From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id F131EC77B7C for ; Wed, 31 May 2023 11:59:01 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 77D4E6B0078; Wed, 31 May 2023 07:59:01 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 72D636B009E; Wed, 31 May 2023 07:59:01 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 5F6328E0002; Wed, 31 May 2023 07:59:01 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 4FEE56B0078 for ; Wed, 31 May 2023 07:59:01 -0400 (EDT) Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 2861FAE499 for ; Wed, 31 May 2023 11:59:01 +0000 (UTC) X-FDA: 80850404082.15.3CEB30D Received: from mail-lj1-f170.google.com (mail-lj1-f170.google.com [209.85.208.170]) by imf28.hostedemail.com (Postfix) with ESMTP id 14DD6C0007 for ; Wed, 31 May 2023 11:58:58 +0000 (UTC) Authentication-Results: imf28.hostedemail.com; dkim=pass header.d=gmail.com header.s=20221208 header.b=AYU4PNqV; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf28.hostedemail.com: domain of olsajiri@gmail.com designates 209.85.208.170 as permitted sender) smtp.mailfrom=olsajiri@gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1685534339; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=IX4gzV66YT4zrvW9HS28mQBpWf+TvKBCO6//YvTcJYQ=; b=aZrhHaWabfhTKIR8sJLop2d81yT/5+o1o+8IJSCbji5+XfpEVCnM/zuUZvIrxAyJ5lg9P+ mqn7b8/ZOJAWfqpKz6k8ZcK7nzn5M13mjnMQGqDS8xR6Vo4zlMlsSdbDJYd0wo5MU895J2 mUc1jpGnXEUc8qlR6qU+bFXkyJjNRNg= ARC-Authentication-Results: i=1; imf28.hostedemail.com; dkim=pass header.d=gmail.com header.s=20221208 header.b=AYU4PNqV; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf28.hostedemail.com: domain of olsajiri@gmail.com designates 209.85.208.170 as permitted sender) smtp.mailfrom=olsajiri@gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1685534339; a=rsa-sha256; cv=none; b=ZiZuAzmlibfKQUl34LL+nJfoRW0yQPf59LiFBrz9oNi9Wmd90J/a0XjZwQO1a11nnuIXQz 9L39epweGvxS5Ru0F+jTRE9CTC64Qm776Tih0EbWEeAK6+xd9MCjqG2OvF9nGM2q006lAx upJgUKxB/EIpYtlyasfbTIHbgBNjEk8= Received: by mail-lj1-f170.google.com with SMTP id 38308e7fff4ca-2af2c35fb85so59653241fa.3 for ; Wed, 31 May 2023 04:58:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1685534337; x=1688126337; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:date:from:from:to:cc:subject:date:message-id:reply-to; bh=IX4gzV66YT4zrvW9HS28mQBpWf+TvKBCO6//YvTcJYQ=; b=AYU4PNqVMIRw9Gwmb045moSUBW8/BbXR3Ld1NE78edC2mPBAeHOm2+0nwIj4JQtREq 5XcrgRqd6esjeRVx322/QD+kGGA1rC9CZfpul/DXdUWu5wP7Mq/OLfkD3+UZzXUfU2+g uW5f/KyHWO3knis/EWwHFD+aF3uxeXzNxhq2rktYAxKrcRCeVYHdoDfbnYexdsb6vd2f tuZHxTdG/9FZstvq+JUboVVNt4IKjlQXqKt/WJVq7HtaKDGd9SuILvb6tKLQMG3KNwMW R7i9I47h/X4H9ciz7DToZYYiXV4fXDqh3i6c4GWw0peiptW4ujuTQA2caaIPNvBgKeXV