Date: Mon, 19 Oct 2020 12:06:16 +0000 (UTC) From: Andrew Turner <andrew@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r366831 - head/sys/arm64/arm64 Message-ID: <202010191206.09JC6Gi0063682@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: andrew Date: Mon Oct 19 12:06:16 2020 New Revision: 366831 URL: https://svnweb.freebsd.org/changeset/base/366831 Log: Move the arm64 userspace access checks to macros In the functions that copy between userspace and kernel space we check the user space address is valid before performing the copy. These are mostly identical within each type of function so create two macros to perform the check. Obtained from: CheriBSD Sponsored by: Innovate UK Modified: head/sys/arm64/arm64/copyinout.S head/sys/arm64/arm64/support.S Modified: head/sys/arm64/arm64/copyinout.S ============================================================================== --- head/sys/arm64/arm64/copyinout.S Mon Oct 19 10:38:40 2020 (r366830) +++ head/sys/arm64/arm64/copyinout.S Mon Oct 19 12:06:16 2020 (r366831) @@ -37,6 +37,14 @@ __FBSDID("$FreeBSD$"); #include "assym.inc" +.macro check_user_access user_arg, size_arg, bad_access_func + adds x6, x\user_arg, x\size_arg + b.cs \bad_access_func + ldr x7, =VM_MAXUSER_ADDRESS + cmp x6, x7 + b.hi \bad_access_func +.endm + /* * Fault handler for the copy{in,out} functions below. */ @@ -55,11 +63,7 @@ END(copyio_fault) */ ENTRY(copyout) cbz x2, 1f - adds x3, x1, x2 - b.cs copyio_fault_nopcb - ldr x4, =VM_MAXUSER_ADDRESS - cmp x3, x4 - b.hi copyio_fault_nopcb + check_user_access 1, 2, copyio_fault_nopcb b copycommon @@ -75,11 +79,7 @@ END(copyout) */ ENTRY(copyin) cbz x2, 1f - adds x3, x0, x2 - b.cs copyio_fault_nopcb - ldr x4, =VM_MAXUSER_ADDRESS - cmp x3, x4 - b.hi copyio_fault_nopcb + check_user_access 0, 2, copyio_fault_nopcb b copycommon Modified: head/sys/arm64/arm64/support.S ============================================================================== --- head/sys/arm64/arm64/support.S Mon Oct 19 10:38:40 2020 (r366830) +++ head/sys/arm64/arm64/support.S Mon Oct 19 12:06:16 2020 (r366831) @@ -38,6 +38,12 @@ __FBSDID("$FreeBSD$"); #include "assym.inc" +.macro check_user_access user_arg, limit, bad_addr_func + ldr x7, =(\limit) + cmp x\user_arg, x7 + b.cs \bad_addr_func +.endm + /* * One of the fu* or su* functions failed, return -1. */ @@ -53,9 +59,7 @@ END(fsu_fault) * int casueword32(volatile uint32_t *, uint32_t, uint32_t *, uint32_t) */ ENTRY(casueword32) - ldr x4, =(VM_MAXUSER_ADDRESS-3) - cmp x0, x4 - b.cs fsu_fault_nopcb + check_user_access 0, (VM_MAXUSER_ADDRESS-3), fsu_fault_nopcb adr x6, fsu_fault /* Load the fault handler */ mov w5, #1 SET_FAULT_HANDLER(x6, x4) /* And set it */ @@ -75,9 +79,7 @@ END(casueword32) * int casueword(volatile u_long *, u_long, u_long *, u_long) */ ENTRY(casueword) - ldr x4, =(VM_MAXUSER_ADDRESS-7) - cmp x0, x4 - b.cs fsu_fault_nopcb + check_user_access 0, (VM_MAXUSER_ADDRESS-7), fsu_fault_nopcb adr x6, fsu_fault /* Load the fault handler */ mov w5, #1 SET_FAULT_HANDLER(x6, x4) /* And set it */ @@ -97,9 +99,7 @@ END(casueword) * int fubyte(volatile const void *) */ ENTRY(fubyte) - ldr x1, =VM_MAXUSER_ADDRESS - cmp x0, x1 - b.cs fsu_fault_nopcb + check_user_access 0, (VM_MAXUSER_ADDRESS), fsu_fault_nopcb adr x6, fsu_fault /* Load the fault handler */ SET_FAULT_HANDLER(x6, x1) /* And set it */ ldtrb w0, [x0] /* Try loading the data */ @@ -111,9 +111,7 @@ END(fubyte) * int fuword(volatile const void *) */ ENTRY(fuword16) - ldr x1, =(VM_MAXUSER_ADDRESS-1) - cmp x0, x1 - b.cs fsu_fault_nopcb + check_user_access 0, (VM_MAXUSER_ADDRESS-1), fsu_fault_nopcb adr x6, fsu_fault /* Load the fault handler */ SET_FAULT_HANDLER(x6, x1) /* And set it */ ldtrh w0, [x0] /* Try loading the data */ @@ -125,9 +123,7 @@ END(fuword16) * int32_t fueword32(volatile const void *, int32_t *) */ ENTRY(fueword32) - ldr x2, =(VM_MAXUSER_ADDRESS-3) - cmp x0, x2 - b.cs fsu_fault_nopcb + check_user_access 0, (VM_MAXUSER_ADDRESS-3), fsu_fault_nopcb adr x6, fsu_fault /* Load the fault handler */ SET_FAULT_HANDLER(x6, x2) /* And set it */ ldtr w0, [x0] /* Try loading the data */ @@ -143,9 +139,7 @@ END(fueword32) */ ENTRY(fueword) EENTRY(fueword64) - ldr x2, =(VM_MAXUSER_ADDRESS-7) - cmp x0, x2 - b.cs fsu_fault_nopcb + check_user_access 0, (VM_MAXUSER_ADDRESS-7), fsu_fault_nopcb adr x6, fsu_fault /* Load the fault handler */ SET_FAULT_HANDLER(x6, x2) /* And set it */ ldtr x0, [x0] /* Try loading the data */ @@ -160,9 +154,7 @@ END(fueword) * int subyte(volatile void *, int) */ ENTRY(subyte) - ldr x2, =VM_MAXUSER_ADDRESS - cmp x0, x2 - b.cs fsu_fault_nopcb + check_user_access 0, (VM_MAXUSER_ADDRESS), fsu_fault_nopcb adr x6, fsu_fault /* Load the fault handler */ SET_FAULT_HANDLER(x6, x2) /* And set it */ sttrb w1, [x0] /* Try storing the data */ @@ -175,9 +167,7 @@ END(subyte) * int suword16(volatile void *, int) */ ENTRY(suword16) - ldr x2, =(VM_MAXUSER_ADDRESS-1) - cmp x0, x2 - b.cs fsu_fault_nopcb + check_user_access 0, (VM_MAXUSER_ADDRESS-1), fsu_fault_nopcb adr x6, fsu_fault /* Load the fault handler */ SET_FAULT_HANDLER(x6, x2) /* And set it */ sttrh w1, [x0] /* Try storing the data */ @@ -190,9 +180,7 @@ END(suword16) * int suword32(volatile void *, int) */ ENTRY(suword32) - ldr x2, =(VM_MAXUSER_ADDRESS-3) - cmp x0, x2 - b.cs fsu_fault_nopcb + check_user_access 0, (VM_MAXUSER_ADDRESS-3), fsu_fault_nopcb adr x6, fsu_fault /* Load the fault handler */ SET_FAULT_HANDLER(x6, x2) /* And set it */ sttr w1, [x0] /* Try storing the data */ @@ -206,9 +194,7 @@ END(suword32) */ ENTRY(suword) EENTRY(suword64) - ldr x2, =(VM_MAXUSER_ADDRESS-7) - cmp x0, x2 - b.cs fsu_fault_nopcb + check_user_access 0, (VM_MAXUSER_ADDRESS-7), fsu_fault_nopcb adr x6, fsu_fault /* Load the fault handler */ SET_FAULT_HANDLER(x6, x2) /* And set it */ sttr x1, [x0] /* Try storing the data */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202010191206.09JC6Gi0063682>