From: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
To: Dennis Dalessandro <dennis.dalessandro@intel.com>
Cc: dledford@redhat.com,
Mike Marciniszyn <mike.marciniszyn@intel.com>,
linux-rdma@vger.kernel.org,
Mitko Haralanov <mitko.haralanov@intel.com>,
linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
Ira Weiny <ira.weiny@intel.com>
Subject: Re: [PATCH v2 3/5] IB/hfi1: Add ioctl() interface for user commands
Date: Thu, 12 May 2016 13:40:06 -0600 [thread overview]
Message-ID: <20160512194006.GA6364@obsidianresearch.com> (raw)
In-Reply-To: <20160512192726.GB15146@phlsvsds.ph.intel.com>
On Thu, May 12, 2016 at 03:27:27PM -0400, Dennis Dalessandro wrote:
> >I thought we agreed to get rid of this as well? It certainly does not
> >belong here, and as a general rule, I don't think ioctls should be
> >doing capable tests..
>
> Yeah. I left it in this patch set because this just "ports" our existing
> code to ioctl(). The eprom stuff is completely removed in another patch set
> that I posted shortly after this. It's at:
Adding code and then removing it in a later patch is not a best
practice.. Just don't add it or define ioctl numbers at all..
> >>+static inline int check_ioctl_access(unsigned int cmd, unsigned long arg)
> >>+{
> >>+ int read_cmd, write_cmd, read_ok, write_ok;
> >>+
> >>+ read_cmd = _IOC_DIR(cmd) & _IOC_READ;
> >>+ write_cmd = _IOC_DIR(cmd) & _IOC_WRITE;
> >>+ write_ok = access_ok(VERIFY_WRITE, (void __user *)arg, _IOC_SIZE(cmd));
> >>+ read_ok = access_ok(VERIFY_READ, (void __user *)arg, _IOC_SIZE(cmd));
> >>+
> >>+ if ((read_cmd && !write_ok) || (write_cmd && !read_ok))
> >>+ return -EFAULT;
> >
> >This seems kind of goofy, didn't Ira say this is performance senstive?
Well, calling access_ok twice when only once is typically needed is
certainly not performant. Typically this check is done at every access
via get_user/put_user/copy_to/from_user - why is it being hoisted like
this?
> >Driver shouldn't be open coding __get_user like that, IMHO.
>
> Can you explain what you mean here? We should not use __get_user()?
Generally speaking, yes. Use get_user() that includes the correct
access_ok. Unless there is a good reason to avoid it, the standard API
should be used.
> _IOW means user is writing data to the device. So the device is reading data
> from the user. Or am I missing your point?
You are right, I spaced on this when reading the above - 'write_ok'
and 'write_cmd' seem like they should have been related, but really
aren't. It is doing the right tests, just odd. (eg use names like
write_cmd_ok, write_cmd for better clarity)
Jason
next prev parent reply other threads:[~2016-05-12 19:40 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-05-12 17:18 [PATCH v2 0/5] IB/hfi1: Remove write() and use ioctl() for user access Dennis Dalessandro
2016-05-12 17:18 ` [PATCH v2 1/5] IB/hfi1: Export drivers user sw version via sysfs Dennis Dalessandro
2016-05-12 17:18 ` [PATCH v2 2/5] IB/hfi1: Remove unused user command Dennis Dalessandro
2016-05-12 17:18 ` [PATCH v2 3/5] IB/hfi1: Add ioctl() interface for user commands Dennis Dalessandro
2016-05-12 17:43 ` Jason Gunthorpe
2016-05-12 18:12 ` Hefty, Sean
2016-05-12 19:27 ` Dennis Dalessandro
2016-05-12 19:40 ` Jason Gunthorpe [this message]
2016-05-12 19:48 ` Doug Ledford
2016-05-12 21:28 ` Jason Gunthorpe
2016-05-13 14:33 ` Dennis Dalessandro
2016-05-13 20:54 ` ira.weiny
2016-05-12 17:18 ` [PATCH v2 4/5] IB/hfi1: Remove write(), use ioctl() for user cmds Dennis Dalessandro
2016-05-12 17:18 ` [PATCH v2 5/5] IB/hfi1: Add trace message in user IOCTL handling Dennis Dalessandro
2016-05-12 17:34 ` [PATCH v2 0/5] IB/hfi1: Remove write() and use ioctl() for user access Jason Gunthorpe
2016-05-12 19:07 ` Dennis Dalessandro
2016-05-12 19:25 ` Jason Gunthorpe
2016-05-12 19:53 ` Dennis Dalessandro
2016-05-12 20:31 ` Doug Ledford
2016-05-12 21:27 ` Jason Gunthorpe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160512194006.GA6364@obsidianresearch.com \
--to=jgunthorpe@obsidianresearch.com \
--cc=dennis.dalessandro@intel.com \
--cc=dledford@redhat.com \
--cc=ira.weiny@intel.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-rdma@vger.kernel.org \
--cc=mike.marciniszyn@intel.com \
--cc=mitko.haralanov@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).