Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp32970imm;
        Mon, 4 Jun 2018 12:29:27 -0700 (PDT)
X-Google-Smtp-Source: ADUXVKJvW6J7wS1AbwYyPLpny/5jb4jmVb1YfPfpz00oP9qo7A8g8qf2KEZaxTqe4NFevjugI2Lp
X-Received: by 2002:a17:902:1e4:: with SMTP id b91-v6mr23136198plb.155.1528140567466;
        Mon, 04 Jun 2018 12:29:27 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1528140567; cv=none;
        d=google.com; s=arc-20160816;
        b=AfakgjmEH+SlMnm/18456wkIIXrpdWkYXTxtjBzAgUB2Cypx0IHktR+CrpQDHlaxfK
         TQAHbuOX0K6q1kGwey3yF0fEOFjN8nd9DwDBdQgbxYjRauPRUFRs7/FkOtPvYKkD01/V
         47jAuk5krZcsAIxU1vdQBwzw49X5XhI80euhrfBpv6J2HVC83bqo6h7qxROFiCVAxFDS
         BvXXtLPXanHbUBopTky25obpluP7RWIj9fs9XKiQrvmRIS20rG/av3Dkuo7Dr6BPW0fs
         4kn+sAsXWD2ssOR0Aaj4ITRd/HuJ9YlyZxDIQQz+D5rbGjb/X9CQNDT8MZ+rfqZxzMru
         TssA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:dkim-signature
         :arc-authentication-results;
        bh=twmE4FK7z+eljsFNLxMdlg6oGd5GPjPg3YdtyelGuqs=;
        b=jze2pkZyS/JXB2OrxCAuPs5QUtHs3bZkp7aDhj1Z04kQBnhW2LukskbL5p2Oaw1TWc
         xbWX1B7yNM/CaUqczSMEDZQCwD3nBEnJ5uQGDURgU0sVLs/ahgNdRQQLrw4V8r0954TU
         uMflGyCdE8Pq8h4junio0p2rsygeOHf2+ENFdadQ+VlpPLXDpxjhZ0tEYTsUUsj95STC
         dFJE/TcTIdzmSs/LZYOy+mkKY1cYEAuismh/F9o5F7C37zTYxarnAL9azXViCj8gPy1F
         MOKKBUmcUqvUKO0188ou34yPPE9t9rIaE59ajyBrJf+qJBBMRpF1u//jPWfSidJDL/vE
         lakw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail header.i=@wdc.com header.s=dkim.wdc.com header.b=Bo8y7syz;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id g3-v6si45562527plp.594.2018.06.04.12.29.12;
        Mon, 04 Jun 2018 12:29:27 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail header.i=@wdc.com header.s=dkim.wdc.com header.b=Bo8y7syz;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751307AbeFDT2t (ORCPT <rfc822;rao.subba.venkata@gmail.com>
        + 99 others); Mon, 4 Jun 2018 15:28:49 -0400
Received: from esa2.hgst.iphmx.com ([68.232.143.124]:52938 "EHLO
        esa2.hgst.iphmx.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751201AbeFDT2s (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 4 Jun 2018 15:28:48 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
  d=wdc.com; i=@wdc.com; q=dns/txt; s=dkim.wdc.com;
  t=1528141119; x=1559677119;
  h=subject:to:cc:references:from:message-id:date:
   mime-version:in-reply-to:content-transfer-encoding;
  bh=fENGlfdci5EdDbnPdVXUyRbBTcQupzlsN09AQlmt3UI=;
  b=Bo8y7syz5C0or8J581QJXNsfRhDiY8Bg6/97mUPRudps7TdI1K6jv//D
   CGjpiytz18QiYZcOuADgkkY8gzTH61NdCgqB0kclgKnHSuf4TmHoChUmn
   /R5L4+3pDefhuB/GkX4jRVRFCFCbGbNZRCi7CcIm7EvJx33R8i8sZq75w
   pLGqa/7osW0wQbUochBAXaQ4obBhMF/JFqXvRgKi0IxzhWzINo0D2tXgG
   LEsRAELpQUXovyq8PxRPUIggP34tQ4IDmBJeXSBEchqqxVXdg8WCcOABy
   kTg/y6QepdQxgkuKscV0vtGVfR+4vZ5z7TCisDclZVciuPD5F4Y/aE6i/
   g==;
X-IronPort-AV: E=Sophos;i="5.49,476,1520870400"; 
   d="scan'208";a="176491398"
Received: from h199-255-45-15.hgst.com (HELO uls-op-cesaep02.wdc.com) ([199.255.45.15])
  by ob1.hgst.iphmx.com with ESMTP; 05 Jun 2018 03:38:39 +0800
Received: from uls-op-cesaip01.wdc.com ([10.248.3.36])
  by uls-op-cesaep02.wdc.com with ESMTP; 04 Jun 2018 12:18:51 -0700
Received: from c02v91rdhtd5.sdcorp.global.sandisk.com (HELO [10.196.157.210]) ([10.196.157.210])
  by uls-op-cesaip01.wdc.com with ESMTP; 04 Jun 2018 12:28:48 -0700
Subject: Re: [PATCH 3/3] riscv: fix __user annotation for __copy_user()
To:     Luc Van Oostenryck <luc.vanoostenryck@gmail.com>
