On Wed, Jul 06, 2022 at 10:18:15AM +0200, Alexander Egorenkov wrote:
> > + __iterate_and_advance(iter, csize, base, len, off,
> > + ({ copy_oldmem_user(base, src + off, len) < 0 ? csize : 0; }),
> > + ({ copy_oldmem_kernel(base, src + off, len) < 0 ? csize : 0; })
>
> Question
> --------
> About return value of STEP in iterate_iovec().
> We return "csize" in case copy_oldmem_*() fails.
> If i'm not mistaken this could lead to an overflow in iterate_iovec():
>
> len -= (STEP);
>
> Because len could be less than csize in case iovec consists of multiple
> segments, one of which is less than csize.
>
> Better to return len ?
It certainly better. I'll post the fixed version.
> ({ copy_oldmem_user(base, src + off, len) < 0 ? len : 0; })
>
> > + )
> > return csize;
> > }
>
> Another thing is that now we never report any errors in contrast to
> the version before. This is OK ?
I think that is fine. It is consistent with other iterate_and_advance()
uses and actually converted by read_from_oldmem() to -EFAULT in case of
incomplete copy.
Thank you!
