www.infradead.org Git - nvme.git/commit

author	Kees Cook <kees@kernel.org>
	Mon, 10 Jun 2024 21:02:27 +0000 (14:02 -0700)
committer	Dave Hansen <dave.hansen@linux.intel.com>
	Tue, 11 Jun 2024 23:08:43 +0000 (16:08 -0700)
commit	8c860ed825cb85f6672cd7b10a8f33e3498a7c81
tree	4753db8ce9f1f4d4a13b7bf738b3ff8f40359577	tree
parent	c625dabbf1c4a8e77e4734014f2fde7aa9071a1f	commit \| diff

x86/uaccess: Fix missed zeroing of ia32 u64 get_user() range checking

When reworking the range checking for get_user(), the get_user_8() case
on 32-bit wasn't zeroing the high register. (The jump to bad_get_user_8
was accidentally dropped.) Restore the correct error handling
destination (and rename the jump to using the expected ".L" prefix).

While here, switch to using a named argument ("size") for the call
template ("%c4" to "%c[size]") as already used in the other call
templates in this file.

Found after moving the usercopy selftests to KUnit:

      # usercopy_test_invalid: EXPECTATION FAILED at
      lib/usercopy_kunit.c:278
      Expected val_u64 == 0, but
          val_u64 == -60129542144 (0xfffffff200000000)

Closes: https://lore.kernel.org/all/CABVgOSn=tb=Lj9SxHuT4_9MTjjKVxsq-ikdXC4kGHO4CfKVmGQ@mail.gmail.com
Fixes: b19b74bc99b1 ("x86/mm: Rework address range check in get_user() and put_user()")
Reported-by: David Gow <davidgow@google.com>
Signed-off-by: Kees Cook <kees@kernel.org>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Reviewed-by: Qiuxu Zhuo <qiuxu.zhuo@intel.com>
Tested-by: David Gow <davidgow@google.com>
Link: https://lore.kernel.org/all/20240610210213.work.143-kees%40kernel.org

arch/x86/include/asm/uaccess.h		diff \| blob \| history
arch/x86/lib/getuser.S		diff \| blob \| history