From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id A359FC433FE for ; Tue, 15 Feb 2022 08:18:06 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 21F056B0078; Tue, 15 Feb 2022 03:18:06 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 1B2926B007B; Tue, 15 Feb 2022 03:18:06 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 06FD26B007D; Tue, 15 Feb 2022 03:18:06 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0077.hostedemail.com [216.40.44.77]) by kanga.kvack.org (Postfix) with ESMTP id EB8E36B0078 for ; Tue, 15 Feb 2022 03:18:05 -0500 (EST) Received: from smtpin27.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay04.hostedemail.com (Postfix) with ESMTP id 9E1B38B313 for ; Tue, 15 Feb 2022 08:18:05 +0000 (UTC) X-FDA: 79144311330.27.E2E451C Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by imf06.hostedemail.com (Postfix) with ESMTP id 0E99A180007 for ; Tue, 15 Feb 2022 08:18:04 +0000 (UTC) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 4A3046167B for ; Tue, 15 Feb 2022 08:18:04 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id F3673C34100 for ; Tue, 15 Feb 2022 08:18:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1644913083; bh=04jl3xlTAr2mAK86GyJL0xbgNN5b7HtshwArFPtWTHk=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=JFbgd4GlnCmYlfVsZNC4pC5DaoybAkiD439I2lAuLGWklWPCkh9BYx/gaFEALYeAZ EDbbt2x+Gn8jY5DYqXPlc7epllKvB4LDVmyC65CUb1frDP1ElDo/YpFY1Ok/TTN1i1 lajx+1uK3VwtInB+xODYFBMHyngxEmdqmLTEPqN+qBqtadTGoHpdTl4MchQN+xyNAJ 9raLizb1FWd5iKXSrcUJ7xnO4ydILGA1LksXpYLfMch5GYpP+LfbPq69+PChLNmHA/ JJG72XRwXIHObQ/fioXZc3V+10DtmJDHq/fpYc9mzf+MtTdHW/hCvg5O11ixzX2U52 Gaqoa8RBfoGvg== Received: by mail-wr1-f48.google.com with SMTP id u1so16936819wrg.11 for ; Tue, 15 Feb 2022 00:18:02 -0800 (PST) X-Gm-Message-State: AOAM531d1mALgTaS+NoCDBo47q7WOpSctRr2ouGYta48Mmt1pxsJ7OTH JbocFZsVMV3AFM6mOnYDbsPuS5Eup6wA/KFsW/k= X-Google-Smtp-Source: ABdhPJw4PL6nNrFqa4c6RC8ozuX9Vj+TpXvd1rMYfibECm69yxHe+9RwBgU/na3QadsOPEjyGv1buhx93wXVXPObDfI= X-Received: by 2002:a5d:490d:: with SMTP id x13mr2213081wrq.417.1644913080942; Tue, 15 Feb 2022 00:18:00 -0800 (PST) MIME-Version: 1.0 References: <20220214163452.1568807-1-arnd@kernel.org> <20220214163452.1568807-9-arnd@kernel.org> In-Reply-To: <20220214163452.1568807-9-arnd@kernel.org> From: Ard Biesheuvel Date: Tue, 15 Feb 2022 09:17:48 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 08/14] arm64: simplify access_ok() To: Arnd Bergmann Cc: Linus Torvalds , Christoph Hellwig , linux-arch , Linux Memory Management List , linux-api@vger.kernel.org, Arnd Bergmann , Linux Kernel Mailing List , Russell King , Will Deacon , Guo Ren , Brian Cain , Geert Uytterhoeven , monstr@monstr.eu, Thomas Bogendoerfer , Nick Hu , Greentime Hu , dinguyen@kernel.org, Stafford Horne , Helge Deller , Michael Ellerman , Peter Zijlstra , Ingo Molnar , Mark Rutland , Heiko Carstens , Rich Felker , "David S. Miller" , Richard Weinberger , X86 ML , Max Filippov , "Eric W. Biederman" , Andrew Morton , alpha , linux-snps-arc@lists.infradead.org, Linux ARM , linux-csky@vger.kernel.org, linux-hexagon@vger.kernel.org, linux-ia64@vger.kernel.org, linux-m68k , "open list:MIPS" , openrisc@lists.librecores.org, "open list:PARISC ARCHITECTURE" , "open list:LINUX FOR POWERPC (32-BIT AND 64-BIT)" , linux-riscv , "open list:S390" , linux-sh@vger.kernel.org, "open list:SPARC + UltraSPARC (sparc/sparc64)" , linux-um , "open list:TENSILICA XTENSA PORT (xtensa)" , Robin Murphy Content-Type: text/plain; charset="UTF-8" X-Rspamd-Server: rspam09 X-Rspamd-Queue-Id: 0E99A180007 X-Rspam-User: Authentication-Results: imf06.