Commit 7f818906 authored by Linus Torvalds's avatar Linus Torvalds

x86: don't use 'access_ok()' as a range check in get_user_pages_fast()

It's really not right to use 'access_ok()', since that is meant for the
normal "get_user()" and "copy_from/to_user()" accesses, which are done
through the TLB, rather than through the page tables.

Why? access_ok() does both too few, and too many checks.  Too many,
because it is meant for regular kernel accesses that will not honor the
'user' bit in the page tables, and because it honors the USER_DS vs
KERNEL_DS distinction that we shouldn't care about in GUP.  And too few,
because it doesn't do the 'canonical' check on the address on x86-64,
since the TLB will do that for us.

So instead of using a function that isn't meant for this, and does
something else and much more complicated, just do the real rules: we
don't want the range to overflow, and on x86-64, we want it to be a
canonical low address (on 32-bit, all addresses are canonical).
Acked-by: default avatarIngo Molnar <mingo@elte.hu>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent fb20871a
...@@ -247,10 +247,15 @@ int get_user_pages_fast(unsigned long start, int nr_pages, int write, ...@@ -247,10 +247,15 @@ int get_user_pages_fast(unsigned long start, int nr_pages, int write,
start &= PAGE_MASK; start &= PAGE_MASK;
addr = start; addr = start;
len = (unsigned long) nr_pages << PAGE_SHIFT; len = (unsigned long) nr_pages << PAGE_SHIFT;
end = start + len; end = start + len;
if (unlikely(!access_ok(write ? VERIFY_WRITE : VERIFY_READ, if (end < start)
(void __user *)start, len))) goto slow_irqon;
#ifdef CONFIG_X86_64
if (end >> __VIRTUAL_MASK_SHIFT)
goto slow_irqon; goto slow_irqon;
#endif
/* /*
* XXX: batch / limit 'nr', to avoid large irq off latency * XXX: batch / limit 'nr', to avoid large irq off latency
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment