Hi, Davidlohr and Thomas,

On Tue, Aug 17, 2021 at 3:03 AM Thomas Gleixner [off-list ref] wrote:

On Mon, Aug 16 2021 at 11:27, Davidlohr Bueso wrote:

quoted

On Mon, 16 Aug 2021, Huacai Chen wrote:

quoted

fault_in_user_writeable() should verify R/W access but only verify W. In
most archs W implies R, but not true in MIPS and LoongArch, so fix it.

Yuck for a find_vma() in futex.c. If this is a problem in MIPS, shouldn't
the fix be there? Furthermore it's stated that fault_in_user_writeable():

"Fault in user address and verify RW access"

That seems to be wishful thinking given the fact that some architectures
do not imply R for FLAG_FAULT_WRITE.

quoted

And you guys seem to have proposed it already:

https://lore.kernel.org/linux-mips/20200630005845.1239974-1-liulichao@loongson.cn/ (local)

This works, but I don't think this is a MIPS problem, so does Thomas
Bogendoerfer. Because write-only page is valid in MIPS (so Thomas
rejected this patch).

That's surely one way to fix that. If that does not work for whatever
reason, then we really don't want this find_vma() hack there, but rather
something like:

I don't know why find_vma() is unacceptable here, there is also
find_vma() in fixup_user_fault().

    if (IS_ENABLED(CONFIG_ARCH_USER_FAULT_VOODOO) && get_user(&tmp, uaddr))
        return -EFAULT;

get_user() may be better than find_vma(), but can we drop
CONFIG_ARCH_USER_FAULT_VOODOO here? On those "W implies R" archs,
get_user() always success, this can simplify the logic.

Huacai

Thanks,

        tglx