From: David Laight <david.laight.linux@gmail.com>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
Alexander Viro <viro@zeniv.linux.org.uk>,
Christian Brauner <brauner@kernel.org>, Jan Kara <jack@suse.cz>,
Arnd Bergmann <arnd@arndb.de>, Kees Cook <kees@kernel.org>
Subject: Re: [PATCH 1/2] uaccess: Simplify code pattern for masked user copies
Date: Sun, 9 Feb 2025 21:18:05 +0000 [thread overview]
Message-ID: <20250209211805.5fc2e9e4@pumpkin> (raw)
In-Reply-To: <CAHk-=wisZo7+-xmC_o8GQJ-G0qFp4u29t_FkjgPvgq7FXaTyDg@mail.gmail.com>
On Sun, 9 Feb 2025 12:40:32 -0800
Linus Torvalds <torvalds@linux-foundation.org> wrote:
> On Sun, 9 Feb 2025 at 11:48, David Laight <david.laight.linux@gmail.com> wrote:
> >
> > You almost need it to be 'void masked_user_access_begin(&uaddr)'.
>
> Maybe we just need to make it a two-stage thing, with
>
> if (!user_access_ok(uaddr, size))
> return -EFAULT;
> user_read_access_begin(&uaddr);
> unsafe_get_user(val1, &uaddr->one, Efault);
> unsafe_get_user(val2, &uaddr->two, Efault);
> user_read_access_end();
> ... all done ..
>
> Efault:
> user_read_access_end();
> return -EFAULT;
>
> and that would actually simplify some things: right now we have
> separate versions of the user address checking (for
> read/write/either): user_read_access_begin() and friends.
>
> We still need those three versions, but now we'd only need them for
> the simpler non-conditional case that doesn't have to bother about the
> size.
Except for the ppc? case which needs the size to open a bounded window.
(I'm not sure how that handler r/w access.)
So you either have to pass the size twice or come back to:
if (!user_read_access_begin(&uaddr, size))
return -EFAULT;
unsafe_get_user(...);
David
next prev parent reply other threads:[~2025-02-09 21:18 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-09 10:55 [PATCH 0/2] uaccess: Add masked_user_read_access_begin David Laight
2025-02-09 10:55 ` [PATCH 1/2] uaccess: Simplify code pattern for masked user copies David Laight
2025-02-09 17:40 ` Linus Torvalds
2025-02-09 18:34 ` David Laight
2025-02-09 18:40 ` Linus Torvalds
2025-02-09 18:46 ` Linus Torvalds
2025-02-09 19:02 ` David Laight
2025-02-09 19:47 ` David Laight
2025-02-09 20:40 ` Linus Torvalds
2025-02-09 21:18 ` David Laight [this message]
2025-02-09 21:38 ` Linus Torvalds
2025-02-09 10:56 ` [PATCH 2/2] fs: Use masked_user_read_access_begin() David Laight
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250209211805.5fc2e9e4@pumpkin \
--to=david.laight.linux@gmail.com \
--cc=arnd@arndb.de \
--cc=brauner@kernel.org \
--cc=jack@suse.cz \
--cc=kees@kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.