Commit f3ba50a7 authored by Catalin Marinas's avatar Catalin Marinas
Browse files

arm64: Add support for user sub-page fault probing 



With MTE, even if the pte allows an access, a mismatched tag somewhere
within a page can still cause a fault. Select ARCH_HAS_SUBPAGE_FAULTS if
MTE is enabled and implement the probe_subpage_writeable() function.
Note that get_user() is sufficient for the writeable MTE check since the
same tag mismatch fault would be triggered by a read. The caller of
probe_subpage_writeable() will need to check the pte permissions
(put_user, GUP).

Signed-off-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
Cc: Will Deacon <will@kernel.org>
Link: https://lore.kernel.org/r/20220423100751.1870771-3-catalin.marinas@arm.com


Signed-off-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
parent da32b581

arch/arm64/Kconfig

+1 −0
Original line number Diff line number Diff line
@@ -1871,6 +1871,7 @@ config ARM64_MTE 
	depends on AS_HAS_LSE_ATOMICS

	# Required for tag checking in the uaccess routines

	depends on ARM64_PAN

	select ARCH_HAS_SUBPAGE_FAULTS

	select ARCH_USES_HIGH_VMA_FLAGS

	help

	  Memory Tagging (part of the ARMv8.5 Extensions) provides

arch/arm64/include/asm/mte.h

+1 −0
Original line number Diff line number Diff line
@@ -47,6 +47,7 @@ long set_mte_ctrl(struct task_struct *task, unsigned long arg); 
long get_mte_ctrl(struct task_struct *task);

int mte_ptrace_copy_tags(struct task_struct *child, long request,

			 unsigned long addr, unsigned long data);

size_t mte_probe_user_range(const char __user *uaddr, size_t size);



#else /* CONFIG_ARM64_MTE */

arch/arm64/include/asm/uaccess.h

+15 −0
Original line number Diff line number Diff line
@@ -460,4 +460,19 @@ static inline int __copy_from_user_flushcache(void *dst, const void __user *src, 
}

#endif



#ifdef CONFIG_ARCH_HAS_SUBPAGE_FAULTS



/*

 * Return 0 on success, the number of bytes not probed otherwise.

 */

static inline size_t probe_subpage_writeable(const char __user *uaddr,

					     size_t size)

{

	if (!system_supports_mte())

		return 0;

	return mte_probe_user_range(uaddr, size);

}



#endif /* CONFIG_ARCH_HAS_SUBPAGE_FAULTS */



#endif /* __ASM_UACCESS_H */

arch/arm64/kernel/mte.c

+30 −0
Original line number Diff line number Diff line
@@ -15,6 +15,7 @@ 
#include <linux/swapops.h>

#include <linux/thread_info.h>

#include <linux/types.h>

#include <linux/uaccess.h>

#include <linux/uio.h>



#include <asm/barrier.h>
@@ -543,3 +544,32 @@ static int register_mte_tcf_preferred_sysctl(void) 
	return 0;

}

subsys_initcall(register_mte_tcf_preferred_sysctl);



/*

 * Return 0 on success, the number of bytes not probed otherwise.

 */

size_t mte_probe_user_range(const char __user *uaddr, size_t size)

{

	const char __user *end = uaddr + size;

	int err = 0;

	char val;



	__raw_get_user(val, uaddr, err);

	if (err)

		return size;



	uaddr = PTR_ALIGN(uaddr, MTE_GRANULE_SIZE);

	while (uaddr < end) {

		/*

		 * A read is sufficient for mte, the caller should have probed

		 * for the pte write permission if required.

		 */

		__raw_get_user(val, uaddr, err);

		if (err)

			return end - uaddr;

		uaddr += MTE_GRANULE_SIZE;

	}

	(void)val;



	return 0;

}