Merge branch 'work.set_fs' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs

Pull initial set_fs() removal from Al Viro:
 "Christoph's set_fs base series + fixups"

* 'work.set_fs' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
  fs: Allow a NULL pos pointer to __kernel_read
  fs: Allow a NULL pos pointer to __kernel_write
  powerpc: remove address space overrides using set_fs()
  powerpc: use non-set_fs based maccess routines
  x86: remove address space overrides using set_fs()
  x86: make TASK_SIZE_MAX usable from assembly code
  x86: move PAGE_OFFSET, TASK_SIZE & friends to page_{32,64}_types.h
  lkdtm: remove set_fs-based tests
  test_bitmap: remove user bitmap tests
  uaccess: add infrastructure for kernel builds with set_fs()
  fs: don't allow splice read/write without explicit ops
  fs: don't allow kernel reads and writes without iter ops
  sysctl: Convert to iter interfaces
  proc: add a read_iter method to proc proc_ops
  proc: cleanup the compat vs no compat file ops
  proc: remove a level of indentation in proc_get_inode

diff --cc arch/Kconfig
Simple merge

diff --cc arch/arc/Kconfig
Simple merge

diff --cc arch/arm/Kconfig
Simple merge

diff --cc arch/arm64/Kconfig
Simple merge

diff --cc arch/csky/Kconfig
Simple merge

diff --cc arch/ia64/Kconfig
index f11a8eb,22a6853..39b25a5
--- 1/arch/ia64/Kconfig
--- 2/arch/ia64/Kconfig
+++ b/arch/ia64/Kconfig
@@@ -55,7 -56,7 +55,8 @@@ config IA6
        select NEED_DMA_MAP_STATE
        select NEED_SG_DMA_LENGTH
        select NUMA if !FLATMEM
 +      select PCI_MSI_ARCH_FALLBACKS if PCI_MSI
+       select SET_FS
        default y
        help
          The Itanium Processor Family is Intel's 64-bit successor to

diff --cc arch/m68k/Kconfig
index c830705,dcf4ae8..372e4e6
--- 1/arch/m68k/Kconfig
--- 2/arch/m68k/Kconfig
+++ b/arch/m68k/Kconfig
@@@ -6,33 -6,33 +6,34 @@@ config M68
        select ARCH_HAS_BINFMT_FLAT
        select ARCH_HAS_DMA_PREP_COHERENT if HAS_DMA && MMU && !COLDFIRE
        select ARCH_HAS_SYNC_DMA_FOR_DEVICE if HAS_DMA
 +      select ARCH_HAVE_NMI_SAFE_CMPXCHG if RMW_INSNS
        select ARCH_MIGHT_HAVE_PC_PARPORT if ISA
        select ARCH_NO_PREEMPT if !COLDFIRE
 +      select ARCH_WANT_IPC_PARSE_VERSION
        select BINFMT_FLAT_ARGVP_ENVP_ON_STACK
        select DMA_DIRECT_REMAP if HAS_DMA && MMU && !COLDFIRE
 -      select HAVE_IDE
 -      select HAVE_AOUT if MMU
 -      select HAVE_ASM_MODVERSIONS
 -      select HAVE_DEBUG_BUGVERBOSE
 -      select GENERIC_IRQ_SHOW
        select GENERIC_ATOMIC64
 -      select NO_DMA if !MMU && !COLDFIRE
 -      select HAVE_UID16
 -      select VIRT_TO_BUS
 -      select ARCH_HAVE_NMI_SAFE_CMPXCHG if RMW_INSNS
        select GENERIC_CPU_DEVICES
        select GENERIC_IOMAP
 +      select GENERIC_IRQ_SHOW
        select GENERIC_STRNCPY_FROM_USER if MMU
        select GENERIC_STRNLEN_USER if MMU
 -      select ARCH_WANT_IPC_PARSE_VERSION
 +      select HAVE_AOUT if MMU
 +      select HAVE_ASM_MODVERSIONS
 +      select HAVE_DEBUG_BUGVERBOSE
        select HAVE_FUTEX_CMPXCHG if MMU && FUTEX
 +      select HAVE_IDE
        select HAVE_MOD_ARCH_SPECIFIC
 +      select HAVE_UID16
 +      select MMU_GATHER_NO_RANGE if MMU
        select MODULES_USE_ELF_REL
        select MODULES_USE_ELF_RELA
 -      select OLD_SIGSUSPEND3
 +      select NO_DMA if !MMU && !COLDFIRE
        select OLD_SIGACTION
 -      select MMU_GATHER_NO_RANGE if MMU
 +      select OLD_SIGSUSPEND3
+       select SET_FS
 +      select UACCESS_MEMCPY if !MMU
 +      select VIRT_TO_BUS
  
