Re: [PATCH v2 00/18] clean up asm/uaccess.h, kill set_fs for good
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: Al Viro <viro@xxxxxxxxxxxxxxxxxx>, Arnd Bergmann <arnd@xxxxxxxxxx>
- Subject: Re: [PATCH v2 00/18] clean up asm/uaccess.h, kill set_fs for good
- From: Christophe Leroy <christophe.leroy@xxxxxxxxxx>
- Date: Fri, 18 Feb 2022 10:01:32 +0000
- Accept-language: fr-FR, en-US
- Cc: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>, Christoph Hellwig <hch@xxxxxx>, "linux-arch@xxxxxxxxxxxxxxx" <linux-arch@xxxxxxxxxxxxxxx>, "linux-mm@xxxxxxxxx" <linux-mm@xxxxxxxxx>, "linux-api@xxxxxxxxxxxxxxx" <linux-api@xxxxxxxxxxxxxxx>, "arnd@xxxxxxxx" <arnd@xxxxxxxx>, "linux-kernel@xxxxxxxxxxxxxxx" <linux-kernel@xxxxxxxxxxxxxxx>, "mark.rutland@xxxxxxx" <mark.rutland@xxxxxxx>, "dalias@xxxxxxxx" <dalias@xxxxxxxx>, "linux-ia64@xxxxxxxxxxxxxxx" <linux-ia64@xxxxxxxxxxxxxxx>, "linux-sh@xxxxxxxxxxxxxxx" <linux-sh@xxxxxxxxxxxxxxx>, "peterz@xxxxxxxxxxxxx" <peterz@xxxxxxxxxxxxx>, "jcmvbkbc@xxxxxxxxx" <jcmvbkbc@xxxxxxxxx>, "guoren@xxxxxxxxxx" <guoren@xxxxxxxxxx>, "sparclinux@xxxxxxxxxxxxxxx" <sparclinux@xxxxxxxxxxxxxxx>, "linux-hexagon@xxxxxxxxxxxxxxx" <linux-hexagon@xxxxxxxxxxxxxxx>, "linux-riscv@xxxxxxxxxxxxxxxxxxx" <linux-riscv@xxxxxxxxxxxxxxxxxxx>, "will@xxxxxxxxxx" <will@xxxxxxxxxx>, "ardb@xxxxxxxxxx" <ardb@xxxxxxxxxx>, "linux-s390@xxxxxxxxxxxxxxx" <linux-s390@xxxxxxxxxxxxxxx>, "bcain@xxxxxxxxxxxxxx" <bcain@xxxxxxxxxxxxxx>, "deller@xxxxxx" <deller@xxxxxx>, "x86@xxxxxxxxxx" <x86@xxxxxxxxxx>, "linux@xxxxxxxxxxxxxxx" <linux@xxxxxxxxxxxxxxx>, "linux-csky@xxxxxxxxxxxxxxx" <linux-csky@xxxxxxxxxxxxxxx>, "mingo@xxxxxxxxxx" <mingo@xxxxxxxxxx>, "geert@xxxxxxxxxxxxxx" <geert@xxxxxxxxxxxxxx>, "linux-snps-arc@xxxxxxxxxxxxxxxxxxx" <linux-snps-arc@xxxxxxxxxxxxxxxxxxx>, "linux-xtensa@xxxxxxxxxxxxxxxx" <linux-xtensa@xxxxxxxxxxxxxxxx>, "hca@xxxxxxxxxxxxx" <hca@xxxxxxxxxxxxx>, "linux-alpha@xxxxxxxxxxxxxxx" <linux-alpha@xxxxxxxxxxxxxxx>, "linux-um@xxxxxxxxxxxxxxxxxxx" <linux-um@xxxxxxxxxxxxxxxxxxx>, "linux-m68k@xxxxxxxxxxxxxxxxxxxx" <linux-m68k@xxxxxxxxxxxxxxx>, "openrisc@xxxxxxxxxxxxxxxxxxxx" <openrisc@xxxxxxxxxxxxxxxxxxxx>, "green.hu@xxxxxxxxx" <green.hu@xxxxxxxxx>, "shorne@xxxxxxxxx" <shorne@xxxxxxxxx>, "monstr@xxxxxxxxx" <monstr@xxxxxxxxx>, "tsbogend@xxxxxxxxxxxxxxxx" <tsbogend@xxxxxxxxxxxxxxxx>, "linux-parisc@xxxxxxxxxxxxxxx" <linux-parisc@xxxxxxxxxxxxxxx>, "nickhu@xxxxxxxxxxxxx" <nickhu@xxxxxxxxxxxxx>, "linux-mips@xxxxxxxxxxxxxxx" <linux-mips@xxxxxxxxxxxxxxx>, "dinguyen@xxxxxxxxxx" <dinguyen@xxxxxxxxxx>, "ebiederm@xxxxxxxxxxxx" <ebiederm@xxxxxxxxxxxx>, "richard@xxxxxx" <richard@xxxxxx>, "akpm@xxxxxxxxxxxxxxxxxxxx" <akpm@xxxxxxxxxxxxxxxxxxxx>, "linuxppc-dev@xxxxxxxxxxxxxxxx" <linuxppc-dev@xxxxxxxxxxxxxxxx>, "davem@xxxxxxxxxxxxx" <davem@xxxxxxxxxxxxx>
- In-reply-to: <Yg77bNZfNhSk0bVQ@zeniv-ca.linux.org.uk>
- References: <20220216131332.1489939-1-arnd@kernel.org> <00496df2-f9f2-2547-3ca3-7989e4713d6b@csgroup.eu> <Yg77bNZfNhSk0bVQ@zeniv-ca.linux.org.uk>
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.5.0
Le 18/02/2022 à 02:50, Al Viro a écrit :
> On Thu, Feb 17, 2022 at 07:20:11AM +0000, Christophe Leroy wrote:
>
>> And we have also
>> user_access_begin()/user_read_access_begin()/user_write_access_begin()
>> which call access_ok() then do the real work. Could be made generic with
>> call to some arch specific __user_access_begin() and friends after the
>> access_ok() and eventually the might_fault().
>
> Not a good idea, considering the fact that we do not want to invite
> uses of "faster" variants...
I'm not sure I understand your concern.
Today in powerpc we have:
static __must_check inline bool
user_read_access_begin(const void __user *ptr, size_t len)
{
if (unlikely(!access_ok(ptr, len)))
return false;
might_fault();
allow_read_from_user(ptr, len);
return true;
}
We could instead have a generic
static __must_check inline bool
user_read_access_begin(const void __user *ptr, size_t len)
{
if (unlikely(!access_ok(ptr, len)))
return false;
might_fault();
return arch_user_read_access_begin(ptr, len);
}
And then a powerpc specific
static __must_check __always_inline bool
arch_user_read_access_begin(const void __user *ptr, size_t len)
{
allow_read_from_user(ptr, len);
return true;
}
#define arch_user_read_access_begin arch_user_read_access_begin
And a generic fallback for arch_user_read_access_begin() that does
nothing at all.
Do you mean that in that case people might be tempted to use
arch_user_read_access_begin() instead of using user_read_access_begin() ?
If that's the case isn't it something we could verify via checkpatch.pl ?
Today it seems to be problematic that functions in asm/uaccess.h use
access_ok(). Such an approach would allow to get rid of access_ok() use
in architecture's uaccess.h
Christophe
[Index of Archives]
[Linux Kernel]
[Sparc Linux]
[DCCP]
[Linux ARM]
[Yosemite News]
[Linux SCSI]
[Linux x86_64]
[Linux for Ham Radio]
