Received: by 2002:a25:824b:0:0:0:0:0 with SMTP id d11csp1823421ybn; Thu, 26 Sep 2019 02:46:46 -0700 (PDT) X-Google-Smtp-Source: APXvYqwCME5pKDO9EEGqrIqD75Fe53w1nnHrF1YkEQbUaW9413B5NJ9rJ1/nSWt6R1Eu+RfPUn00 X-Received: by 2002:a17:906:960d:: with SMTP id s13mr2240787ejx.166.1569491206202; Thu, 26 Sep 2019 02:46:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1569491206; cv=none; d=google.com; s=arc-20160816; b=tO+2tJSAYpO9XBbxuj5CMavoBTKVv72Kp/trjKLUU9t8UHQcs+JKseBRvWwwkFzDDM +S14+M0c4uHiC3wiJHUvL19ivRwJMzPQLsjo2P7PtFu5O3Xujp3CXBQEYtmkG0OHfslF rj7CAqBRxnRlGfSzza5JWr0PCgVY0Ekf1iiFVuLLaZ+q2MT29zH0TKOizGGIbaQuLDRd zB7btaTXTffl20+Zpci7IERt/LaVyQtRXRXipTrzbP+z3DIZfxtsqSPoK6J9cTBVpLc1 vavnzBQ8zvdzFpg98MNSknPOrkjmHGV9IJ9NB3n7PgnZnxM0cxiDY5j/RwEAMsyAmX2g CA2Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=FTGa73h+DYX39ur3WXvUTZucdrONlyzfN+vnQUC+chg=; b=wTLbzlL3O8wPN1dw4ru/dLo5a5Y138dQFYzmbZt9x7/rf7Ut24Qk7lx8CKlanetdAX ittdi+uGTK+jtG2sCvnt7tTpQ5UIH0/FvgcBhe44LI/WEHhlqeCLpWG2yXLcw0p4rgkF xRZ+9z+xnULgvJYQMumaf6eJdK9Uvyfk8IwlTKDtfWIE6+DvdTmKBkaXEzJJbi+uBxrd 0PyryUBhg4oAtg98lf1hDWAMZpftBtO/qdOH8HYdtMeMK1I/0o7kF4ZZx1tYQ8fl4Gbb 9FcALWOFJJTXzclx4tgxF9wvZX4rn2QiX7zpN6zbRYt0lfrT1NYXGtDeWlRQEPFKlxZJ ff+A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c38si995559eda.46.2019.09.26.02.46.23; Thu, 26 Sep 2019 02:46:46 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2440071AbfIYRAP (ORCPT + 99 others); Wed, 25 Sep 2019 13:00:15 -0400 Received: from mx2.mailbox.org ([80.241.60.215]:11414 "EHLO mx2.mailbox.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2407129AbfIYRAP (ORCPT ); Wed, 25 Sep 2019 13:00:15 -0400 Received: from smtp2.mailbox.org (smtp1.mailbox.org [IPv6:2001:67c:2050:105:465:1:1:0]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by mx2.mailbox.org (Postfix) with ESMTPS id 3B804A22DE; Wed, 25 Sep 2019 19:00:12 +0200 (CEST) X-Virus-Scanned: amavisd-new at heinlein-support.de Received: from smtp2.mailbox.org ([80.241.60.240]) by spamfilter01.heinlein-hosting.de (spamfilter01.heinlein-hosting.de [80.241.56.115]) (amavisd-new, port 10030) with ESMTP id YjnbwPdnEAti; Wed, 25 Sep 2019 19:00:07 +0200 (CEST) From: Aleksa Sarai To: Ingo Molnar , Peter Zijlstra , Alexander Shishkin , Jiri Olsa , Namhyung Kim , Christian Brauner Cc: Aleksa Sarai , Rasmus Villemoes , Al Viro , Linus Torvalds , libc-alpha@sourceware.org, linux-api@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v1 0/4] lib: introduce copy_struct_from_user() helper Date: Wed, 25 Sep 2019 18:59:11 +0200 Message-Id: <20190925165915.8135-1-cyphar@cyphar.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This series was split off from the openat2(2) syscall discussion[1]. However, the copy_struct_to_user() helper has been dropped, because after some discussion it appears that there is no really obvious semantics for how copy_struct_to_user() should work on mixed-vintages (for instance, whether [2] is the correct semantics for all syscalls). A common pattern for syscall extensions is increasing the size of a struct passed from userspace, such that the zero-value of the new fields result in the old kernel behaviour (allowing for a mix of userspace and kernel vintages to operate on one another in most cases). Previously there was no common lib/ function that implemented the necessary extension-checking semantics (and different syscalls implemented them slightly differently or incompletely[3]). This series implements the helper and ports several syscalls to use it. [1]: https://lore.kernel.org/lkml/20190904201933.10736-1-cyphar@cyphar.com/ [2]: commit 1251201c0d34 ("sched/core: Fix uclamp ABI bug, clean up and robustify sched_read_attr() ABI logic and code") [3]: For instance {sched_setattr,perf_event_open,clone3}(2) all do do similar checks to copy_struct_from_user() while rt_sigprocmask(2) always rejects differently-sized struct arguments. Aleksa Sarai (4): lib: introduce copy_struct_from_user() helper clone3: switch to copy_struct_from_user() sched_setattr: switch to copy_struct_from_user() perf_event_open: switch to copy_struct_from_user() include/linux/uaccess.h | 4 +++ include/uapi/linux/sched.h | 2 ++ kernel/events/core.c | 47 +++++------------------- kernel/fork.c | 34 ++++-------------- kernel/sched/core.c | 43 ++++------------------ lib/Makefile | 2 +- lib/strnlen_user.c | 52 +++++++++++++++++++++++++++ lib/struct_user.c | 73 ++++++++++++++++++++++++++++++++++++++ 8 files changed, 155 insertions(+), 102 deletions(-) create mode 100644 lib/struct_user.c -- 2.23.0