linux/arch/x86/lib
Jan Beulich 3df7b41aa5 x86: Unify copy_from_user() size checking
Commits 4a31276930 ("x86: Turn the
copy_from_user check into an (optional) compile time warning")
and 63312b6a6f ("x86: Add a
Kconfig option to turn the copy_from_user warnings into errors")
touched only the 32-bit variant of copy_from_user(), whereas the
original commit 9f0cf4adb6 ("x86:
Use __builtin_object_size() to validate the buffer size for
copy_from_user()") also added the same code to the 64-bit one.

Further the earlier conversion from an inline WARN() to the call
to copy_from_user_overflow() went a little too far: When the
number of bytes to be copied is not a constant (e.g. [looking at
3.11] in drivers/net/tun.c:__tun_chr_ioctl() or
drivers/pci/pcie/aer/aer_inject.c:aer_inject_write()), the
compiler will always have to keep the funtion call, and hence
there will always be a warning. By using __builtin_constant_p()
we can avoid this.

And then this slightly extends the effect of
CONFIG_DEBUG_STRICT_USER_COPY_CHECKS in that apart from
converting warnings to errors in the constant size case, it
retains the (possibly wrong) warnings in the non-constant size
case, such that if someone is prepared to get a few false
positives, (s)he'll be able to recover the current behavior
(except that these diagnostics now will never be converted to
errors).

Since the 32-bit variant (intentionally) didn't call
might_fault(), the unification results in this being called
twice now. Adding a suitable #ifdef would be the alternative if
that's a problem.

I'd like to point out though that with
__compiletime_object_size() being restricted to gcc before 4.6,
the whole construct is going to become more and more pointless
going forward. I would question however that commit
2fb0815c9e ("gcc4: disable
__compiletime_object_size for GCC 4.6+") was really necessary,
and instead this should have been dealt with as is done here
from the beginning.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Cc: Arjan van de Ven <arjan@linux.intel.com>
Cc: Guenter Roeck <linux@roeck-us.net>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/5265056D02000078000FC4F3@nat28.tlf.novell.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2013-10-26 12:27:36 +02:00
..
.gitignore x86: Gitignore: arch/x86/lib/inat-tables.c 2009-11-04 13:11:28 +01:00
atomic64_32.c x86: Adjust asm constraints in atomic64 wrappers 2012-01-20 17:29:31 -08:00
atomic64_386_32.S x86: atomic64 assembly improvements 2012-01-20 17:29:49 -08:00
atomic64_cx8_32.S x86: atomic64 assembly improvements 2012-01-20 17:29:49 -08:00
cache-smp.c x86, lib: Add wbinvd smp helpers 2010-01-22 16:05:42 -08:00
checksum_32.S x86/lib: Fix spelling, put space between a numeral and its units 2013-04-15 11:40:32 +02:00
clear_page_64.S x86, mem: clear_page_64.S: Support clear_page() with enhanced REP MOVSB/STOSB 2011-05-17 15:40:27 -07:00
cmpxchg8b_emu.S x86: Provide an alternative() based cmpxchg64() 2009-09-30 22:55:59 +02:00
cmpxchg16b_emu.S percpu: Omit segment prefix in the UP case for cmpxchg_double 2011-03-27 19:25:36 -07:00
copy_page_64.S x86/asm: Clean up copy_page_*() comments and code 2012-10-24 12:42:47 +02:00
copy_user_64.S x86, smap: Add STAC and CLAC instructions to control user space access 2012-09-21 12:45:27 -07:00
copy_user_nocache_64.S x86, smap: Add STAC and CLAC instructions to control user space access 2012-09-21 12:45:27 -07:00
csum-copy_64.S x86, extable: Remove open-coded exception table entries in arch/x86/lib/csum-copy_64.S 2012-04-20 13:51:39 -07:00
csum-partial_64.c x86: Fix common misspellings 2011-03-18 10:39:30 +01:00
csum-wrappers_64.c x86, smap: Handle csum_partial_copy_*_user() 2013-09-01 14:09:48 -07:00
delay.c X86: drivers: remove __dev* attributes. 2013-01-03 15:57:04 -08:00
getuser.S x86: Be consistent with data size in getuser.S 2013-02-11 23:14:48 -08:00
inat.c x86: Fix to decode grouped AVX with VEX pp bits 2012-02-11 15:11:35 +01:00
insn.c UAPI: x86: Fix insn_sanity build failure after UAPI split 2012-10-02 18:01:56 +01:00
iomap_copy_64.S x86_64: move lib 2007-10-11 11:17:08 +02:00
Makefile x86, 386 removal: Remove CONFIG_CMPXCHG 2012-11-29 13:23:01 -08:00
memcpy_32.c x86/lib: Fix spelling, put space between a numeral and its units 2013-04-15 11:40:32 +02:00
memcpy_64.S x86/lib: Fix spelling, put space between a numeral and its units 2013-04-15 11:40:32 +02:00
memmove_64.S x86/lib: Fix spelling, put space between a numeral and its units 2013-04-15 11:40:32 +02:00
memset_64.S x86-64: Fix memset() to support sizes of 4Gb and above 2012-01-26 11:50:04 +01:00
mmx_32.c x86: clean up mmx_32.c 2008-04-17 17:40:47 +02:00
msr-reg-export.c x86, pvops: Remove hooks for {rd,wr}msr_safe_regs 2012-06-07 11:41:08 -07:00
msr-reg.S x86, pvops: Remove hooks for {rd,wr}msr_safe_regs 2012-06-07 11:41:08 -07:00
msr-smp.c x86, msr: msrs_alloc/free for CONFIG_SMP=n 2009-12-16 15:36:32 -08:00
msr.c x86, msr: msrs_alloc/free for CONFIG_SMP=n 2009-12-16 15:36:32 -08:00
putuser.S x86, smap: Add STAC and CLAC instructions to control user space access 2012-09-21 12:45:27 -07:00
rwlock.S x86: Fix write lock scalability 64-bit issue 2011-07-21 09:03:36 +02:00
rwsem.S x86: Unify rwsem assembly implementation 2011-07-21 09:03:32 +02:00
string_32.c x86/i386: Use less assembly in strlen(), speed things up a bit 2011-12-12 18:33:42 +01:00
strstr_32.c x86: coding style fixes to arch/x86/lib/strstr_32.c 2008-08-15 16:53:24 +02:00
thunk_32.S x86: Remove unused bits from lib/thunk_*.S 2011-02-28 18:06:22 +01:00
thunk_64.S x86: Fix write lock scalability 64-bit issue 2011-07-21 09:03:36 +02:00
usercopy_32.c x86: Unify copy_from_user() size checking 2013-10-26 12:27:36 +02:00
usercopy_64.c x86, asmlinkage: Make several variables used from assembler/linker script visible 2013-08-06 14:20:13 -07:00
usercopy.c perf/x86: Fix broken LBR fixup code 2012-06-13 15:00:28 +02:00
x86-opcode-map.txt x86, insn: Add new opcodes as of June, 2013 2013-08-06 08:08:47 -07:00