With user access protection (Called SMAP on x86 or KUAP on powerpc) each and every call to get_user() or put_user() performs heavy operations to unlock and lock kernel access to userspace.
SNDRV_PCM_IOCTL_SYNC_PTR ioctl is a hot path that needs to be optimised. To do that, perform user accesses by blocks using user_access_begin/user_access_end() and unsafe_get_user()/ unsafe_put_user() and alike. Before the patch the 9 calls to put_user() at the end of snd_pcm_ioctl_sync_ptr_compat() imply the following set of instructions about 9 times (access_ok - enable user - write - disable user): 0.00 : c057f858: 3d 20 7f ff lis r9,32767 0.29 : c057f85c: 39 5e 00 14 addi r10,r30,20 0.77 : c057f860: 61 29 ff fc ori r9,r9,65532 0.32 : c057f864: 7c 0a 48 40 cmplw r10,r9 0.36 : c057f868: 41 a1 fb 58 bgt c057f3c0 <snd_pcm_ioctl+0xbb0> 0.30 : c057f86c: 3d 20 dc 00 lis r9,-9216 1.95 : c057f870: 7d 3a c3 a6 mtspr 794,r9 0.33 : c057f874: 92 8a 00 00 stw r20,0(r10) 0.27 : c057f878: 3d 20 de 00 lis r9,-8704 0.28 : c057f87c: 7d 3a c3 a6 mtspr 794,r9 ... A perf profile shows that in total the 9 put_user() represent 36% of the time spent in snd_pcm_ioctl() and about 80 instructions. With this patch everything is done in 13 instructions and represent only 15% of the time spent in snd_pcm_ioctl(): 0.57 : c057f5dc: 3d 20 dc 00 lis r9,-9216 0.98 : c057f5e0: 7d 3a c3 a6 mtspr 794,r9 0.16 : c057f5e4: 92 7f 00 04 stw r19,4(r31) 0.63 : c057f5e8: 93 df 00 0c stw r30,12(r31) 0.16 : c057f5ec: 93 9f 00 10 stw r28,16(r31) 4.95 : c057f5f0: 92 9f 00 14 stw r20,20(r31) 0.19 : c057f5f4: 92 5f 00 18 stw r18,24(r31) 0.49 : c057f5f8: 92 bf 00 1c stw r21,28(r31) 0.27 : c057f5fc: 93 7f 00 20 stw r27,32(r31) 5.88 : c057f600: 93 36 00 00 stw r25,0(r22) 0.11 : c057f604: 93 17 00 00 stw r24,0(r23) 0.00 : c057f608: 3d 20 de 00 lis r9,-8704 0.79 : c057f60c: 7d 3a c3 a6 mtspr 794,r9 Note that here the access_ok() in user_write_access_begin() is skipped because the exact same verification has already been performed at the beginning of the fonction with the call to user_read_access_begin(). Signed-off-by: Christophe Leroy <christophe.le...@csgroup.eu> --- This is a lighter version of previous patch "[PATCH v2] ALSA: pcm: Convert multiple {get/put}_user to user_access_begin/user_access_end()" focussing on identified hot path. Moved and nested the failure labels closer in order to increase readability Link: https://patchwork.ozlabs.org/project/linuxppc-dev/patch/d2609397eafc2b55ec1f44a3f30ccec00e0c7f6e.1749455639.git.christophe.le...@csgroup.eu/ sound/core/pcm_compat.c | 40 +++++++++++++++++++++++++++------------- sound/core/pcm_native.c | 40 +++++++++++++++++++++++++++------------- 2 files changed, 54 insertions(+), 26 deletions(-) diff --git a/sound/core/pcm_compat.c b/sound/core/pcm_compat.c index a42ec7f5a1da..348a72e6499e 100644 --- a/sound/core/pcm_compat.c +++ b/sound/core/pcm_compat.c @@ -418,10 +418,18 @@ static int snd_pcm_ioctl_sync_ptr_x32(struct snd_pcm_substream *substream, if (snd_BUG_ON(!runtime)) return -EINVAL; - if (get_user(sflags, &src->flags) || - get_user(scontrol.appl_ptr, &src->c.control.appl_ptr) || - get_user(scontrol.avail_min, &src->c.control.avail_min)) + if (!user_read_access_begin(src, sizeof(*src))) return -EFAULT; + err = -EFAULT; + unsafe_get_user(sflags, &src->flags, Efault_rd); + unsafe_get_user(scontrol.appl_ptr, &src->c.control.appl_ptr, Efault_rd); + unsafe_get_user(scontrol.avail_min, &src->c.control.avail_min, Efault_rd); + err = 0; +Efault_rd: + user_read_access_end(); + if (err) + return err; + if (sflags & SNDRV_PCM_SYNC_PTR_HWSYNC) { err = snd_pcm_hwsync(substream); if (err < 0) @@ -450,18 +458,24 @@ static int snd_pcm_ioctl_sync_ptr_x32(struct snd_pcm_substream *substream, } if (!