All of lore.kernel.org
 help / color / mirror / Atom feed
From: "H. Peter Anvin" <hpa@zytor.com>
To: Ingo Molnar <mingo@kernel.org>, Al Viro <viro@ZenIV.linux.org.uk>,
	Thomas Gleixner <tglx@linutronix.de>,
	Andrew Morton <akpm@linux-foundation.org>,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Cc: Vitaly Mayatskikh <v.mayatskih@gmail.com>
Subject: copy_from_user_*() and buffer zeroing
Date: Tue, 26 Nov 2013 13:07:07 -0800	[thread overview]
Message-ID: <52950D7B.304@zytor.com> (raw)

I just started looking into the horribly confused state of buffer
zeroing for the various copy_from_user variants.  This came up after we
did some minor tuning last week.

copy_from_user_inatomic() seems to be documented to not zero the buffer.
 This is definitely *NOT* true on x86-64, although it does seem to be
true on i386 -- on x86-64, we carry along a "zerorest" flag but in all
possible codepaths it will be set to true unless the remaining byte
count is zero anyway.

Furthermore, on at least x86-64, if we do an early bailout, we don't
zero the entire buffer in the case of a hard-coded 10- or 16-byte buffer
(why only those sizes is anybody's guess.)  See lines 71-88 of uaccess_64.h.

I'd like to figure out what is the required and what is the desirable
behavior here, and then fix the code accordingly.

	-hpa

             reply	other threads:[~2013-11-26 21:07 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-11-26 21:07 H. Peter Anvin [this message]
2013-11-26 21:54 ` copy_from_user_*() and buffer zeroing Andrew Morton
2013-11-26 22:28   ` H. Peter Anvin
2013-11-26 23:04     ` NeilBrown
2013-11-26 23:08       ` H. Peter Anvin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=52950D7B.304@zytor.com \
    --to=hpa@zytor.com \
    --cc=akpm@linux-foundation.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@kernel.org \
    --cc=tglx@linutronix.de \
    --cc=v.mayatskih@gmail.com \
    --cc=viro@ZenIV.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.