1. Patchew
  2. linux
  3. View series

[PATCH] futex: Use user_write_access_begin() in futex_put_value()

Waiman Long posted 1 patch 6 months ago 
kernel/futex/futex.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[PATCH] futex: Use user_write_access_begin() in futex_put_value()
Posted by Waiman Long 6 months ago 
Commit cec199c5e39b ("futex: Implement FUTEX2_NUMA") introduces a new
futex_put_value() helper function to write a value to the given user
address. However, it uses user_read_access_begin() before the write.
For arches that differentiate between read and write accesses, like
powerpc, futex_put_value() fails with a -EFAULT return value.  Fix that
by using user_write_access_begin().

Fixes: cec199c5e39b ("futex: Implement FUTEX2_NUMA")
Signed-off-by: Waiman Long <longman@redhat.com>
---
 kernel/futex/futex.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/futex/futex.h b/kernel/futex/futex.h
index c74eac572acd..2b6ae6a2b2a2 100644
--- a/kernel/futex/futex.h
+++ b/kernel/futex/futex.h
@@ -319,7 +319,7 @@ static __always_inline int futex_put_value(u32 val, u32 __user *to)
 {
 	if (can_do_masked_user_access())
 		to = masked_user_access_begin(to);
-	else if (!user_read_access_begin(to, sizeof(*to)))
+	else if (!user_write_access_begin(to, sizeof(*to)))
 		return -EFAULT;
 	unsafe_put_user(val, to, Efault);
 	user_read_access_end();
-- 
2.50.1
Re: [PATCH] futex: Use user_write_access_begin() in futex_put_value()
Posted by Waiman Long 5 months, 4 weeks ago 
On 8/9/25 5:24 PM, Waiman Long wrote:
> Commit cec199c5e39b ("futex: Implement FUTEX2_NUMA") introduces a new
> futex_put_value() helper function to write a value to the given user
> address. However, it uses user_read_access_begin() before the write.
> For arches that differentiate between read and write accesses, like
> powerpc, futex_put_value() fails with a -EFAULT return value.  Fix that
> by using user_write_access_begin().
>
> Fixes: cec199c5e39b ("futex: Implement FUTEX2_NUMA")
> Signed-off-by: Waiman Long <longman@redhat.com>
> ---
>   kernel/futex/futex.h | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/kernel/futex/futex.h b/kernel/futex/futex.h
> index c74eac572acd..2b6ae6a2b2a2 100644
> --- a/kernel/futex/futex.h
> +++ b/kernel/futex/futex.h
> @@ -319,7 +319,7 @@ static __always_inline int futex_put_value(u32 val, u32 __user *to)
>   {
>   	if (can_do_masked_user_access())
>   		to = masked_user_access_begin(to);
> -	else if (!user_read_access_begin(to, sizeof(*to)))
> +	else if (!user_write_access_begin(to, sizeof(*to)))
>   		return -EFAULT;
>   	unsafe_put_user(val, to, Efault);
>   	user_read_access_end();

Sorry, I forgot to use a matching user_write_access_end(). Will send out 
a v2.

Cheers,
Longman

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.