Re: [PATCH v2 6/6] openrisc: uaccess: Add user address space check to access_ok

From: Stafford Horne
Date: Sat Aug 08 2020 - 18:57:45 EST

Next message: Peter Xu: "[PATCH] mm/gup: Allow real explicit breaking of COW"
Previous message: Pavel Machek: "Re: [PATCH v36 23/24] docs: x86/sgx: Document SGX micro architecture and kernel internals"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Aug 06, 2020 at 09:02:29PM +0200, Luc Van Oostenryck wrote:
> On Thu, Aug 06, 2020 at 06:07:25AM +0900, Stafford Horne wrote:
> > Now that __user annotations are fixed for openrisc uaccess api's we can
> > add checking to the access_ok macro. This patch adds the __chk_user_ptr
> > check, on normal builds the added check is a nop.
> >
> > Signed-off-by: Stafford Horne <shorne@xxxxxxxxx>
> > ---
> > arch/openrisc/include/asm/uaccess.h | 3 ++-
> > 1 file changed, 2 insertions(+), 1 deletion(-)
> >
> > diff --git a/arch/openrisc/include/asm/uaccess.h b/arch/openrisc/include/asm/uaccess.h
> > index 85a55359b244..53ddc66abb3f 100644
> > --- a/arch/openrisc/include/asm/uaccess.h
> > +++ b/arch/openrisc/include/asm/uaccess.h
> > @@ -57,7 +57,8 @@ static inline int __range_ok(unsigned long addr, unsigned long size)
> >
> > #define access_ok(addr, size) \
> > ({ \
> > - __range_ok((unsigned long)(addr), (size)); \
> > + __chk_user_ptr(addr); \
> > + __range_ok((__force unsigned long)(addr), (size)); \
> > })
>
> Just for info, __force is not needed when casting a pointer to
> unsigned long (or uintptr_t). It's not incorrect to use one
> but I think it's to avoid __force as much as possible.

Thanks, I didn't realize that. I will fix.

-Stafford

Next message: Peter Xu: "[PATCH] mm/gup: Allow real explicit breaking of COW"
Previous message: Pavel Machek: "Re: [PATCH v36 23/24] docs: x86/sgx: Document SGX micro architecture and kernel internals"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]