(sflags & SNDRV_PCM_SYNC_PTR_APPL)) snd_pcm_dma_buffer_sync(substream, SNDRV_DMA_SYNC_DEVICE); - if (put_user(sstatus.state, &src->s.status.state) || - put_user(sstatus.hw_ptr, &src->s.status.hw_ptr) || - put_user(sstatus.tstamp.tv_sec, &src->s.status.tstamp_sec) || - put_user(sstatus.tstamp.tv_nsec, &src->s.status.tstamp_nsec) || - put_user(sstatus.suspended_state, &src->s.status.suspended_state) || - put_user(sstatus.audio_tstamp.tv_sec, &src->s.status.audio_tstamp_sec) || - put_user(sstatus.audio_tstamp.tv_nsec, &src->s.status.audio_tstamp_nsec) || - put_user(scontrol.appl_ptr, &src->c.control.appl_ptr) || - put_user(scontrol.avail_min, &src->c.control.avail_min)) + + if (!user_write_access_begin(src, sizeof(*src))) return -EFAULT; + err = -EFAULT; + unsafe_put_user(sstatus.state, &src->s.status.state, Efault_wr); + unsafe_put_user(sstatus.hw_ptr, &src->s.status.hw_ptr, Efault_wr); + unsafe_put_user(sstatus.tstamp.tv_sec, &src->s.status.tstamp_sec, Efault_wr); + unsafe_put_user(sstatus.tstamp.tv_nsec, &src->s.status.tstamp_nsec, Efault_wr); + unsafe_put_user(sstatus.suspended_state, &src->s.status.suspended_state, Efault_wr); + unsafe_put_user(sstatus.audio_tstamp.tv_sec, &src->s.status.audio_tstamp_sec, Efault_wr); + unsafe_put_user(sstatus.audio_tstamp.tv_nsec, &src->s.status.audio_tstamp_nsec, Efault_wr); + unsafe_put_user(scontrol.appl_ptr, &src->c.control.appl_ptr, Efault_wr); + unsafe_put_user(scontrol.avail_min, &src->c.control.avail_min), Efault_wr); + err = 0; +Efault_wr: + user_write_access_end(); - return 0; + return err; } #endif /* CONFIG_X86_X32_ABI */ diff --git a/sound/core/pcm_native.c b/sound/core/pcm_native.c index ecb71bf1859d..b104faddb6e3 100644 --- a/sound/core/pcm_native.c +++ b/sound/core/pcm_native.c @@ -3165,10 +3165,18 @@ static int snd_pcm_ioctl_sync_ptr_compat(struct snd_pcm_substream *substream, if (snd_BUG_ON(!runtime)) return -EINVAL; - if (get_user(sflags, &src->flags) || - get_user(scontrol.appl_ptr, &src->c.control.appl_ptr) || - get_user(scontrol.avail_min, &src->c.control.avail_min)) + if (!user_read_access_begin(src, sizeof(*src))) return -EFAULT; + err = -EFAULT; + unsafe_get_user(sflags, &src->flags, Efault_rd); + unsafe_get_user(scontrol.appl_ptr, &src->c.control.appl_ptr, Efault_rd); + unsafe_get_user(scontrol.avail_min, &src->c.control.avail_min, Efault_rd); + err = 0; +Efault_rd: + user_read_access_end(); + if (err) + return err; + if (sflags & SNDRV_PCM_SYNC_PTR_HWSYNC) { err = snd_pcm_hwsync(substream); if (err < 0) @@ -3200,18 +3208,24 @@ static int snd_pcm_ioctl_sync_ptr_compat(struct snd_pcm_substream *substream, } if (!(sflags & SNDRV_PCM_SYNC_PTR_APPL)) snd_pcm_dma_buffer_sync(substream, SNDRV_DMA_SYNC_DEVICE); - if (put_user(sstatus.state, &src->s.status.state) || - put_user(sstatus.hw_ptr, &src->s.status.hw_ptr) || - put_user(sstatus.tstamp.tv_sec, &src->s.status.tstamp_sec) || - put_user(sstatus.tstamp.tv_nsec, &src->s.status.tstamp_nsec) || - put_user(sstatus.suspended_state, &src->s.status.suspended_state) || - put_user(sstatus.audio_tstamp.tv_sec, &src->s.status.audio_tstamp_sec) || - put_user(sstatus.audio_tstamp.tv_nsec, &src->s.status.audio_tstamp_nsec) || - put_user(scontrol.appl_ptr, &src->c.control.appl_ptr) || - put_user(scontrol.avail_min, &src->c.control.avail_min)) + + if (!user_write_access_begin(src, sizeof(*src))) return -EFAULT; + err = -EFAULT; + unsafe_put_user(sstatus.state, &src->s.status.state, Efault_wr); + unsafe_put_user(sstatus.hw_ptr, &src->s.status.hw_ptr, Efault_wr); + unsafe_put_user(sstatus.tstamp.tv_sec, &src->s.status.tstamp_sec, Efault_wr); + unsafe_put_user(sstatus.tstamp.tv_nsec, &src->s.status.tstamp_nsec, Efault_wr); + unsafe_put_user(sstatus.suspended_state, &src->s.status.suspended_state, Efault_wr); + unsafe_put_user(sstatus.audio_tstamp.tv_sec, &src->s.status.audio_tstamp_sec, Efault_wr); + unsafe_put_user(sstatus.audio_tstamp.tv_nsec, &src->s.status.audio_tstamp_nsec, Efault_wr); + unsafe_put_user(scontrol.appl_ptr, &src->c.control.appl_ptr, Efault_wr); + unsafe_put_user(scontrol.avail_min, &src->c.control.avail_min, Efault_wr); + err = 0; +Efault_wr: + user_write_access_end(); - return 0; + return err; } #define __SNDRV_PCM_IOCTL_SYNC_PTR32 _IOWR('A', 0x23, struct snd_pcm_sync_ptr32) -- 2.47.0