Prev: rwsem: wake queued readers when writer blocks on active read lock
Next: [PATCH] IPVS : bugfix for ICMPv6 checksum calculation
From: H. Peter Anvin on 11 Aug 2010 21:40
On 08/11/2010 05:33 PM, Andrew Morton wrote:
>
> Not very well.
>
> + rc = copy_from_user(&record_id, (void __user *)arg,
> + sizeof(u64));
>
> better to use sizeof(record_id).
>
> Where's Len??
>
> Anyway, this should be fixed in x86 core, I suspect.

Agreed. Looking at it now.

-hpa

--
H. Peter Anvin, Intel Open Source Technology Center
I work for Intel. I don't speak on their behalf.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo(a)vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
From: H. Peter Anvin on 12 Aug 2010 00:30
[Adding Linux and linux-arch. The context is that get_user/put_user
don't work on 64 bit values on i386.]

On 08/11/2010 05:33 PM, Andrew Morton wrote:
>
> Anyway, this should be fixed in x86 core, I suspect.

After looking at it -- and suffering a bad case of déjà vu -- I'm
reluctant to change it, as get/put_user are specified to work only on
locally atomic data:

* This macro copies a single simple variable from user space to kernel
* space. It supports simple types like char and int, but not larger
* data types like structures or arrays.

Given that u64 is not a simple type on 32 bits, it would appear that the
behavior is intentional.

A user might very well find that supporting u64 and/or structure types
would be beneficial, but it would a) be a semantic change, and b) would
introduce the possibility of a partially completed transfer. That is a
semantic change to the interface. However, it may very well be nicer to
have a generally available get_user()/put_user() for the cases which
would just kick an EFAULT up the stack when they fail anyway.

If there is consensus for making get_user/put_user a general interface,
I'm more than willing to do the x86 changes, but I don't want to do them
a) unilaterally and b) for 2.6.36. This seems like .37 material at this
point.

-hpa

--
H. Peter Anvin, Intel Open Source Technology Center
I work for Intel. I don't speak on their behalf.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo(a)vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
From: H. Peter Anvin on 12 Aug 2010 00:50
On 08/11/2010 09:30 PM, Andrew Morton wrote:
>
> However we should arrange for it to fail at compile time rather than
> at link time, please.
>

That is easy to do, of course.

-hpa

--
H. Peter Anvin, Intel Open Source Technology Center
I work for Intel. I don't speak on their behalf.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo(a)vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
From: H. Peter Anvin on 12 Aug 2010 01:10
On 08/11/2010 09:30 PM, Andrew Morton wrote:
>
> It occurs so rarely that it's probably not worth bothering about, IMO.
>

I think the real question is if we want people to convert:

if (copy_from_user(foo, bar, sizeof *foo))
return -EFAULT;

.... into ...

if (get_user(*foo, bar))
return -EFAULT;

.... or ...

rv = get_user(*foo, bar);
if (rv)
return rv;

.... where *foo is a structure type. It does have the advantage that a
single API does everything, simple or not, but has the disadvantage that
the partial-access semantics are now less explicit.

-hpa

--
H. Peter Anvin, Intel Open Source Technology Center
I work for Intel. I don't speak on their behalf.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo(a)vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
From: H. Peter Anvin on 12 Aug 2010 02:20
On 08/11/2010 11:03 PM, Andrew Morton wrote:
> <I suspect you can do get_user() on a 4-byte or 8-byte struct right now
> and it'll work>

Not so:

/home/hpa/kernel/linux-2.6-tip.urgent/arch/x86/lib/testuser.c:12: error:
conversion to non-scalar type requested

-hpa
 | 
Pages: 1
Prev: rwsem: wake queued readers when writer blocks on active read lock
Next: [PATCH] IPVS : bugfix for ICMPv6 checksum calculation