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=JFbgd4Gl; spf=pass (imf06.hostedemail.com: domain of ardb@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=ardb@kernel.org; dmarc=pass (policy=none) header.from=kernel.org X-Stat-Signature: xmwe3gt9uqjbxw3i3seo5eaq5yk18bz3 X-HE-Tag: 1644913084-274996 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Mon, 14 Feb 2022 at 17:37, Arnd Bergmann wrote: > > From: Arnd Bergmann > > arm64 has an inline asm implementation of access_ok() that is derived from > the 32-bit arm version and optimized for the case that both the limit and > the size are variable. With set_fs() gone, the limit is always constant, > and the size usually is as well, so just using the default implementation > reduces the check into a comparison against a constant that can be > scheduled by the compiler. > > On a defconfig build, this saves over 28KB of .text. > > Signed-off-by: Arnd Bergmann > --- > arch/arm64/include/asm/uaccess.h | 28 +++++----------------------- > 1 file changed, 5 insertions(+), 23 deletions(-) > > diff --git a/arch/arm64/include/asm/uaccess.h b/arch/arm64/include/asm/uaccess.h > index 357f7bd9c981..e8dce0cc5eaa 100644 > --- a/arch/arm64/include/asm/uaccess.h > +++ b/arch/arm64/include/asm/uaccess.h > @@ -26,6 +26,8 @@ > #include > #include > > +static inline int __access_ok(const void __user *ptr, unsigned long size); > + > /* > * Test whether a block of memory is a valid user space address. > * Returns 1 if the range is valid, 0 otherwise. > @@ -33,10 +35,8 @@ > * This is equivalent to the following test: > * (u65)addr + (u65)size <= (u65)TASK_SIZE_MAX > */ > -static inline unsigned long __access_ok(const void __user *addr, unsigned long size) > +static inline int access_ok(const void __user *addr, unsigned long size) > { > - unsigned long ret, limit = TASK_SIZE_MAX - 1; > - > /* > * Asynchronous I/O running in a kernel thread does not have the > * TIF_TAGGED_ADDR flag of the process owning the mm, so always untag > @@ -46,27 +46,9 @@ static inline unsigned long __access_ok(const void __user *addr, unsigned long s > (current->flags & PF_KTHREAD || test_thread_flag(TIF_TAGGED_ADDR))) > addr = untagged_addr(addr); > > - __chk_user_ptr(addr); > - asm volatile( > - // A + B <= C + 1 for all A,B,C, in four easy steps: > - // 1: X = A + B; X' = X % 2^64 > - " adds %0, %3, %2\n" > - // 2: Set C = 0 if X > 2^64, to guarantee X' > C in step 4 > - " csel %1, xzr, %1, hi\n" > - // 3: Set X' = ~0 if X >= 2^64. For X == 2^64, this decrements X' > - // to compensate for the carry flag being set in step 4. For > - // X > 2^64, X' merely has to remain nonzero, which it does. > - " csinv %0, %0, xzr, cc\n" > - // 4: For X < 2^64, this gives us X' - C - 1 <= 0, where the -1 > - // comes from the carry in being clear. Otherwise, we are > - // testing X' - C == 0, subject to the previous adjustments. > - " sbcs xzr, %0, %1\n" > - " cset %0, ls\n" > - : "=&r" (ret), "+r" (limit) : "Ir" (size), "0" (addr) : "cc"); > - > - return ret; > + return likely(__access_ok(addr, size)); > } > -#define __access_ok __access_ok > +#define access_ok access_ok > > #include > > -- > 2.29.2 > With set_fs() out of the picture, wouldn't it be sufficient to check that bit #55 is clear? (the bit that selects between TTBR0 and TTBR1) That would also remove the need to strip the tag from the address. Something like asm goto("tbnz %0, #55, %2 \n" "tbnz %1, #55, %2 \n" :: "r"(addr), "r"(addr + size - 1) :: notok); return 1; notok: return 0; with an additional sanity check on the size which the compiler could eliminate for compile-time constant values.