From: Christoph Hellwig <hch@lst.de>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Christoph Hellwig <hch@lst.de>,
David Laight <David.Laight@aculab.com>,
Al Viro <viro@zeniv.linux.org.uk>,
Luis Chamberlain <mcgrof@kernel.org>,
Kees Cook <keescook@chromium.org>,
Iurii Zaikin <yzaikin@google.com>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
linux-fsdevel <linux-fsdevel@vger.kernel.org>
Subject: Re: [PATCH 03/11] fs: add new read_uptr and write_uptr file operations
Date: Mon, 29 Jun 2020 20:07:30 +0200 [thread overview]
Message-ID: <20200629180730.GA4600@lst.de> (raw)
In-Reply-To: <CAHk-=wj_Br5dQt0GnMjHooSvBbVXwtGRVKQNkpCLwWjYko-4Zw@mail.gmail.com>
On Mon, Jun 29, 2020 at 10:02:48AM -0700, Linus Torvalds wrote:
> That said, is there no practical limit on how big "optlen" can be?
There are some pretty huge ones, like the sctp one that can take
a basically unlimited list of sockaddr structures.
> Sure, I realize that a lot of setsockopt users may not use all of the
> data, but let's say that "optlen" is 128, but the actual low-level
> setsockopt operation only uses the first 16 bytes, maybe we could
> always just copy the 128 bytes from user space into kernel space, and
> just say "setsockopt() always gets a kernel pointer".
One issue is that a lot setsockopt calls are in the fast path, and
even have micro-optimizations like putting an int on stack for the
fast path to avoid the memory allocation. While I don't know for
sure I fear that always doing a large allocation could end up having
a performance impact. But otherwise I like that idea, and did in
fact start some prep work until I realized what I did was futile.
> Then the bpf use is even simpler. It would just pass the kernel
> pointer natively.
>
> Because that seems to be what the BPF code really wants to do: it
> takes the user optval, and munges it into a kernel optval, and then
> (if that has been done) runs the low-level sock_setsockopt() under
> KERNEL_DS.
>
> Couldn't we switch things around instead, and just *always* copy
> things from user space, and sock_setsockopt (and
> sock->ops->setsockopt) _always_ get a kernel buffer?
>
> And avoid the set_fs(KERNEL_DS) games entirely that way?
I'd love to be able to do that. And now that we want through this
whole mess than Nth time I have another idea:
- we assume optlen is correct, which should cover about 90% of
the protocols
- but to override that a new setsockopt_len method is added that
returns the correct length for all the messy ones.
Let me try if that works out.
next prev parent reply other threads:[~2020-06-29 18:47 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-06-24 16:28 [RFC] stop using ->read and ->write for kernel access Christoph Hellwig
2020-06-24 16:28 ` [PATCH 01/11] uptr: add a new "universal pointer" type Christoph Hellwig
2020-06-24 16:28 ` [PATCH 02/11] fs: factor out a set_fmode_can_read_write helper Christoph Hellwig
2020-06-24 16:28 ` [PATCH 03/11] fs: add new read_uptr and write_uptr file operations Christoph Hellwig
2020-06-24 17:19 ` Linus Torvalds
2020-06-24 17:55 ` Christoph Hellwig
2020-06-24 18:11 ` Linus Torvalds
2020-06-24 18:14 ` Christoph Hellwig
2020-06-24 18:20 ` Linus Torvalds
2020-06-24 18:24 ` Christoph Hellwig
2020-06-24 18:29 ` Matthew Wilcox
2020-06-24 18:31 ` Christoph Hellwig
2020-06-24 18:15 ` Linus Torvalds
2020-06-27 10:49 ` David Laight
2020-06-27 16:33 ` Linus Torvalds
2020-06-29 8:21 ` David Laight
2020-06-29 15:29 ` Christoph Hellwig
2020-06-29 17:02 ` Linus Torvalds
2020-06-29 18:07 ` Christoph Hellwig [this message]
2020-06-29 18:29 ` Linus Torvalds
2020-06-29 18:36 ` Christoph Hellwig
2020-06-29 19:10 ` Linus Torvalds
2020-06-30 7:04 ` Christoph Hellwig
2020-06-30 7:51 ` David Laight
2020-07-08 5:14 ` Luis Chamberlain
2020-06-24 17:56 ` Matthew Wilcox
2020-06-24 17:59 ` Christoph Hellwig
2020-06-24 18:37 ` Christoph Hellwig
2020-06-24 18:43 ` Matthew Wilcox
2020-06-24 16:28 ` [PATCH 04/11] sysctl: switch to ->{read,write}_uptr Christoph Hellwig
2020-06-24 16:28 ` [PATCH 05/11] fs: refactor new_sync_read Christoph Hellwig
2020-06-24 16:28 ` [PATCH 06/11] proc: add a read_iter method to proc proc_ops Christoph Hellwig
2020-06-24 16:28 ` [PATCH 07/11] seq_file: add seq_read_iter Christoph Hellwig
2020-06-24 16:28 ` [PATCH 08/11] seq_file: switch over direct seq_read method calls to seq_read_iter Christoph Hellwig
2020-06-24 16:28 ` [PATCH 09/11] proc: " Christoph Hellwig
2020-06-24 16:29 ` [PATCH 10/11] fs: don't allow kernel reads and writes using ->read and ->write Christoph Hellwig
2020-06-24 16:29 ` [PATCH 11/11] fs: don't allow splice read/write without explicit ops Christoph Hellwig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200629180730.GA4600@lst.de \
--to=hch@lst.de \
--cc=David.Laight@aculab.com \
--cc=keescook@chromium.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mcgrof@kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=viro@zeniv.linux.org.uk \
--cc=yzaikin@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.