On Wed, Mar 31, 2021 at 01:56:00PM +0200, Thomas Bogendoerfer wrote:
> +#define __get_user_nofault(dst, src, type, err_label) \
> +do { \
> + int __gu_err; \
> + \
> + __get_user_common(*((type *)(dst)), sizeof(type), \
> + (__force type *)(src)); \
> + if (unlikely(__gu_err)) \
> + goto err_label; \
> +} while (0)
> +
> +
> +static inline int __get_addr(unsigned long *a, unsigned long *p, bool user)
> +{
> + if (user)
> + __get_user_nofault(a, p, unsigned long, fault);
> + else
> + __get_kernel_nofault(a, p, unsigned long, fault);
> +
> + return 0;
> +
> +fault:
> + return -EFAULT;
> +}
Why can't these use plain old get_user and get_kernel_nofault?
You "optimize" away the access_ok / get_kernel_nofaul_allowed checks
here, but now use totally non-standard and possibly dangerous APIs.
