Received: by 2002:a25:824b:0:0:0:0:0 with SMTP id d11csp1823601ybn; Thu, 26 Sep 2019 02:46:57 -0700 (PDT) X-Google-Smtp-Source: APXvYqyPCAqVUYhutmH3xr50V6//NZXzl7F/zcONwCcUiSm3jGU8elZcvkPy9tUqRbPWoVnAtbo/ X-Received: by 2002:a17:906:ccd6:: with SMTP id ot22mr2239664ejb.1.1569491217590; Thu, 26 Sep 2019 02:46:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1569491217; cv=none; d=google.com; s=arc-20160816; b=iykF+g29EazQYuj5EYsFBhnkVqMKWEZr9QIR8LYv2I1bKt5oznggvE2EMTpUiOmfU5 ig8R6xbCs8OndpuJfGYDlTJQH1S173uSzX+KwmDXvJuXaS0La1ED+FmWPwZVUXkhEf1w hHRGvwvhPT43q8xkXa6LqE4FY8P+JoXFp5Lp0llYPkdgK3tZjNhN7VtKLxsI868lYtjE xCOGbadZgfBCDCu9WftCAdCnMXrUncr4nAmEQuoh/QmyfyNxZ5E9cGibxPUYkxXR0fCM y7UrSKpcWC1IWEHeYq5BTNKdR5pPm0yMAwIy3mS8JnGpoJMguI7QA07TePh0eWI3I/F2 Yweg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=kieYUAGfp4mBtFT0GvYp/eeAtDyd8kjX7SlciOVDXL4=; b=XHC2HmZ7mCogdb+TzglMhBdqcWPG9bhKA62ybXARlGrcGb9uJVToXCqJC+c7XxA/Cd WcsE0LX4Ca14Y9Z6OahLEKe+0I7R1uyLFgKvXLFsRvxQUNXGOaDi0hqNjkw/DpKiUaxj j2CyDiSWwm1x5CP7yN9tJkxE58AFV6oExrE0rymsSVnvGaMAhH3rJCvxItqLn0aFD3mA eLywgOy2veAFhpYi57jbrJkHN4ADk2p0/WD3fqHv5/mgA37jf8D3hgkOW17R0dlalUI7 C3+Gjh4llPfmWViPrC7TIbCaNz3hlZsshkm0WnIi82tspJVuwDChQ0a6D5b7mrJhoTxA 7xcA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id qx24si709239ejb.138.2019.09.26.02.46.34; Thu, 26 Sep 2019 02:46:57 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2392234AbfIYRAW (ORCPT + 99 others); Wed, 25 Sep 2019 13:00:22 -0400 Received: from mx2.mailbox.org ([80.241.60.215]:11874 "EHLO mx2.mailbox.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2392184AbfIYRAT (ORCPT ); Wed, 25 Sep 2019 13:00:19 -0400 Received: from smtp2.mailbox.org (smtp1.mailbox.org [IPv6:2001:67c:2050:105:465:1:1:0]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by mx2.mailbox.org (Postfix) with ESMTPS id 7F4CBA215B; Wed, 25 Sep 2019 19:00:17 +0200 (CEST) X-Virus-Scanned: amavisd-new at heinlein-support.de Received: from smtp2.mailbox.org ([80.241.60.240]) by hefe.heinlein-support.de (hefe.heinlein-support.de [91.198.250.172]) (amavisd-new, port 10030) with ESMTP id thKUZRbKVv89; Wed, 25 Sep 2019 19:00:14 +0200 (CEST) From: Aleksa Sarai To: Ingo Molnar , Peter Zijlstra , Alexander Shishkin , Jiri Olsa , Namhyung Kim , Christian Brauner Cc: Aleksa Sarai , Rasmus Villemoes , Al Viro , Linus Torvalds , libc-alpha@sourceware.org, linux-api@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v1 4/4] perf_event_open: switch to copy_struct_from_user() Date: Wed, 25 Sep 2019 18:59:15 +0200 Message-Id: <20190925165915.8135-5-cyphar@cyphar.com> In-Reply-To: <20190925165915.8135-1-cyphar@cyphar.com> References: <20190925165915.8135-1-cyphar@cyphar.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The change is very straightforward, and helps unify the syscall interface for struct-from-userspace syscalls. Signed-off-by: Aleksa Sarai --- kernel/events/core.c | 47 +++++++++----------------------------------- 1 file changed, 9 insertions(+), 38 deletions(-) diff --git a/kernel/events/core.c b/kernel/events/core.c index 0463c1151bae..038ed126bc1b 100644 --- a/kernel/events/core.c +++ b/kernel/events/core.c @@ -10498,55 +10498,26 @@ static int perf_copy_attr(struct perf_event_attr __user *uattr, u32 size; int ret; - if (!access_ok(uattr, PERF_ATTR_SIZE_VER0)) - return -EFAULT; - - /* - * zero the full structure, so that a short copy will be nice. - */ + /* Zero the full structure, so that a short copy will be nice. */ memset(attr, 0, sizeof(*attr)); ret = get_user(size, &uattr->size); if (ret) return ret; - if (size > PAGE_SIZE) /* silly large */ - goto err_size; - - if (!size) /* abi compat */ + /* ABI compatibility quirk: */ + if (!size) size = PERF_ATTR_SIZE_VER0; - - if (size < PERF_ATTR_SIZE_VER0) + if (size < PERF_ATTR_SIZE_VER0 || size > PAGE_SIZE) goto err_size; - /* - * If we're handed a bigger struct than we know of, - * ensure all the unknown bits are 0 - i.e. new - * user-space does not rely on any kernel feature - * extensions we dont know about yet. - */ - if (size > sizeof(*attr)) { - unsigned char __user *addr; - unsigned char __user *end; - unsigned char val; - - addr = (void __user *)uattr + sizeof(*attr); - end = (void __user *)uattr + size; - - for (; addr < end; addr++) { - ret = get_user(val, addr); - if (ret) - return ret; - if (val) - goto err_size; - } - size = sizeof(*attr); + ret = copy_struct_from_user(attr, sizeof(*attr), uattr, size); + if (ret) { + if (ret == -E2BIG) + goto err_size; + return ret; } - ret = copy_from_user(attr, uattr, size); - if (ret) - return -EFAULT; - attr->size = size; if (attr->__reserved_1) -- 2.23.0