Cc:     Palmer Dabbelt <palmer@sifive.com>,
        "linux-riscv@lists.infradead.org" <linux-riscv@lists.infradead.org>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        Albert Ou <albert@sifive.com>
References: <20180601152123.47256-1-luc.vanoostenryck@gmail.com>
 <20180601152123.47256-4-luc.vanoostenryck@gmail.com>
 <235fec3e-be2e-874a-8313-e7390fcdca74@wdc.com>
 <20180604190927.7jrdlulgowt5umce@ltop.local>
From:   Atish Patra <atish.patra@wdc.com>
Message-ID: <6a0ab99d-6e4d-eb80-bc4d-854d154ae827@wdc.com>
Date:   Mon, 4 Jun 2018 12:28:47 -0700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0)
 Gecko/20100101 Thunderbird/52.8.0
MIME-Version: 1.0
In-Reply-To: <20180604190927.7jrdlulgowt5umce@ltop.local>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 6/4/18 12:09 PM, Luc Van Oostenryck wrote:
> On Mon, Jun 04, 2018 at 11:46:50AM -0700, Atish Patra wrote:
>> On 6/1/18 8:22 AM, Luc Van Oostenryck wrote:
>>> __copy_user() is a function, written in assembly, used to copy
>>> memory between kernel & user space. As such its to & from args
>>> may both take a user pointer or a kernel pointer.
>>>
>>> However the prototype for this function declare these two args
>>> as 'void __user *', which is no more & no less correct than
>>> declaring them as 'void *'. In fact theer is no possible correct
>>
>> /s/theer/there
>>
>>> annotation for such a function.
>>>
>>> The problem is worked around here by declaring these args as
>>> unsigned long and casting them to the right type in each of
>>> two callers raw_copy_{to,from}_user() as some kind of cast would
>>> be needed anyway.
>>>
>>> Note: another solution, maybe cleaner but slightly more complex,
>>>         would be to declare two version of __copy_user,
>>>         either in the asm file or via an alias, each having already
>>>         the correct typing for raw_copy_{to,from}_user().
>>>
>>
>> I feel that would be a better solution as it is implemented similarly
>> in ARM as well.
>>
>> I am unable to understand how "unsigned long" is better than "void*".
>> x86 implementation has both arguments as void*. Can you please clarify ?
> 
> "better" is quite relative and it must be understood that sparse
> allow to cast pointers o fany kinds to and from unsigned long
> without any warnings (while doing a cast between different address
> space will emit a warning unless you use '__force').
> 

Got it.
> As I tried to explain here above, the fact that this function is
> declared as taking 2 __user pointers requires to use of casts
> (ugly casts with __force) to get over the __user. By declaring
> them as taking unsigned long, you still have to use casts but, IMO,
> it's cleaner
> 

Thanks for the detailed explanation.

> Note: they're generic pointers/addresses anyway, they can't be
>        dereferenced anyway so unsigned is as good as a plain void*
>        or a void __user*
> Note: using unsigned long here, fundamentally to bypass the __user,
>        is the same as casting a const pointer back to a plain pointer
>        via an intermediate cast to unsigned long. People can argue
>        that's kinda cheating, and they would be right of course, but
>        using __force or declaring twice the function with two different
>        names and prototype is also a form of cheating.
> Note: if this would be my code, I would choose the solution with
>        two declarations.

I prefer that as well.

Regards,
Atish
> 
> 
> Best regards,
> -- Luc
>