  config CPU_BIG_ENDIAN
        def_bool y

diff --cc arch/microblaze/Kconfig
Simple merge

diff --cc arch/mips/Kconfig
index bc04cf0,fbc2639..2000bb2
--- 1/arch/mips/Kconfig
--- 2/arch/mips/Kconfig
+++ b/arch/mips/Kconfig
@@@ -86,8 -86,8 +86,9 @@@ config MIP
        select MODULES_USE_ELF_REL if MODULES
        select MODULES_USE_ELF_RELA if MODULES && 64BIT
        select PERF_USE_VMALLOC
 +      select PCI_MSI_ARCH_FALLBACKS if PCI_MSI
        select RTC_LIB
+       select SET_FS
        select SYSCTL_EXCEPTION_TRACE
        select VIRT_TO_BUS
  

diff --cc arch/parisc/Kconfig
Simple merge

diff --cc arch/powerpc/include/asm/processor.h
Simple merge

diff --cc arch/powerpc/include/asm/uaccess.h
Simple merge

diff --cc arch/powerpc/lib/sstep.c
Simple merge

diff --cc arch/riscv/Kconfig
Simple merge

diff --cc arch/s390/Kconfig
index 4a00351,fd81385..3437153
--- 1/arch/s390/Kconfig
--- 2/arch/s390/Kconfig
+++ b/arch/s390/Kconfig
@@@ -190,7 -185,7 +190,8 @@@ config S39
        select OLD_SIGSUSPEND3
        select PCI_DOMAINS              if PCI
        select PCI_MSI                  if PCI
 +      select PCI_MSI_ARCH_FALLBACKS   if PCI_MSI
+       select SET_FS
        select SPARSE_IRQ
        select SYSCTL_EXCEPTION_TRACE
        select THREAD_INFO_IN_TASK

diff --cc arch/sh/Kconfig
Simple merge

diff --cc arch/sparc/Kconfig
Simple merge

diff --cc arch/um/Kconfig
Simple merge

diff --cc arch/x86/include/asm/page_64_types.h
Simple merge

diff --cc arch/x86/include/asm/processor.h
Simple merge

diff --cc arch/x86/include/asm/uaccess.h
index 477c503,a4ceda0..f136595
--- 1/arch/x86/include/asm/uaccess.h
--- 2/arch/x86/include/asm/uaccess.h
+++ b/arch/x86/include/asm/uaccess.h
@@@ -93,9 -69,24 +69,9 @@@ static inline bool pagefault_disabled(v
  #define access_ok(addr, size)                                 \
  ({                                                                    \
        WARN_ON_IN_IRQ();                                               \
-       likely(!__range_not_ok(addr, size, user_addr_max()));           \
+       likely(!__range_not_ok(addr, size, TASK_SIZE_MAX));             \
  })
  
 -/*
 - * These are the main single-value transfer routines.  They automatically
 - * use the right size if we just have the right pointer type.
 - *
 - * This gets kind of ugly. We want to return _two_ values in "get_user()"
 - * and yet we don't want to do any pointers, because that is too much
 - * of a performance impact. Thus we have a few rather ugly macros here,
 - * and hide all the ugliness from the user.
 - *
 - * The "__xxx" versions of the user access functions are versions that
 - * do not verify the address space, that must have been done previously
 - * with a separate "access_ok()" call (this is used when we do multiple
 - * accesses to the same area of user memory).
 - */
 -
  extern int __get_user_1(void);
  extern int __get_user_2(void);
  extern int __get_user_4(void);

diff --cc arch/x86/lib/getuser.S
index 2cd902e,2f052bc..fa1bc21
--- 1/arch/x86/lib/getuser.S
--- 2/arch/x86/lib/getuser.S
+++ b/arch/x86/lib/getuser.S
@@@ -35,12 -35,19 +35,21 @@@
  #include <asm/smap.h>
  #include <asm/export.h>
  
 +#define ASM_BARRIER_NOSPEC ALTERNATIVE "", "lfence", X86_FEATURE_LFENCE_RDTSC
 +
+ #ifdef CONFIG_X86_5LEVEL
+ #define LOAD_TASK_SIZE_MINUS_N(n) \
+       ALTERNATIVE __stringify(mov $((1 << 47) - 4096 - (n)),%rdx), \
+                   __stringify(mov $((1 << 56) - 4096 - (n)),%rdx), X86_FEATURE_LA57
+ #else
+ #define LOAD_TASK_SIZE_MINUS_N(n) \
+       mov $(TASK_SIZE_MAX - (n)),%_ASM_DX
+ #endif
+ 
        .text
  SYM_FUNC_START(__get_user_1)
-       mov PER_CPU_VAR(current_task), %_ASM_DX
-       cmp TASK_addr_limit(%_ASM_DX),%_ASM_AX
+       LOAD_TASK_SIZE_MINUS_N(0)
+       cmp %_ASM_DX,%_ASM_AX
        jae bad_get_user
        sbb %_ASM_DX, %_ASM_DX          /* array_index_mask_nospec() */
        and %_ASM_DX, %_ASM_AX

diff --cc arch/x86/lib/putuser.S
index b34a177,358239d..0ea344c
--- 1/arch/x86/lib/putuser.S
--- 2/arch/x86/lib/putuser.S
+++ b/arch/x86/lib/putuser.S
@@@ -37,58 -42,45 +44,52 @@@
  
