From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0EE56C43465 for ; Mon, 21 Sep 2020 15:05:38 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id D9FFF206B8 for ; Mon, 21 Sep 2020 15:05:37 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727622AbgIUPFh convert rfc822-to-8bit (ORCPT ); Mon, 21 Sep 2020 11:05:37 -0400 Received: from eu-smtp-delivery-151.mimecast.com ([185.58.86.151]:33566 "EHLO eu-smtp-delivery-151.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727293AbgIUPFh (ORCPT ); Mon, 21 Sep 2020 11:05:37 -0400 Received: from AcuMS.aculab.com (156.67.243.126 [156.67.243.126]) (Using TLS) by relay.mimecast.com with ESMTP id uk-mta-267-pfN4bYDxOjGQU1qcEZSq4g-1; Mon, 21 Sep 2020 16:05:33 +0100 X-MC-Unique: pfN4bYDxOjGQU1qcEZSq4g-1 Received: from AcuMS.Aculab.com (fd9f:af1c:a25b:0:43c:695e:880f:8750) by AcuMS.aculab.com (fd9f:af1c:a25b:0:43c:695e:880f:8750) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Mon, 21 Sep 2020 16:05:32 +0100 Received: from AcuMS.Aculab.com ([fe80::43c:695e:880f:8750]) by AcuMS.aculab.com ([fe80::43c:695e:880f:8750%12]) with mapi id 15.00.1347.000; Mon, 21 Sep 2020 16:05:32 +0100 From: David Laight To: 'Christoph Hellwig' , Alexander Viro CC: Andrew Morton , Jens Axboe , Arnd Bergmann , David Howells , "linux-arm-kernel@lists.infradead.org" , "linux-kernel@vger.kernel.org" , "linux-mips@vger.kernel.org" , "linux-parisc@vger.kernel.org" , "linuxppc-dev@lists.ozlabs.org" , "linux-s390@vger.kernel.org" , "sparclinux@vger.kernel.org" , "linux-block@vger.kernel.org" , "linux-scsi@vger.kernel.org" , "linux-fsdevel@vger.kernel.org" , "linux-aio@kvack.org" , "io-uring@vger.kernel.org" , "linux-arch@vger.kernel.org" , "linux-mm@kvack.org" , "netdev@vger.kernel.org" , "keyrings@vger.kernel.org" , "linux-security-module@vger.kernel.org" Subject: RE: [PATCH 04/11] iov_iter: explicitly check for CHECK_IOVEC_ONLY in rw_copy_check_uvector Thread-Topic: [PATCH 04/11] iov_iter: explicitly check for CHECK_IOVEC_ONLY in rw_copy_check_uvector Thread-Index: AQHWkCRT6PkpgoAV6EexsDeYdekosqlzL1uQ Date: Mon, 21 Sep 2020 15:05:32 +0000 Message-ID: <7336624280b8444fb4cb00407317741b@AcuMS.aculab.com> References: <20200921143434.707844-1-hch@lst.de> <20200921143434.707844-5-hch@lst.de> In-Reply-To: <20200921143434.707844-5-hch@lst.de> Accept-Language: en-GB, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [10.202.205.107] MIME-Version: 1.0 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=C51A453 smtp.mailfrom=david.laight@aculab.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: aculab.com Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8BIT Content-Language: en-US Precedence: bulk List-ID: X-Mailing-List: io-uring@vger.kernel.org From: Christoph Hellwig > Sent: 21 September 2020 15:34 > > Explicitly check for the magic value insted of implicitly relying on > its numeric representation. Also drop the rather pointless unlikely > annotation. > > Signed-off-by: Christoph Hellwig > --- > lib/iov_iter.c | 5 ++--- > 1 file changed, 2 insertions(+), 3 deletions(-) > > diff --git a/lib/iov_iter.c b/lib/iov_iter.c > index d7e72343c360eb..a64867501a7483 100644 > --- a/lib/iov_iter.c > +++ b/lib/iov_iter.c > @@ -1709,8 +1709,7 @@ static ssize_t rw_copy_check_uvector(int type, > ret = -EINVAL; > goto out; > } > - if (type >= 0 > - && unlikely(!access_ok(buf, len))) { > + if (type != CHECK_IOVEC_ONLY && !access_ok(buf, len)) { > ret = -EFAULT; > goto out; > } > @@ -1824,7 +1823,7 @@ static ssize_t compat_rw_copy_check_uvector(int type, > } > if (len < 0) /* size_t not fitting in compat_ssize_t .. */ > goto out; > - if (type >= 0 && > + if (type != CHECK_IOVEC_ONLY && > !access_ok(compat_ptr(buf), len)) { > ret = -EFAULT; > goto out; > -- > 2.28.0 I've actually no idea: 1) Why there is an access_ok() check here. It will be repeated by the user copy functions. 2) Why it isn't done when called from mm/process_vm_access.c. Ok, the addresses refer to a different process, but they must still be valid user addresses. Is 2 a legacy from when access_ok() actually checked that the addresses were mapped into the process's address space? David - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)