This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH v1 1/4] lib: introduce copy_struct_from_user() helper
- From: Linus Torvalds <torvalds at linux-foundation dot org>
- To: Aleksa Sarai <cyphar at cyphar dot com>
- Cc: Ingo Molnar <mingo at redhat dot com>, Peter Zijlstra <peterz at infradead dot org>, Alexander Shishkin <alexander dot shishkin at linux dot intel dot com>, Jiri Olsa <jolsa at redhat dot com>, Namhyung Kim <namhyung at kernel dot org>, Christian Brauner <christian at brauner dot io>, Rasmus Villemoes <linux at rasmusvillemoes dot dk>, Al Viro <viro at zeniv dot linux dot org dot uk>, GNU C Library <libc-alpha at sourceware dot org>, Linux API <linux-api at vger dot kernel dot org>, Linux Kernel Mailing List <linux-kernel at vger dot kernel dot org>
- Date: Wed, 25 Sep 2019 10:10:37 -0700
- Subject: Re: [PATCH v1 1/4] lib: introduce copy_struct_from_user() helper
- References: <20190925165915.8135-1-cyphar@cyphar.com> <20190925165915.8135-2-cyphar@cyphar.com>
On Wed, Sep 25, 2019 at 10:00 AM Aleksa Sarai <cyphar@cyphar.com> wrote:
>
> +int is_zeroed_user(const void __user *from, size_t size)
I like how you've done this, but it's buggy and only works on 64-bit.
All the "u64" and "8" cases need to be "unsigned long" and
"sizeof(unsigned long)".
Part of that requirement is:
> + unsafe_get_user(val, (u64 __user *) from, err_fault);
This part works fine - although 64-bit accesses migth be much more
expensive and the win of unrolling might not be sufficient - but:
> + if (align) {
> + /* @from is unaligned. */
> + val &= ~aligned_byte_mask(align);
> + align = 0;
> + }
This part fundamentally only works on 'unsigned long'.
Linus