Re: linux-next: Tree for Sep 18 (objtool)

From: Josh Poimboeuf
Date: Mon Sep 23 2019 - 10:17:02 EST


On Mon, Sep 23, 2019 at 03:33:52PM +0200, Peter Zijlstra wrote:
> On Mon, Sep 23, 2019 at 07:49:01AM -0500, Josh Poimboeuf wrote:
> > On Mon, Sep 23, 2019 at 11:20:24AM +0200, Peter Zijlstra wrote:
> > > On Wed, Sep 18, 2019 at 09:04:21PM -0700, Randy Dunlap wrote:
> > > > On 9/18/19 3:10 PM, Mark Brown wrote:
> > > > > Hi all,
> > > > >
> > > > > Changes since 20190917:
> > > > >
> > > >
> > > > on x86_64:
> > > >
> > > > drivers/gpu/drm/i915/gem/i915_gem_execbuffer.o: warning: objtool: i915_gem_execbuffer2_ioctl()+0x2fb: call to gen8_canonical_addr() with UACCESS enabled
> > >
> > > I'm thinking that comes from:
> > >
> > > offset = gen8_canonical_addr(offset & ~UPDATE);
> > > if (unlikely(__put_user(offset, &urelocs[r-stack].presumed_offset))) {
> > >
> > > however, per commit 6ae865615fc4 (and 2a418cf3f5f1) the compiler really
> > > should not be sticking gen8_canonical_addr() after __uaccess_begin().
> > >
> > > /me puzzled...
> >
> > I think you're looking at the wrong code. It has user_access_begin/end
> > around it:
> >
> > if (!user_access_begin(user_exec_list, count * sizeof(*user_exec_list)))
> > goto end;
> >
> > for (i = 0; i < args->buffer_count; i++) {
> > if (!(exec2_list[i].offset & UPDATE))
> > continue;
> >
> > exec2_list[i].offset =
> > gen8_canonical_addr(exec2_list[i].offset & PIN_OFFSET_MASK);
> > unsafe_put_user(exec2_list[i].offset,
> > &user_exec_list[i].offset,
> > end_user);
> > }
> > end_user:
> > user_access_end();
> >
>
> Oh, Duh... Yeah, so the alternative to your solution is to do 2 loops.
> Not sure which would be better.

I like your idea better, makes the fix more localized and shrinks the
uaccess window. Something like so (not even compile tested):

diff --git a/drivers/gpu/drm/i915/gem/i915_gem_execbuffer.c b/drivers/gpu/drm/i915/gem/i915_gem_execbuffer.c
index b5f6937369ea..406af374f728 100644
--- a/drivers/gpu/drm/i915/gem/i915_gem_execbuffer.c
+++ b/drivers/gpu/drm/i915/gem/i915_gem_execbuffer.c
@@ -2847,6 +2847,11 @@ i915_gem_execbuffer2_ioctl(struct drm_device *dev, void *data,
u64_to_user_ptr(args->buffers_ptr);
unsigned int i;

+ for (i = 0; i < args->buffer_count; i++) {
+ exec2_list[i].offset =
+ gen8_canonical_addr(exec2_list[i].offset & PIN_OFFSET_MASK);
+ }
+
/* Copy the new buffer offsets back to the user's exec list. */
/*
* Note: count * sizeof(*user_exec_list) does not overflow,
@@ -2862,8 +2867,6 @@ i915_gem_execbuffer2_ioctl(struct drm_device *dev, void *data,
if (!(exec2_list[i].offset & UPDATE))
continue;

- exec2_list[i].offset =
- gen8_canonical_addr(exec2_list[i].offset & PIN_OFFSET_MASK);
unsafe_put_user(exec2_list[i].offset,
&user_exec_list[i].offset,
end_user);