From: Boaz Harrosh <bharrosh@panasas.com>
To: James Bottomley <James.Bottomley@suse.de>
Cc: Julia Lawall <julia@diku.dk>,
Doug Gilbert <dgilbert@interlog.com>,
linux-scsi@vger.kernel.org, linux-kernel@vger.kernel.org,
kernel-janitors@vger.kernel.org
Subject: Re: [PATCH 14/27] drivers/scsi: Use memdup_user
Date: Sun, 23 May 2010 15:36:41 +0000 [thread overview]
Message-ID: <4BF94B89.2050101@panasas.com> (raw)
In-Reply-To: <1274538263.4410.38.camel@mulgrave.site>
On 05/22/2010 05:24 PM, James Bottomley wrote:
> On Sat, 2010-05-22 at 10:22 +0200, Julia Lawall wrote:
>> From: Julia Lawall <julia@diku.dk>
>>
>> Use memdup_user when user data is immediately copied into the
>> allocated region.
>>
>> The semantic patch that makes this change is as follows:
>> (http://coccinelle.lip6.fr/)
>>
>> // <smpl>
>> @@
>> expression from,to,size,flag;
>> position p;
>> identifier l1,l2;
>> @@
>>
>> - to = \(kmalloc@p\|kzalloc@p\)(size,flag);
>> + to = memdup_user(from,size);
>> if (
>> - to=NULL
>> + IS_ERR(to)
>> || ...) {
>> <+... when != goto l1;
>> - -ENOMEM
>> + PTR_ERR(to)
>> ...+>
>> }
>> - if (copy_from_user(to, from, size) != 0) {
>> - <+... when != goto l2;
>> - -EFAULT
>> - ...+>
>> - }
>> // </smpl>
>>
>> Signed-off-by: Julia Lawall <julia@diku.dk>
>>
>> ---
>> drivers/scsi/sg.c | 11 +++--------
>> 1 file changed, 3 insertions(+), 8 deletions(-)
>>
>> diff --git a/drivers/scsi/sg.c b/drivers/scsi/sg.c
>> index ef752b2..277ace6 100644
>> --- a/drivers/scsi/sg.c
>> +++ b/drivers/scsi/sg.c
>> @@ -1676,14 +1676,9 @@ static int sg_start_req(Sg_request *srp, unsigned char *cmd)
>> int len, size = sizeof(struct sg_iovec) * iov_count;
>> struct iovec *iov;
>>
>> - iov = kmalloc(size, GFP_ATOMIC);
>> - if (!iov)
>> - return -ENOMEM;
>> -
>> - if (copy_from_user(iov, hp->dxferp, size)) {
>> - kfree(iov);
>> - return -EFAULT;
>> - }
>> + iov = memdup_user(hp->dxferp, size);
>> + if (IS_ERR(iov))
>> + return PTR_ERR(iov);
>
> This type of transformation has really no value at all. The code you're
> proposing to replace is already correct. I'm fairly ambivalent on
> patterned APIs anyway but I accept they're useful way to prevent new
> code getting it wrong. However, it's completely bogus to force
> replacement of correctly functioning code throughout the kernel (unless
> you're going to argue that everyone who tries to copy from user into a
> kmalloc space does a cut and paste from sg?)
>
> Of infinitely greater service would be finding any places where the
> pattern is being incorrectly used.
>
It looks like it is not done 100% kosher and calling memdup_user should
be better.
- For 1 memdup_user does a GFP_KERNEL with a comment on how copy_from_user
would eventually sleep, so what's the point of GFP_ATOMIC?
If this is by design then it surly calls for a comment that explains.
(I would like to know)
- 2nd kmalloc_track_caller is called which is more appropriate here by
a small margin, No?
Just my $0.017
Boaz
> So, if Doug wants to take this as a prettify of sg, I'm happy, but if
> not, I don't really want to see this again.
>
> Thanks,
>
> James
>
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
WARNING: multiple messages have this Message-ID (diff)
From: Boaz Harrosh <bharrosh@panasas.com>
To: James Bottomley <James.Bottomley@suse.de>
Cc: Julia Lawall <julia@diku.dk>,
Doug Gilbert <dgilbert@interlog.com>,
linux-scsi@vger.kernel.org, linux-kernel@vger.kernel.org,
kernel-janitors@vger.kernel.org
Subject: Re: [PATCH 14/27] drivers/scsi: Use memdup_user
Date: Sun, 23 May 2010 18:36:41 +0300 [thread overview]
Message-ID: <4BF94B89.2050101@panasas.com> (raw)
In-Reply-To: <1274538263.4410.38.camel@mulgrave.site>
On 05/22/2010 05:24 PM, James Bottomley wrote:
> On Sat, 2010-05-22 at 10:22 +0200, Julia Lawall wrote:
>> From: Julia Lawall <julia@diku.dk>
>>
>> Use memdup_user when user data is immediately copied into the
>> allocated region.
