7gLaqRy91 It6VSMifV02tnwj6xqGAuuClxMEYG5ki9gMiuygQB6O4dJlhGNsN9t6gLJTsLYmVMatA YEOzomD9MYXYkYDQghzeZqRn0EFXEtPY5rwoiGrarE64nruXnBh5a8/3D3RzPaQcSfiA QwLw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=IaoQxTRrxrYBzQWir0u9ErhYqEdp4e5JRmU48kGigvg=; b=FyHa8gailwflcMFAj/9vUyzobPr9y7ZKKbvcH07lBLJZSLByf4SoXoTM3qrUqSAoYr ot/J4MOX5lhtI/zWyVlD9aswp0U6dnQNnXpB0PFkqr8s9K1pwZw2s4J3TKrrcnMfLIUP 3ay/OA3TM8sEQLuGzgrheNmSa0mEDZdImwXiNpIS/blm3yt/bDJJfn0P62zW2GoQE2Kq kRSrjjdY7HBU/hids3FVWKRl0SMTITMa/Cv+4IeGjype5NnyE4ayNUV/lhMzoND12imM Ee+BtJhwTje0a1EW4wjawv2zp6dFBLZTXOq5XMLgrwJf8Fjspen19HYGQ/g8aCfAd6Jb z7ug== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Lm3yNeU7; spf=pass (google.com: domain of dave.long@linaro.org designates 209.85.220.65 as permitted sender) smtp.mailfrom=dave.long@linaro.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id 2sor1772964vse.1.2018.10.31.07.05.03 for (Google Transport Security); Wed, 31 Oct 2018 07:05:03 -0700 (PDT) Received-SPF: pass (google.com: domain of dave.long@linaro.org designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Lm3yNeU7; spf=pass (google.com: domain of dave.long@linaro.org designates 209.85.220.65 as permitted sender) smtp.mailfrom=dave.long@linaro.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=IaoQxTRrxrYBzQWir0u9ErhYqEdp4e5JRmU48kGigvg=; b=Lm3yNeU7dp3fVMR9ihnBDfuEp12hLVC0S2qU8SfRGF0kNy9zLJghafvcu7tgMaodyM 6+zC0pbr2Dw8va3wdODAASQeB85OFZlLVVAf1zOn9Q6AaJTs500Helom6WmRNB8xGMTf fJPV0y37RuwWglISJQTySfw/V1VQEnJbbC+6M= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=IaoQxTRrxrYBzQWir0u9ErhYqEdp4e5JRmU48kGigvg=; b=EDogqwHR81ZpE8/3VZt/dmMWx9YpL7+TuSoVVAEPBUxcE/fKHq2Ns0mZLa7GGSDHYZ qblnipDAsJ+URgUrrQrz8Ir0lFKco9NPQV4mxeqcv7wiRcuTmq4Rxw7YIPY4l+mHPt4w mkgvVJjNLjYBi9s9vPIeC2L2b62WgRyslk0qH401ihctoyqrGaPsp592ApUaNu6SIxWF R3X5/fkae+zOxysukVzvhiQAi+PZJahHQwKHwzEBcaDSh/5yGH52Xx5rN0Uu55M5YaBC SvPLcFXVyBdnzzavROkUNzenwZh6KBYliQtK6RsEWnv+p1jOcFv890C0lA94CrlSULWw OyAA== X-Gm-Message-State: AGRZ1gIMb6PtKqSNC/bY9m/3305Y7N4icASfZIRWrNU+y4nVdh2yAQc+ d7On1TH/98hqyG8CIzH0gTDMigBL X-Google-Smtp-Source: AJdET5e4SBUncKduPx1etMO6a239DXlBZq5CjYL3QSkrykrAb/NDVQi5KDuo5pzTAKFHjHn1FQlO2Q== X-Received: by 2002:a67:f441:: with SMTP id r1mr1340661vsn.164.1540994702737; Wed, 31 Oct 2018 07:05:02 -0700 (PDT) Return-Path: Received: from dave-Dell-System-XPS-L502X.hsd1.nh.comcast.net ([2603:3005:3403:7100:2c71:8680:34e1:a6aa]) by smtp.googlemail.com with ESMTPSA id 6sm6795632vsy.25.2018.10.31.07.05.01 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Oct 2018 07:05:01 -0700 (PDT) From: David Long To: stable@vger.kernel.org, Russell King - ARM Linux , Florian Fainelli , Tony Lindgren , Marc Zyngier , Mark Rutland Cc: Greg KH , Mark Brown Subject: [PATCH 4.4 15/18] ARM: oabi-compat: copy semops using __copy_from_user() Date: Wed, 31 Oct 2018 10:04:33 -0400 Message-Id: <20181031140436.2964-16-dave.long@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181031140436.2964-1-dave.long@linaro.org> References: <20181031140436.2964-1-dave.long@linaro.org> From: Russell King Commit 8c8484a1c18e3231648f5ba7cc5ffb7fd70b3ca4 upstream. __get_user_error() is used as a fast accessor to make copying structure members as efficient as possible. However, with software PAN and the recent Spectre variant 1, the efficiency is reduced as these are no longer fast accessors. In the case of software PAN, it has to switch the domain register around each access, and with Spectre variant 1, it would have to repeat the access_ok() check for each access. Rather than using __get_user_error() to copy each semops element member, copy each semops element in full using __copy_from_user(). Acked-by: Mark Rutland Signed-off-by: Russell King Signed-off-by: David A. Long --- arch/arm/kernel/sys_oabi-compat.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) -- 2.17.1 diff --git a/arch/arm/kernel/sys_oabi-compat.c b/arch/arm/kernel/sys_oabi-compat.c index 5f221acd21ae..640748e27035 100644 --- a/arch/arm/kernel/sys_oabi-compat.c +++ b/arch/arm/kernel/sys_oabi-compat.c @@ -328,9 +328,11 @@ asmlinkage long sys_oabi_semtimedop(int semid, return -ENOMEM; err = 0; for (i = 0; i < nsops; i++) { - __get_user_error(sops[i].sem_num, &tsops->sem_num, err); - __get_user_error(sops[i].sem_op, &tsops->sem_op, err); - __get_user_error(sops[i].sem_flg, &tsops->sem_flg, err); + struct oabi_sembuf osb; + err |= __copy_from_user(&osb, tsops, sizeof(osb)); + sops[i].sem_num = osb.sem_num; + sops[i].sem_op = osb.sem_op; + sops[i].sem_flg = osb.sem_flg; tsops++; } if (timeout) {