From nobody Mon Apr 6 21:32:34 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5420C30C63B for ; Tue, 17 Mar 2026 18:07:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773770837; cv=none; b=MWVpeVq843dUHN1D2XGKuSWC7LCM68yGiSVc07mgqdiQQJq8gD+rQQHmzdIdOKrCPO0rUP3t8xQiJLiQVCnirI59GREv5cpT/fXYjhRYnS7ItReql/NLVlkzys4dSLLjcR0B2j+x/aumgdszUGKbGu4zCThHuClIfhtmMSdgxt0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773770837; c=relaxed/simple; bh=msXtNh2L7yEuV8cdaHMIwp4LwRym7oKTQnwyksNEC9w=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=Pr8DRV8Lz4QIhjHngWbNtym3xLKPpG05A/+dt/6p/TIQR8nstSxVglq50oLBe8GNmJdiywrafW/acZMmuHNQ+RAD6b8wyQr1f0XzS3nY7ASaG3cEqUNeGWsAYKCDqcTAizc6DMqrzXDKPTeW+l84isVva1NPheVmVzoCpD83Otc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=vPqGNk//; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="vPqGNk//" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 307BEC2BC86; Tue, 17 Mar 2026 18:07:14 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1773770837; bh=msXtNh2L7yEuV8cdaHMIwp4LwRym7oKTQnwyksNEC9w=; h=From:To:Cc:Subject:Date:From; b=vPqGNk//jwOSxooeEwykbxSrewT6FRz/5Ahqb5i6NtvuR93okhibyFHsBS6DCOIWw MPeC4BOP+z+sgJ0k42kfj5FbsjPn1N6Ctp6PA/bovBqOKVZhtlQnKTPBBwayZzHRtw 0zzszYIX/OkwBNK3XrfWlDLT0i2WfLc5a47Ekt+ymFA2VCcwKbmS025NsHWc70VUhQ BAFtb+EWP45D7XBDcyvESyawdNE3e8IvCHYVYIqjhwoxqshBJFmYThLaCvKfMYQJ7k 4WKhLZvE3fCW45igp94OLXl9kDR9ZypORC0ofXiiF9RU/MxkVaVQPPPXKEnrZBPHTB V3Y1/3djoadtg== From: "Christophe Leroy (CS GROUP)" To: Michael Ellerman , Nicholas Piggin , Madhavan Srinivasan Cc: "Christophe Leroy (CS GROUP)" , linux-kernel@vger.kernel.org, linuxppc-dev@lists.ozlabs.org Subject: [PATCH] powerpc: Simplify access_ok() Date: Tue, 17 Mar 2026 19:07:04 +0100 Message-ID: <56dd1a892279fade2292b7eef7a52112901ae2fd.1773770778.git.chleroy@kernel.org> X-Mailer: git-send-email 2.49.0 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=2382; i=chleroy@kernel.org; h=from:subject:message-id; bh=msXtNh2L7yEuV8cdaHMIwp4LwRym7oKTQnwyksNEC9w=; b=owGbwMvMwCV2d0KB2p7V54MZT6slMWTunOF56ONcTRk3/bi7VkwivJWfz+VVOBVtWVS+LSFCw 0t/0jrFjlIWBjEuBlkxRZbj/7l3zej6kpo/dZc+zBxWJpAhDFycAjAR2QcMf4WYMqfP8X/tWbfQ 0fs6V67VrD+nLsSzaXys49gZxNLz7jcjw9nDKfk3tu69z7Shc8O8+rLji9+y11wr5JIO0U95f79 gMw8A X-Developer-Key: i=chleroy@kernel.org; a=openpgp; fpr=10FFE6F8B390DE17ACC2632368A92FEB01B8DD78 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" With the implementation of masked user access, we always have a memory gap between user memory space and kernel memory space, so use it to simplify access_ok() by relying on access fault in case of an access in the gap. Most of the time the size is known at build time. On powerpc64, the kernel space starts at 0x8000000000000000 which is always more than two times TASK_USER_MAX so when the size is known at build time and lower than TASK_USER_MAX, only the address needs to be verified. If not, a binary or of address and size must be lower than TASK_USER_MAX. As TASK_USER_MAX is a power of 2, just check that there is no bit set outside of TASK_USER_MAX - 1 mask. On powerpc32, there is a garanteed gap of 128KB so when the size is known at build time and not greater than 128KB, just check that the address is below TASK_SIZE. Otherwise use the original formula. Signed-off-by: Christophe Leroy (CS GROUP) --- arch/powerpc/include/asm/uaccess.h | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/arch/powerpc/include/asm/uaccess.h b/arch/powerpc/include/asm/= uaccess.h index 570b3d91e2e4..ec210ae62be7 100644 --- a/arch/powerpc/include/asm/uaccess.h +++ b/arch/powerpc/include/asm/uaccess.h @@ -15,8 +15,34 @@ #define TASK_SIZE_MAX TASK_SIZE_USER64 #endif =20 +#define __access_ok __access_ok + #include =20 +/* + * On powerpc64, TASK_SIZE_MAX is 0x0010000000000000 then even if both ptr= and size + * are TASK_SIZE_MAX we are still inside the memory gap. So make it simple. + */ +static __always_inline int __access_ok(const void __user *ptr, unsigned lo= ng size) +{ + unsigned long addr =3D (unsigned long)ptr; + + if (IS_ENABLED(CONFIG_PPC64)) { + BUILD_BUG_ON(!is_power_of_2(TASK_SIZE_MAX)); + BUILD_BUG_ON(TASK_SIZE_MAX > 0x0010000000000000); + + if (__builtin_constant_p(size)) + return size <=3D TASK_SIZE_MAX && !(addr & ~(TASK_SIZE_MAX - 1)); + else + return !((size | addr) & ~(TASK_SIZE_MAX - 1)); + } else { + if (__builtin_constant_p(size) && size < SZ_128K) + return addr < TASK_SIZE; + else + return size <=3D TASK_SIZE && addr <=3D TASK_SIZE - size); + } +} + /* * These are the main single-value transfer routines. They automatically * use the right size if we just have the right pointer type. --=20 2.49.0