wj3w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685534337; x=1688126337; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:date:from:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=IX4gzV66YT4zrvW9HS28mQBpWf+TvKBCO6//YvTcJYQ=; b=kAAoofix/KEEHhl9BJ4z39KGs2pbXXdp7bHP8I/QBtJv3UnGGzaPOsg9vQtoxvlSRH X/njbe9Kp3rtE5tYlg8UQZIoqu2qiOynWhGaGEMvlTKyRjkcb1SGdddkcYpYvtp6nXNB 8pj08WrxjH3px5rnRTfLwbajHXmrAdmZAycUahHQt05NhZqfx1qyMkBlE/nOr8TTqsjq 8qWiLaamtKVoPKiSJrPFEJSftCJkFl74ehYcTrUCJC6gX1u2Tu2d/cAM3JnFb0OmWhGy 9VMB20mxHNXPLRbR3gpd24SxupenEkqLddiIEtXzBs0wj8Evs+Tfg6CxX94A3Sl0p6l1 mnIA== X-Gm-Message-State: AC+VfDwqXqVHHeTqAoa2Fpho7CHyI7+CtVRlMqrVv+Tn2R5hhmF5GrXk b6QiBHlG5b9udaYFeWmR9AY= X-Google-Smtp-Source: ACHHUZ5SKzEs+gPeYQJC6iSOXmf4/OM5YKps36aprdVuouI9ByjmxeBEQzy0XVLwSTTp9I7BXjYzBg== X-Received: by 2002:a2e:8283:0:b0:2a8:e4d3:11e2 with SMTP id y3-20020a2e8283000000b002a8e4d311e2mr2738972ljg.39.1685534336824; Wed, 31 May 2023 04:58:56 -0700 (PDT) Received: from krava (2001-1ae9-1c2-4c00-726e-c10f-8833-ff22.ip6.tmcz.cz. [2001:1ae9:1c2:4c00:726e:c10f:8833:ff22]) by smtp.gmail.com with ESMTPSA id os5-20020a170906af6500b0094e62aa8bcesm8793829ejb.29.2023.05.31.04.58.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 31 May 2023 04:58:56 -0700 (PDT) From: Jiri Olsa X-Google-Original-From: Jiri Olsa Date: Wed, 31 May 2023 13:58:54 +0200 To: Lorenzo Stoakes Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, Andrew Morton , Baoquan He , Uladzislau Rezki , Matthew Wilcox , David Hildenbrand , Liu Shixin , Jens Axboe , Alexander Viro Subject: Re: [PATCH v8 1/4] fs/proc/kcore: avoid bounce buffer for ktext data Message-ID: References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Rspamd-Queue-Id: 14DD6C0007 X-Rspam-User: X-Rspamd-Server: rspam04 X-Stat-Signature: 9au3gzawt9kju8h1bcf8cu3cnc5j8341 X-HE-Tag: 1685534338-144581 X-HE-Meta: U2FsdGVkX18AvtNWu9DlitZIH88dW2X9xlUAfZG77tUTiBdocvsf23HtAd0kJgsR4VAJZ40XYa9pr/GBreyp9b0DHJca1JXmBSBSsywYcDyiNOpQwURjSJCEDaPgTian+xdUVzntuCh8ZTxvlYJl46K+odENOshL2DjoC0Dg1cxQXU+24Vlo1w04p5BSCREr9n1T0ZLt0z+3Klu2QDEd84wN3jXHUszcCxBBAQz9GGHUf9DJ3+CAY4mrPPa2iEpHJFszXpVVUtvBAOPOooXS0yQ5AT8Sg73vncj1l4RFZj/rgLKsQ+Lh98Rq+UF3o79Ot1Dl7NNITyJbaoS2f7cOEtrIIZxRV4N5ECApYxM3sk4xGYu/UQI0KGBe75t7h+lx6S5j3zFGtye2Wdp581hf8+bQqhvlpen0IhWpmJbVXeZQMg4vGApmvfIE/0Nx+tqyDgwFcDPAflOUg67GIDDonSqHL7L2MNsEnKWnnsjth6p1sXQjpFhKQK6pr3ILE8r2/pPjoSE9xeo+X5tfCN4LQ0SMzDjTamzv8xV7lTFcsysch0kTVxSwVTfaMAJW32/8xymPXMPg4KHVyn2TMwMPRB9JFiAwwWTIQq7gYccqzFiDjfAMF9msURJnh17UZeRNOFJWA1qDX2zI7cICDzwCCXJ3kkcwMFk0zbyykV8IspcZqXb4yaFV1dGP02uu8lK5AMrzPvH+0yD1ZSNJHKCe8nADK9TAXsXm+Rmwvl5kmC1Os3hctymRkFpUN2nPnL+gNT99FI6nD+SGAqmli7D1kKeDasmwdOvxITjimoTIefx7RSk3GQT7AIr3/EwdU7o/AP4jfhUzF1ulKuZMASJLO70f7HvUnaGVt1nJ5hHeey7xAroKU1CJvfSuUArRiOr0R/F0CIyx3zZ8l4i00j1Edg8GY2L2+WkYEVlLRqeQlU40/P8C4Q0/dlUZ64gNEZ54+1Dxn69PSKlsoulo6Pm