Received: by 2002:ac0:a582:0:0:0:0:0 with SMTP id m2-v6csp724629imm; Wed, 17 Oct 2018 07:22:41 -0700 (PDT) X-Google-Smtp-Source: ACcGV61OGhUN2cywplOS88Y5fOdEpxxIK1j5vw1ZLq/Qy+mQXy7eVoJB8fu7FOBjRb4Nx7IIBOzC X-Received: by 2002:a62:d046:: with SMTP id p67-v6mr27548123pfg.147.1539786161670; Wed, 17 Oct 2018 07:22:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1539786161; cv=none; d=google.com; s=arc-20160816; b=cQXNwjeBK/4QuIbnISrxIONpYPl3+VgdIm2lxerYUBEQ843MQIug0pmWDgtHZOm/jH DlSEg2ZRq9ZvxCMMVKJT2YMVMsmM7WV3LLj9HDOpuyJjmVNettyp+l1zO9NikKJHC2YL 9VC4WyZ2bPjlDnRgM0m+Jeb/cV811XKP3d+6ROGmVNKl1QFbYvGOPUD2yTw0O2C2jKH2 6vKnBN7PDF0eoUaFQkK7XF4A/1h1vvbTTZtHn1gpFJZm/Ycjv6mvVZpovyX+Oqf7SO2v 9pONb6rLaekKJPtc6bY1vzchMGpoi1jLcYQhwmyebS2vMj2VLen1IZjclkfHNCwUbuey kYUA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=7L7IvoAonuP96t9CtCi1thYdqNouYIRoC1todnBnO+4=; b=Vb761mL5eTNb5q2N7rNuT1kZpzSFITFg7gAe2sg7OAEgJ4fx+jsHoIKnhv+0qEriOJ xxHfN5Rm3jGoNb2ZcxaQcFpOC4+vG9DRqIUe6t6l3RanNifBlJqCw0Cw4I/pnp7CqyG7 ey+ZP6lSfEJ622V0pKC7dzzWRrkbbQmkCwl29sYHt/xKP1DJJmgSXUoOIWZHzDh55chR In/Pgz+GNXxUMy8D5+YY8sJPdleQauY7y2xmae5OJXkKPAonQQIhY6CoIhR63rA4L6HK MQ3H/CfVfon8wSb1zob/Nla/H7nYx1SxqIHO8JiF2J62ZTWz6RkaSzsz+B2xDsjAqVIP wVuQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@umn.edu header.s=20160920 header.b=jM23WgKK; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=umn.edu Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p70-v6si2915774pgp.53.2018.10.17.07.22.23; Wed, 17 Oct 2018 07:22:41 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@umn.edu header.s=20160920 header.b=jM23WgKK; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=umn.edu Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727646AbeJQWRY (ORCPT + 99 others); Wed, 17 Oct 2018 18:17:24 -0400 Received: from mta-p4.oit.umn.edu ([134.84.196.204]:55426 "EHLO mta-p4.oit.umn.edu" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727095AbeJQWRX (ORCPT ); Wed, 17 Oct 2018 18:17:23 -0400 Received: from localhost (localhost [127.0.0.1]) by mta-p4.oit.umn.edu (Postfix) with ESMTP id A5C4A51F; Wed, 17 Oct 2018 14:21:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=umn.edu; h= content-type:content-type:subject:subject:message-id:date:date :from:from:in-reply-to:references:mime-version:received:received :received; s=20160920; t=1539786087; x=1541600488; bh=r6ADaZAZjg 2NaXOt1ZlhdlI4BKiNjQ5OKnShZdjL8Gc=; b=jM23WgKK2tu5JzS91VgFlTz9hU tgY3sU6d8YHQec7eq6WrpC01qyO7vHEiWKSAOOxkQJfaNfPSHHp4XyEhDsC2O/Iw gGcKJ9kjdl/RY9t0E+l1C0rWDRtvx36JCW/b06Ehy46aGGpV1+jbVXYo1TbceFO1 puFPQHH1IYJgD6TD1JqXqdE3IZb51IdrU+LjaY28Behpem19P3DZruZH4rMUMlx6 wl3cEvmeN0jbtlnqTE6C+8DD2O0SdLA+a+lfSN32qBkYoDnOb1gXXFPS7PCN9xPT SoHniPu8mIegc/6+JwQTlaqOMXYIbl7ml7p5cPupVV2Jv7jyOWGqnyfd80UA== X-Virus-Scanned: amavisd-new at umn.edu Received: from mta-p4.oit.umn.edu ([127.0.0.1]) by localhost (mta-p4.oit.umn.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zwWT31zpw3cS; Wed, 17 Oct 2018 09:21:27 -0500 (CDT) Received: from mail-oi1-f175.google.com (mail-oi1-f175.google.com [209.85.167.175]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: wang6495) by mta-p4.oit.umn.edu (Postfix) with ESMTPSA id 6C01715F; Wed, 17 Oct 2018 09:21:27 -0500 (CDT) Received: by mail-oi1-f175.google.com with SMTP id u197-v6so21191172oif.5; Wed, 17 Oct 2018 07:21:27 -0700 (PDT) X-Gm-Message-State: ABuFfoj5/meTzcxKf34lvM9mrsuwCokqHKGPzc1sQX+TquEWnoDqkVAD ioQYb031Q6IL8IGv4KxW0SHw1hHu/NfsmyXzFHM= X-Received: by 2002:aca:3195:: with