  .text
  SYM_FUNC_START(__put_user_1)
-       ENTER
-       cmp TASK_addr_limit(%_ASM_BX),%_ASM_CX
+       LOAD_TASK_SIZE_MINUS_N(0)
+       cmp %_ASM_BX,%_ASM_CX
        jae .Lbad_put_user
 +SYM_INNER_LABEL(__put_user_nocheck_1, SYM_L_GLOBAL)
        ASM_STAC
  1:    movb %al,(%_ASM_CX)
 -      xor %eax,%eax
 +      xor %ecx,%ecx
        ASM_CLAC
        ret
  SYM_FUNC_END(__put_user_1)
  EXPORT_SYMBOL(__put_user_1)
 +EXPORT_SYMBOL(__put_user_nocheck_1)
  
  SYM_FUNC_START(__put_user_2)
-       ENTER
-       mov TASK_addr_limit(%_ASM_BX),%_ASM_BX
-       sub $1,%_ASM_BX
+       LOAD_TASK_SIZE_MINUS_N(1)
        cmp %_ASM_BX,%_ASM_CX
        jae .Lbad_put_user
 +SYM_INNER_LABEL(__put_user_nocheck_2, SYM_L_GLOBAL)
        ASM_STAC
  2:    movw %ax,(%_ASM_CX)
 -      xor %eax,%eax
 +      xor %ecx,%ecx
        ASM_CLAC
        ret
  SYM_FUNC_END(__put_user_2)
  EXPORT_SYMBOL(__put_user_2)
 +EXPORT_SYMBOL(__put_user_nocheck_2)
  
  SYM_FUNC_START(__put_user_4)
-       ENTER
-       mov TASK_addr_limit(%_ASM_BX),%_ASM_BX
-       sub $3,%_ASM_BX
+       LOAD_TASK_SIZE_MINUS_N(3)
        cmp %_ASM_BX,%_ASM_CX
        jae .Lbad_put_user
 +SYM_INNER_LABEL(__put_user_nocheck_4, SYM_L_GLOBAL)
        ASM_STAC
  3:    movl %eax,(%_ASM_CX)
 -      xor %eax,%eax
 +      xor %ecx,%ecx
        ASM_CLAC
        ret
  SYM_FUNC_END(__put_user_4)
  EXPORT_SYMBOL(__put_user_4)
 +EXPORT_SYMBOL(__put_user_nocheck_4)
  
  SYM_FUNC_START(__put_user_8)
-       ENTER
-       mov TASK_addr_limit(%_ASM_BX),%_ASM_BX
-       sub $7,%_ASM_BX
+       LOAD_TASK_SIZE_MINUS_N(7)
        cmp %_ASM_BX,%_ASM_CX
        jae .Lbad_put_user
 +SYM_INNER_LABEL(__put_user_nocheck_8, SYM_L_GLOBAL)
        ASM_STAC
  4:    mov %_ASM_AX,(%_ASM_CX)
  #ifdef CONFIG_X86_32

diff --cc arch/xtensa/Kconfig
Simple merge

diff --cc fs/read_write.c
Simple merge

diff --cc fs/splice.c
Simple merge

diff --cc include/linux/bpf-cgroup.h
Simple merge

diff --cc include/linux/fs.h
index c4ae9ca,d33cc3e..83817d2
--- 1/include/linux/fs.h
--- 2/include/linux/fs.h
+++ b/include/linux/fs.h
@@@ -1892,10 -1887,13 +1892,8 @@@ static inline int call_mmap(struct fil
        return file->f_op->mmap(file, vma);
  }
  
 -ssize_t rw_copy_check_uvector(int type, const struct iovec __user * uvector,
 -                            unsigned long nr_segs, unsigned long fast_segs,
 -                            struct iovec *fast_pointer,
 -                            struct iovec **ret_pointer);
 -
  extern ssize_t vfs_read(struct file *, char __user *, size_t, loff_t *);
  extern ssize_t vfs_write(struct file *, const char __user *, size_t, loff_t *);
- extern ssize_t vfs_readv(struct file *, const struct iovec __user *,
-               unsigned long, loff_t *, rwf_t);
  extern ssize_t vfs_copy_file_range(struct file *, loff_t , struct file *,
                                   loff_t, size_t, unsigned int);
  extern ssize_t generic_copy_file_range(struct file *file_in, loff_t pos_in,

diff --cc include/linux/uaccess.h
Simple merge

diff --cc kernel/bpf/cgroup.c
Simple merge