From nobody Sat Apr 4 00:10:40 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1A644315D40 for ; Sun, 22 Mar 2026 09:38:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774172325; cv=none; b=KVjNCh6ANsrRv47qm788VxUfz2cyixMAzKWLa4sx2+Htn9rDjCm8n6+6iWkDJHNDmX47cK5KwBbUUKBUTy/4JmzpkmmqFI5aCb9pq4zECtPZjTWjVR1PkGwa7ogh17Y9PI+SgneRAT+FNldIh0Tyr9Sa4nRuWls4O5aXFZA+Rkc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774172325; c=relaxed/simple; bh=h/vVWTE8x4d938A4Cntx8lxyGZoYGLz1O5DdZV6trls=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=Jx2Kn1Bt71UKtHgq4zKn3UOHZhMQSDwyEQoEOinMqWFTxjixkPUB6kkE0JwK7ip4aZa6R5euTpqY7mVixopgC2tuwqik7Ig4Acvg3MIkkNdf91msQSqS8J1esvKnoj3aFE4d0W0opxWHacadmpUi/2eqzquOoNFuomuBm5CWCMw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=jYYXgK7v; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="jYYXgK7v" Received: by smtp.kernel.org (Postfix) with ESMTPSA id C3FF1C19424; Sun, 22 Mar 2026 09:38:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1774172324; bh=h/vVWTE8x4d938A4Cntx8lxyGZoYGLz1O5DdZV6trls=; h=From:To:Cc:Subject:Date:From; b=jYYXgK7vwCxpx4sKMWxgUAMUf30SMdopJ5BQCl0rzR9pg9K+5/M3tUH4pEvxjvp82 Strs4+pEz5SSOJv8MURlAZdJVel52S4BqN6NeWOBGOW5YAPw6ce/HPAu6d+qNzg7mV I+P2cylVQ3zs1gPxy0jvPqmvVc4oYYi8JDx+dWeXbm362BGdkOMJpO2tJhcw7LvSGA B+QPYJLZoPUzJxZafkQpqBG6aDZVYRWADjNLXN81toAM21omjjUXG9UurKEUeZ8fbW 8JEfb/KkQsqUv+yUfTE47TzJUpnCZ/Y6woEpe0DHwVfr6JSTCpkR84NgAAPXTO952n vA27GJslz6oRg== From: "Christophe Leroy (CS GROUP)" To: Michael Ellerman , Nicholas Piggin , Madhavan Srinivasan Cc: "Christophe Leroy (CS GROUP)" , linux-kernel@vger.kernel.org, linuxppc-dev@lists.ozlabs.org Subject: [PATCH v2] powerpc: Simplify access_ok() Date: Sun, 22 Mar 2026 10:38:26 +0100 Message-ID: <6b9f8362e68008061828319a78b82279c02e8417.1774172243.git.chleroy@kernel.org> X-Mailer: git-send-email 2.49.0 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=2450; i=chleroy@kernel.org; h=from:subject:message-id; bh=h/vVWTE8x4d938A4Cntx8lxyGZoYGLz1O5DdZV6trls=; b=owGbwMvMwCV2d0KB2p7V54MZT6slMWTu3zG1RVa70iz2sZGl9DSFe3wHj2wqkyp/+Lx9SWdgl PXyztO3OkpZGMS4GGTFFFmO/+feNaPrS2r+1F36MHNYmUCGMHBxCsBEbE4yMmysib3Svitoz+cn NzlCvdKKz/9e9fvEha0f6y6FGExl5EpnZLjdsGfd9ClHNwhsqb54bHZ4nuKKR6aSCg9ZpWo5a43 lL3MDAA== X-Developer-Key: i=chleroy@kernel.org; a=openpgp; fpr=10FFE6F8B390DE17ACC2632368A92FEB01B8DD78 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" With the implementation of masked user access, we always have a memory gap between user memory space and kernel memory space, so use it to simplify access_ok() by relying on access fault in case of an access in the gap. Most of the time the size is known at build time. On powerpc64, the kernel space starts at 0x8000000000000000 which is always more than two times TASK_USER_MAX so when the size is known at build time and lower than TASK_USER_MAX, only the address needs to be verified. If not, a binary or of address and size must be lower than TASK_USER_MAX. As TASK_USER_MAX is a power of 2, just check that there is no bit set outside of TASK_USER_MAX - 1 mask. On powerpc32, there is a garanteed gap of 128KB so when the size is known at build time and not greater than 128KB, just check that the address is below TASK_SIZE. Otherwise use the original formula. Signed-off-by: Christophe Leroy (CS GROUP) --- v2: Fix build failure following untested last minute change :( --- arch/powerpc/include/asm/uaccess.h | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/arch/powerpc/include/asm/uaccess.h b/arch/powerpc/include/asm/= uaccess.h index 570b3d91e2e4..cb1e7f6a49d2 100644 --- a/arch/powerpc/include/asm/uaccess.h +++ b/arch/powerpc/include/asm/uaccess.h @@ -15,8 +15,34 @@ #define TASK_SIZE_MAX TASK_SIZE_USER64 #endif =20 +#define __access_ok __access_ok + #include =20 +/* + * On powerpc64, TASK_SIZE_MAX is 0x0010000000000000 then even if both ptr= and size + * are TASK_SIZE_MAX we are still inside the memory gap. So make it simple. + */ +static __always_inline int __access_ok(const void __user *ptr, unsigned lo= ng size) +{ + unsigned long addr =3D (unsigned long)ptr; + + if (IS_ENABLED(CONFIG_PPC64)) { + BUILD_BUG_ON(!is_power_of_2(TASK_SIZE_MAX)); + BUILD_BUG_ON(TASK_SIZE_MAX > 0x0010000000000000); + + if (__builtin_constant_p(size)) + return size <=3D TASK_SIZE_MAX && !(addr & ~(TASK_SIZE_MAX - 1)); + else + return !((size | addr) & ~(TASK_SIZE_MAX - 1)); + } else { + if (__builtin_constant_p(size) && size < SZ_128K) + return addr < TASK_SIZE; + else + return size <=3D TASK_SIZE && addr <=3D TASK_SIZE - size; + } +} + /* * These are the main single-value transfer routines. They automatically * use the right size if we just have the right pointer type. --=20 2.49.0