iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
737,791 Commits 104 Branches 1,843 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Lars-Peter Clausen 4058ebf33c usb: gadget: ffs: Execute copy_to_user() with USER_DS set 
When using a AIO read() operation on the function FS gadget driver a URB is
submitted asynchronously and on URB completion the received data is copied
to the userspace buffer associated with the read operation.

This is done from a kernel worker thread invoking copy_to_user() (through
copy_to_iter()). And while the user space process memory is made available
to the kernel thread using use_mm(), some architecture require in addition
to this that the operation runs with USER_DS set. Otherwise the userspace
memory access will fail.

For example on ARM64 with Privileged Access Never (PAN) and User Access
Override (UAO) enabled the following crash occurs.

	Internal error: Accessing user space memory with fs=KERNEL_DS: 9600004f [#1] SMP
	Modules linked in:
	CPU: 2 PID: 1636 Comm: kworker/2:1 Not tainted 4.9.0-04081-g8ab2dfb-dirty #487
	Hardware name: ZynqMP ZCU102 Rev1.0 (DT)
	Workqueue: events ffs_user_copy_worker
	task: ffffffc87afc8080 task.stack: ffffffc87a00c000
	PC is at __arch_copy_to_user+0x190/0x220
	LR is at copy_to_iter+0x78/0x3c8
	[...]
	[<ffffff800847b790>] __arch_copy_to_user+0x190/0x220
	[<ffffff80086f25d8>] ffs_user_copy_worker+0x70/0x130
	[<ffffff80080b8c64>] process_one_work+0x1dc/0x460
	[<ffffff80080b8f38>] worker_thread+0x50/0x4b0
	[<ffffff80080bf5a0>] kthread+0xd8/0xf0
	[<ffffff8008083680>] ret_from_fork+0x10/0x50

Address this by placing a set_fs(USER_DS) before of the copy operation
and revert it again once the copy operation has finished.

This patch is analogous to commit d7ffde35e31a ("vhost: use USER_DS in
vhost_worker thread") which addresses the same underlying issue.

Signed-off-by: Lars-Peter Clausen <lars@metafoo.de>
Signed-off-by: Felipe Balbi <felipe.balbi@linux.intel.com>
2018-03-13 10:47:39 +02:00
arch
Xtensa fixes for 4.16
2018-02-25 17:02:24 -08:00
block
treewide/trivial: Remove ';;$' typo noise
2018-02-22 10:59:33 +01:00
certs
certs/blacklist_nohashes.c: fix const confusion in certs blacklist
2018-02-21 15:35:43 -08:00
crypto
X.509: fix NULL dereference when restricting key with unsupported_sig
2018-02-22 14:38:34 +00:00
Documentation
Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2018-02-25 16:58:55 -08:00
drivers
usb: gadget: ffs: Execute copy_to_user() with USER_DS set
2018-03-13 10:47:39 +02:00
firmware
kbuild: remove all dummy assignments to obj-
2017-11-18 11:46:06 +09:00
fs
NFS client bugfixes for Linux 4.16
2018-02-25 13:43:18 -08:00
include
usb: gadget: composite: fix incorrect handling of OS desc requests
2018-03-08 15:12:01 +02:00
init
membarrier: Provide core serializing command, *_SYNC_CORE
2018-02-05 21:35:03 +01:00
ipc
vfs: do bulk POLL* -> EPOLL* replacement
2018-02-11 14:34:03 -08:00
kernel
Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2018-02-25 16:58:55 -08:00
lib
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/pmladek/printk
2018-02-23 14:57:20 -08:00
LICENSES
LICENSES: Add MPL-1.1 license
2018-01-06 10:59:44 -07:00
mm
mm: don't defer struct page initialization for Xen pv guests
2018-02-21 15:35:43 -08:00
net
net_sched: gen_estimator: fix broken estimators based on percpu stats
2018-02-23 12:35:46 -05:00
samples
sample/bpf: fix erspan metadata
2018-02-06 11:32:49 -05:00
scripts
Kbuild updates for v4.16 (2nd)
2018-02-09 19:32:41 -08:00
security
integrity/security: fix digsig.c build error with header file
2018-02-22 20:09:08 -08:00
sound
ALSA: hda/realtek: PCI quirk for Fujitsu U7x7
2018-02-14 12:02:26 +01:00
tools
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2018-02-23 15:14:17 -08:00
usr
initramfs: fix initramfs rebuilds w/ compression after disabling
2017-11-03 07:39:19 -07:00
virt
vfs: do bulk POLL* -> EPOLL* replacement
2018-02-11 14:34:03 -08:00
.cocciconfig
scripts: add Linux .cocciconfig for coccinelle
2016-07-22 12:13:39 +02:00
.get_maintainer.ignore
.gitattributes
.gitattributes: set git diff driver for C source code files
2016-10-07 18:46:30 -07:00
.gitignore
.gitignore: ignore ASN.1 auto generated files
2018-02-14 21:05:38 +01:00
.mailmap
mailmap: update Mark Yao's email address
2018-01-04 16:45:09 -08:00
COPYING
CREDITS
MAINTAINERS: update TPM driver infrastructure changes
2017-11-09 17:58:40 -08:00
Kbuild
Kbuild updates for v4.15
2017-11-17 17:45:29 -08:00
Kconfig
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
MAINTAINERS
MAINTAINERS: Remove Richard Purdie from LED maintainers
2018-02-19 20:23:49 +01:00
Makefile
Linux 4.16-rc3
2018-02-25 18:50:41 -08:00
README
README: add a new README file, pointing to the Documentation/
2016-10-24 08:12:35 -02:00

README 

Linux kernel
============

This file was moved to Documentation/admin-guide/README.rst

Please notice that there are several guides for kernel developers and users.
These guides can be rendered in a number of formats, like HTML and PDF.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.
See Documentation/00-INDEX for a list of what is contained in each file.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.
Description
No description provided
Readme 5.7 GiB
Languages
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%