Hi Leonid, On Mon, Jan 04, 2016 at 01:33:51PM -0800, Leonid Yegoshin wrote: > On 01/04/2016 12:29 PM, James Hogan wrote: > > Add the eva_kernel_access() check in __copy_from_user() like the one in > > copy_from_user(). ... > Adding a user space check in __copy_from_user() kills the original > design. The original patch which did the same thing is already merged, so its a bit late to be arguing with it now. In any case, like other __ prefixed uaccess functions I believe the semantics are such that __copy_from_user() can be used instead of copy_from_user() to avoid multiple redundant access_ok() checks, since the caller can do it once before calling __copy_from_user(). I have yet to see evidence or documentation suggesting that it was intended never to be used for kernel addresses, which would be inconsistent with copy_from_user and other __ uaccess functions which do handle them. Given the awkwardness of auditing whether some of these functions are ever called with kernel addresses, and the rate of code change in Linux, taking shortcuts with the semantics, even if possible to do at this moment, will only result in future code rot. Cheers James
Attachment:
signature.asc
Description: Digital signature
