Received: by 2002:ac0:98c7:0:0:0:0:0 with SMTP id g7-v6csp1488777imd; Thu, 1 Nov 2018 16:57:49 -0700 (PDT) X-Google-Smtp-Source: AJdET5ex/j/B5YK/AltaOYhnR0ZPxwfp7sd0cUDaQLzT73X9Q0/WWsR56lyflwHIvVYqLbfe+6e5 X-Received: by 2002:a17:902:ac86:: with SMTP id h6-v6mr9333907plr.174.1541116669256; Thu, 01 Nov 2018 16:57:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1541116669; cv=none; d=google.com; s=arc-20160816; b=JniucDNLpzCmui1kQ/WL0NKYp6PeOnmEBP1SHrzNA7Q0kF6f+geyiqx8zhNtz0Tm2t YitYIBiU5I+2PyQV+7Y/cO5lwH/YnUOePX4Gicv/YcPFu/kj38IvHxEMIgHZYWvrBeUN 2m8EgTTr+2YS5lEJidq0gdyHWuOawiGq0IprC5BC0QTDWJk4zBZw00u2kvwJ3v3ImNed 7zq6/kIXfoIyUElsaGoXvJSPifHXCcZ5C7j+qoQTKPJQq3sb5AlL7RAE6i2i1/xlyyov VdjcB6w4SOHNibShZbAHayYDkBFaFS+OeZY8bgIaNQ+c6wUbK9w4oISRQpSwAmEaN0JJ ORgg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=FNoOWwSDvxfx5ndNDDLpZJh3e+qT2hzp2z5/2zl8WG4=; b=B2wpTod/TQ/67e7OmX3Gbojdc1X4VrMarb9TvjF71DcuLZIbSfu3DIi3237KGXnVFZ L9slcIht8kcms1Mc0zhVZ8NCfk6l4GLWg3R9KG6p+HW+EZoTrZ60epQms0nd5o93ic2O pDw6HJuqt5IhO67ZgQoYy/04ARd2YYslU2srGP4LoRByDUONBXEige+F2fYSmFsFLA1e kioZ5oS/FLo4/1iThx0234LEL52OIPXOVEso0y7s6S7yrPXAUm02U5lXxQnuqadkJIbs nV/0u9drP3QkeHYRRKK1AhcSDYfEIICvtBJ4vwrNP7hqkKN3e/oY+1y0s6Agi0OZ2xCv oJSg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 37-v6si14595267ple.389.2018.11.01.16.57.34; Thu, 01 Nov 2018 16:57:49 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728371AbeKBJBF (ORCPT + 99 others); Fri, 2 Nov 2018 05:01:05 -0400 Received: from mx1.redhat.com ([209.132.183.28]:41916 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728169AbeKBJBF (ORCPT ); Fri, 2 Nov 2018 05:01:05 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 533D230917AF; Thu, 1 Nov 2018 23:55:58 +0000 (UTC) Received: from redhat.com (ovpn-124-238.rdu2.redhat.com [10.10.124.238]) by smtp.corp.redhat.com (Postfix) with SMTP id 7CE225D9D6; Thu, 1 Nov 2018 23:55:53 +0000 (UTC) Date: Thu, 1 Nov 2018 19:55:53 -0400 From: "Michael S. Tsirkin" To: Linus Torvalds Cc: Kees Cook , kvm@vger.kernel.org, virtualization@lists.linux-foundation.org, netdev@vger.kernel.org, Linux Kernel Mailing List , Andrew Morton , bijan.mottahedeh@oracle.com, gedwards@ddn.com, joe@perches.com, lenaic@lhuard.fr, liang.z.li@intel.com, mhocko@kernel.org, mhocko@suse.com, stefanha@redhat.com, wei.w.wang@intel.com Subject: Re: [PULL] vhost: cleanups and fixes Message-ID: <20181101193818-mutt-send-email-mst@kernel.org> References: <20181101171938-mutt-send-email-mst@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.41]); Thu, 01 Nov 2018 23:55:58 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Nov 01, 2018 at 04:06:19PM -0700, Linus Torvalds wrote: > On Thu, Nov 1, 2018 at 4:00 PM Kees Cook wrote: > > > > + memset(&rsp, 0, sizeof(rsp)); > > + rsp.response = VIRTIO_SCSI_S_FUNCTION_REJECTED; > > + resp = vq->iov[out].iov_base; > > + ret = __copy_to_user(resp, &rsp, sizeof(rsp)); > > > > Is it actually safe to trust that iov_base has passed an earlier > > access_ok() check here? Why not just use copy_to_user() instead? > > Good point. > > We really should have removed those double-underscore things ages ago. Well in case of vhost there are a bunch of reasons to keep them. One is that all access_ok checks take place way earlier in context of the owner task. Result is saved and then used for access repeatedly. Skipping reding access_ok twice did seem to give a small speedup in the past. In fact I am looking into switching some of the uses to unsafe_put_user/unsafe_get_user after doing something like barrier_nospec after the access_ok checks. Seems to give a measureable speedup. Another is that the double underscore things actually can be done in softirq context if you do preempt_disable/preempt_enable. IIUC Jason's looking into using that to cut down the latency for when the access is very small. > Also, apart from the address, what about the size? Wouldn't it be > better to use copy_to_iter() rather than implement it badly by hand? > > Linus Generally size is checked when we retrieve the iov but I will recheck this case and reply here.