On 12.05.21 10:04, David Laight wrote:
From: Joerg
Sent: 12 May 2021 08:55
From: Joerg Roedel jroedel@suse.de
The put_user() and get_user() functions do checks on the address which is passed to them. They check whether the address is actually a user-space address and whether its fine to access it. They also call might_fault() to indicate that they could fault and possibly sleep.
All of these checks are neither wanted nor required in the #VC exception handler, which can be invoked from almost any context and also for MMIO instructions from kernel space on kernel memory. All the #VC handler wants to know is whether a fault happened when the access was tried.
This is provided by __put_user()/__get_user(), which just do the access no matter what.
That can't be right at all. __put/get_user() are only valid on user addresses and will try to fault in a missing page - so can sleep.
At best this is abused the calls.
You want something like xen_safe_[read|write]_ulong().
Juergen