Fp8X/Z// ELxRUPFSYRmiQrK4Mh62sm1TpMojMAoeSPfo3M5WcA3lyOgwEn/60JKjwCXJrzu3Tl1xjqAV+aehamXD03KA/hx83CR1n15fGgokq4s2LNhsgptX8KA2YEjckoaN5piaVNaIbMh1w7siE5JAqU5Ojcel46ZmmwQuD/hF7nJLd/RZTDiNfBLYwTaaN3y74/Ik1MsYs17U3ciPfGaBdobALQWou69tIt46p+afQc4XE9lpqscGUcZBnv8W/IS/0hbBytGjsX/Daj9v6moa/CngI2U8CAyuldRAR6WIxZ0BBxThxiF/TWLmYu1rd+LCVV/RNFuscVYCRW+H1xe1RaRwE6OAIZ9DBE2bMUjJnQZGEbrGW3KdKhKGSO0hrf1DNtXLDywPA015pQ/+yOtOgqGHNkERxaV67yPqSQ5xVjvxB2ulSsF7M+s15mM2YKVgfoD/trN9YVcjYg/4qA1LGQ6imkeAq0w== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Thu, Mar 23, 2023 at 10:15:16AM +0000, Lorenzo Stoakes wrote: > Commit df04abfd181a ("fs/proc/kcore.c: Add bounce buffer for ktext data") > introduced the use of a bounce buffer to retrieve kernel text data for > /proc/kcore in order to avoid failures arising from hardened user copies > enabled by CONFIG_HARDENED_USERCOPY in check_kernel_text_object(). > > We can avoid doing this if instead of copy_to_user() we use _copy_to_user() > which bypasses the hardening check. This is more efficient than using a > bounce buffer and simplifies the code. > > We do so as part an overall effort to eliminate bounce buffer usage in the > function with an eye to converting it an iterator read. > > Signed-off-by: Lorenzo Stoakes > Reviewed-by: David Hildenbrand hi, sorry for late feedback, but looks like this one breaks reading /proc/kcore with objdump for me: # cat /proc/kallsyms | grep ksys_read ffffffff8150ebc0 T ksys_read # objdump -d --start-address=0xffffffff8150ebc0 --stop-address=0xffffffff8150ebd0 /proc/kcore /proc/kcore: file format elf64-x86-64 objdump: Reading section load1 failed because: Bad address reverting this makes it work again thanks, jirka > --- > fs/proc/kcore.c | 17 +++++------------ > 1 file changed, 5 insertions(+), 12 deletions(-) > > diff --git a/fs/proc/kcore.c b/fs/proc/kcore.c > index 71157ee35c1a..556f310d6aa4 100644 > --- a/fs/proc/kcore.c > +++ b/fs/proc/kcore.c > @@ -541,19 +541,12 @@ read_kcore(struct file *file, char __user *buffer, size_t buflen, loff_t *fpos) > case KCORE_VMEMMAP: > case KCORE_TEXT: > /* > - * Using bounce buffer to bypass the > - * hardened user copy kernel text checks. > + * We use _copy_to_user() to bypass usermode hardening > + * which would otherwise prevent this operation. > */ > - if (copy_from_kernel_nofault(buf, (void *)start, tsz)) { > - if (clear_user(buffer, tsz)) { > - ret = -EFAULT; > - goto out; > - } > - } else { > - if (copy_to_user(buffer, buf, tsz)) { > - ret = -EFAULT; > - goto out; > - } > + if (_copy_to_user(buffer, (char *)start, tsz)) { > + ret = -EFAULT; > + goto out; > } > break; > default: > -- > 2.39.2 >