>>
>> The semantic patch that makes this change is as follows:
>> (http://coccinelle.lip6.fr/)
>>
>> // <smpl>
>> @@
>> expression from,to,size,flag;
>> position p;
>> identifier l1,l2;
>> @@
>>
>> - to = \(kmalloc@p\|kzalloc@p\)(size,flag);
>> + to = memdup_user(from,size);
>> if (
>> - to==NULL
>> + IS_ERR(to)
>> || ...) {
>> <+... when != goto l1;
>> - -ENOMEM
>> + PTR_ERR(to)
>> ...+>
>> }
>> - if (copy_from_user(to, from, size) != 0) {
>> - <+... when != goto l2;
>> - -EFAULT
>> - ...+>
>> - }
>> // </smpl>
>>
>> Signed-off-by: Julia Lawall <julia@diku.dk>
>>
>> ---
>> drivers/scsi/sg.c | 11 +++--------
>> 1 file changed, 3 insertions(+), 8 deletions(-)
>>
>> diff --git a/drivers/scsi/sg.c b/drivers/scsi/sg.c
>> index ef752b2..277ace6 100644
>> --- a/drivers/scsi/sg.c
>> +++ b/drivers/scsi/sg.c
>> @@ -1676,14 +1676,9 @@ static int sg_start_req(Sg_request *srp, unsigned char *cmd)
>> int len, size = sizeof(struct sg_iovec) * iov_count;
>> struct iovec *iov;
>>
>> - iov = kmalloc(size, GFP_ATOMIC);
>> - if (!iov)
>> - return -ENOMEM;
>> -
>> - if (copy_from_user(iov, hp->dxferp, size)) {
>> - kfree(iov);
>> - return -EFAULT;
>> - }
>> + iov = memdup_user(hp->dxferp, size);
>> + if (IS_ERR(iov))
>> + return PTR_ERR(iov);
>
> This type of transformation has really no value at all. The code you're
> proposing to replace is already correct. I'm fairly ambivalent on
> patterned APIs anyway but I accept they're useful way to prevent new
> code getting it wrong. However, it's completely bogus to force
> replacement of correctly functioning code throughout the kernel (unless
> you're going to argue that everyone who tries to copy from user into a
> kmalloc space does a cut and paste from sg?)
>
> Of infinitely greater service would be finding any places where the
> pattern is being incorrectly used.
>
It looks like it is not done 100% kosher and calling memdup_user should
be better.
- For 1 memdup_user does a GFP_KERNEL with a comment on how copy_from_user
would eventually sleep, so what's the point of GFP_ATOMIC?
If this is by design then it surly calls for a comment that explains.
(I would like to know)
- 2nd kmalloc_track_caller is called which is more appropriate here by
a small margin, No?
Just my $0.017
Boaz
> So, if Doug wants to take this as a prettify of sg, I'm happy, but if
> not, I don't really want to see this again.
>
> Thanks,
>
> James
>
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2010-05-23 15:36 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-05-22 8:22 [PATCH 14/27] drivers/scsi: Use memdup_user Julia Lawall
2010-05-22 8:22 ` Julia Lawall
2010-05-22 14:24 ` James Bottomley
2010-05-22 14:24 ` James Bottomley
2010-05-23 15:36 ` Boaz Harrosh [this message]
2010-05-23 15:36 ` Boaz Harrosh
2010-05-23 16:22 ` James Bottomley
2010-05-23 16:22 ` James Bottomley
2010-05-25 14:15 ` Boaz Harrosh
2010-05-25 14:15 ` Boaz Harrosh
2010-05-25 14:58 ` James Bottomley
2010-05-25 14:58 ` James Bottomley
2010-05-25 22:23 ` Andrew Morton
2010-05-25 22:23 ` Andrew Morton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4BF94B89.2050101@panasas.com \
--to=bharrosh@panasas.com \
--cc=James.Bottomley@suse.de \
--cc=dgilbert@interlog.com \
--cc=julia@diku.dk \
--cc=kernel-janitors@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-scsi@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.