From: Chen Jiahao chenjiahao16@huawei.com
hulk inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I8JVJ3 CVE: NA
-------------------------------
In U32 mode, the testcase libc_write_01 failed as below:
[INFO][libc_write_01.c][29][main]:ret=4093 [INFO][libc_write_01.c][30][main]:size_max=-1 libc_write_01_u32: libc_write_01.c:31: main: Assertion `ret==-1' failed. Aborted
The error here is due to the __range_ok check of "addr + size <= TASK_SIZE_MAX" is not performed as expectation.
For U32 testcase libc_write_01, the specified "addr + size" is greater than 32-bit limit and should return -EFAULT, but TASK_SIZE_MAX still defined as UL(1) << VA_BITS in U32 mode, which is much greater than "addr + size" and cannot catch the overflow error.
Fix above testcase failure by defining TASK_SIZE_MAX as 32-bit limit. Since is_compat_task() check leads to performance reduction by 4.89% on libMicro, the fix is wrapped by CONFIG_COMPAT_TASK_SIZE with default n. The performance will not be affected unless open this config manually.
Fixes: cb478b93dc44 ("arm64: replace is_compat_task() with is_ilp32_compat_task() in TASK_SIZE_MAX") Signed-off-by: Chen Jiahao chenjiahao16@huawei.com Signed-off-by: Jinjie Ruan ruanjinjie@huawei.com --- arch/arm64/Kconfig | 7 +++++++ arch/arm64/include/asm/processor.h | 5 +++++ 2 files changed, 12 insertions(+)
diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index 920f43df3da1..a18106994c98 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -1675,6 +1675,13 @@ config THUMB2_COMPAT_VDSO config COMPAT_ALIGNMENT_FIXUPS bool "Fix up misaligned multi-word loads and stores in user space"
+config COMPAT_TASK_SIZE + bool "Set 32-bit compatible task size" + default n + help + Set the task size with 32-bit limit, to be compatible with + 32-bit EL0 tasks. + menuconfig ARMV8_DEPRECATED bool "Emulate deprecated/obsolete ARMv8 instructions" depends on AARCH32_EL0 diff --git a/arch/arm64/include/asm/processor.h b/arch/arm64/include/asm/processor.h index 10aae8d9c667..44cada63ed08 100644 --- a/arch/arm64/include/asm/processor.h +++ b/arch/arm64/include/asm/processor.h @@ -55,8 +55,13 @@ #define TASK_SIZE_64 (UL(1) << vabits_actual)
#ifdef CONFIG_COMPAT +#ifdef CONFIG_COMPAT_TASK_SIZE +#define TASK_SIZE_MAX (is_compat_task() ? \ + UL(0x100000000) : (UL(1) << VA_BITS)) +#else #define TASK_SIZE_MAX (is_ilp32_compat_task() ? \ UL(0x100000000) : (UL(1) << VA_BITS)) +#endif #if defined(CONFIG_ARM64_64K_PAGES) && defined(CONFIG_KUSER_HELPERS) /* * With CONFIG_ARM64_64K_PAGES enabled, the last page is occupied