SMTP id x143-v6mr13448204oix.213.1539786087039; Wed, 17 Oct 2018 07:21:27 -0700 (PDT) MIME-Version: 1.0 References: <1539021980-2412-1-git-send-email-wang6495@umn.edu> <20181008124738.23a547d0@w520.home> In-Reply-To: <20181008124738.23a547d0@w520.home> From: Wenwen Wang Date: Wed, 17 Oct 2018 09:20:50 -0500 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v2] drivers/vfio: Fix a redundant copy bug To: alex.williamson@redhat.com Cc: Kangjie Lu , kvm@vger.kernel.org, open list , aik@ozlabs.ru, Wenwen Wang Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Oct 8, 2018 at 1:47 PM Alex Williamson wrote: > > On Mon, 8 Oct 2018 13:06:20 -0500 > Wenwen Wang wrote: > > > In vfio_spapr_iommu_eeh_ioctl(), if the ioctl command is VFIO_EEH_PE_OP, > > the user-space buffer 'arg' is copied to the kernel object 'op' and the > > 'argsz' and 'flags' fields of 'op' are checked. If the check fails, an > > error code EINVAL is returned. Otherwise, 'op.op' is further checked > > through a switch statement to invoke related handlers. If 'op.op' is > > VFIO_EEH_PE_INJECT_ERR, the whole user-space buffer 'arg' is copied again > > to 'op' to obtain the err information. However, in the following execution > > of this case, the fields of 'op', except the field 'err', are actually not > > used. That is, the second copy has a redundant part. Therefore, for both > > performance consideration, the redundant part of the second copy should be > > removed. > > > > This patch removes such a part in the second copy. It only copies from > > 'err.type' to 'err.mask', which is exactly required by the > > VFIO_EEH_PE_INJECT_ERR op. > > > > Signed-off-by: Wenwen Wang > > --- > > drivers/vfio/vfio_spapr_eeh.c | 9 ++++++--- > > 1 file changed, 6 insertions(+), 3 deletions(-) > > > > diff --git a/drivers/vfio/vfio_spapr_eeh.c b/drivers/vfio/vfio_spapr_eeh.c > > index 38edeb4..66634c6 100644 > > --- a/drivers/vfio/vfio_spapr_eeh.c > > +++ b/drivers/vfio/vfio_spapr_eeh.c > > @@ -37,6 +37,7 @@ long vfio_spapr_iommu_eeh_ioctl(struct iommu_group *group, > > struct eeh_pe *pe; > > struct vfio_eeh_pe_op op; > > unsigned long minsz; > > + unsigned long start, end; > > long ret = -EINVAL; > > > > switch (cmd) { > > @@ -86,10 +87,12 @@ long vfio_spapr_iommu_eeh_ioctl(struct iommu_group *group, > > ret = eeh_pe_configure(pe); > > break; > > case VFIO_EEH_PE_INJECT_ERR: > > - minsz = offsetofend(struct vfio_eeh_pe_op, err.mask); > > - if (op.argsz < minsz) > > + start = offsetof(struct vfio_eeh_pe_op, err.type); > > We already have this in minsz, offsetofend(,op) == offsetof(,err.type). > That can't change without breaking userspace. > > > + end = offsetofend(struct vfio_eeh_pe_op, err.mask); > > + if (op.argsz < end) > > return -EINVAL; > > - if (copy_from_user(&op, (void __user *)arg, minsz)) > > + if (copy_from_user(&op.err, (char __user *)arg + > > + start, end - start)) > > So we trade 12 bytes of redundant copy for an extra stack variable and > an arithmetic operation, not necessarily an obvious win, but more > correct I guess. > > Alexey, I also notice that these 12 bytes means that the u64 fields in > struct vfio_eeh_pe_err are not 8-byte aligned which could lead to > compiler dependent packing interpretation issues with userspace. > Should there be a 4-byte reserved field in there to make it explicit > (so long as it matches the current interpretation)? Thanks, It sounds reasonable. I can add such a field in struct vfio_eeh_pe_op. Thanks! Wenwen