On 07/19/2018 01:27 PM, James Bottomley wrote: > On Thu, 2018-07-19 at 13:12 -0700, Tadeusz Struk wrote: >> On 07/19/2018 12:52 PM, James Bottomley wrote: >>> The ABI break is the error case as I outlined above. We can't >>> assume everyone uses the current interface without getting an error >>> and one error and your hosed is a nasty failure case to change the >>> interface to. >> >> Well, if there is a broken application out there that doesn't work >> today it will not work after this change neither. > > It doesn't have to be broken ... it could be using EFAULT to probe the > buffer size for instance. That's the point of not breaking the ABI: > you don't second guess what applications are doing. > Looking at the existing implementation again: https://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git/tree/drivers/char/tpm/tpm-dev-common.c?h=next-tpm#n56 EFAULT is returned only if the copy_to_user() fails. So today, if an application wants read 1 byte of a response, and provides 1 byte buffer for it, then only 1 byte of the response will be copied, no error code will be returned, and the rest of the response will be gone. I don't really see how and why would anyone use EFAULT err to probe for the buffer size. That would really be a broken application. Thanks, -- Tadeusz
