diff options
author | Russell King <rmk+kernel@armlinux.org.uk> | 2018-07-09 11:13:36 +0200 |
---|---|---|
committer | Russell King <rmk+kernel@armlinux.org.uk> | 2018-08-02 18:41:37 +0200 |
commit | 42019fc50dfadb219f9e6ddf4c354f3837057d80 (patch) | |
tree | 7c2173ccdbd6aec6c1bf37434df28a408f986384 /arch/arm/kernel/signal.c | |
parent | ARM: signal: copy registers using __copy_from_user() (diff) | |
download | linux-42019fc50dfadb219f9e6ddf4c354f3837057d80.tar.xz linux-42019fc50dfadb219f9e6ddf4c354f3837057d80.zip |
ARM: vfp: use __copy_from_user() when restoring VFP state
__get_user_error() is used as a fast accessor to make copying structure
members in the signal handling path as efficient as possible. However,
with software PAN and the recent Spectre variant 1, the efficiency is
reduced as these are no longer fast accessors.
In the case of software PAN, it has to switch the domain register around
each access, and with Spectre variant 1, it would have to repeat the
access_ok() check for each access.
Use __copy_from_user() rather than __get_user_err() for individual
members when restoring VFP state.
Acked-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Diffstat (limited to 'arch/arm/kernel/signal.c')
-rw-r--r-- | arch/arm/kernel/signal.c | 20 |
1 files changed, 8 insertions, 12 deletions
diff --git a/arch/arm/kernel/signal.c b/arch/arm/kernel/signal.c index 0ae74207e43e..db62c51250ad 100644 --- a/arch/arm/kernel/signal.c +++ b/arch/arm/kernel/signal.c @@ -150,22 +150,18 @@ static int preserve_vfp_context(struct vfp_sigframe __user *frame) static int restore_vfp_context(char __user **auxp) { - struct vfp_sigframe __user *frame = - (struct vfp_sigframe __user *)*auxp; - unsigned long magic; - unsigned long size; - int err = 0; - - __get_user_error(magic, &frame->magic, err); - __get_user_error(size, &frame->size, err); + struct vfp_sigframe frame; + int err; + err = __copy_from_user(&frame, *auxp, sizeof(frame)); if (err) - return -EFAULT; - if (magic != VFP_MAGIC || size != VFP_STORAGE_SIZE) + return err; + + if (frame.magic != VFP_MAGIC || frame.size != VFP_STORAGE_SIZE) return -EINVAL; - *auxp += size; - return vfp_restore_user_hwstate(&frame->ufp, &frame->ufp_exc); + *auxp += sizeof(frame); + return vfp_restore_user_hwstate(&frame.ufp, &frame.ufp_exc); } #endif |