On Sat 18-05-19 21:46:03, Dan Williams wrote: > On Fri, May 17, 2019 at 12:25 PM Kees Cook <keescook@xxxxxxxxxxxx> wrote: > > On Fri, May 17, 2019 at 10:28:48AM -0700, Dan Williams wrote: > > > It seems dax_iomap_actor() is not a path where we'd be worried about > > > needing hardened user copy checks. > > > > I would agree: I think the proposed patch makes sense. :) > > Sounds like an acked-by to me. Yeah, if Kees agrees, I'm fine with skipping the checks as well. I just wanted that to be clarified. Also it helped me that you wrote: That routine (dax_iomap_actor()) validates that the logical file offset is within bounds of the file, then it does a sector-to-pfn translation which validates that the physical mapping is within bounds of the block device. That is more specific than "dax_iomap_actor() takes care of necessary checks" which was in the changelog. And the above paragraph helped me clarify which checks in dax_iomap_actor() you think replace those usercopy checks. So I think it would be good to add that paragraph to those copy_from_pmem() functions as a comment just in case we are wondering in the future why we are skipping the checks... Also feel free to add: Acked-by: Jan Kara <jack@xxxxxxx> Honza -- Jan Kara <jack@xxxxxxxx> SUSE Labs, CR
