Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp1463308ybz; Sat, 18 Apr 2020 01:19:09 -0700 (PDT) X-Google-Smtp-Source: APiQypJkoG8/TgiSJs/IYDszpjtkIvFKnboDp3I6C7JCQCrRumj428pwPXAZkuVmYmRRtPYTSGGy X-Received: by 2002:aa7:cd65:: with SMTP id ca5mr6471768edb.283.1587197949612; Sat, 18 Apr 2020 01:19:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1587197949; cv=none; d=google.com; s=arc-20160816; b=e4upOG6Wwrsiur9lzxDlAJjnDuYYBUuHszF2NMQDyRxtJ1LyafFVE9/w3qYuQrFg8i eH3QesJIhEUJNG+c8mcWsDTGqIXib1+RSoseOO6BZSlbSumqXEoFmUu4e7lyoIeDRnhd vfUyUAnCIcDlvD/BjpFU+6ezd97LgFJYkXVB//HmrDo7UIyhAYGCM96dvsk8qxYcK2LJ NVe9iUPbU1r/XDU7f/X59Y5bcR43Jkb85zIjIzHz+xadovqrL0SNpga81MTvpCQj0aoX i7nLdln9lg1d/rXUe9vyhf/Md2PoPgqNKPOuA5hyOiWUjQFhtQsqEWiHrZ5FIARaHNy0 0GSA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature; bh=jB5Gl7RxVqyXpo2Hse+3VUzGqM2gawZmxz49L7U420s=; b=UFoTlYGirreSZQL1jl5R42c1XsHB9PPs96sFLsVprrsRsDQrRlJmaNQuff6JoyahvG hEdezrSulnDth4af5zRmJRiG5zVprGhtomu4FOlpPTlb0EaMDWnX3lQwff/HUOrX8iH6 P5Gjs6RMpNYIMSVNEOnkB4fFhy8sWwohSnSkkZnNO4P6ouF1cVE9YGWY84fO/1EDOPwW cm+l6XNR+G9YtmcKqZmk9Ux+Rl8EN0Lr5dmp2rIBNZ/FEtiT8LG/VDnj4IOXyej8Jps9 seHBSb8qQHJ7UyeZKAaAwVuYu5a49Iw9jjuecCimtiuKUTHURK7OMo7YnCWm9dySEi1g JJCg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@c-s.fr header.s=mail header.b="AQQa/JgG"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id w21si6187547edt.595.2020.04.18.01.18.47; Sat, 18 Apr 2020 01:19:09 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@c-s.fr header.s=mail header.b="AQQa/JgG"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726025AbgDRIPt (ORCPT + 99 others); Sat, 18 Apr 2020 04:15:49 -0400 Received: from pegase1.c-s.fr ([93.17.236.30]:17005 "EHLO pegase1.c-s.fr" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725801AbgDRIPt (ORCPT ); Sat, 18 Apr 2020 04:15:49 -0400 Received: from localhost (mailhub1-int [192.168.12.234]) by localhost (Postfix) with ESMTP id 4945PZ0MxHz9txY8; Sat, 18 Apr 2020 10:15:46 +0200 (CEST) Authentication-Results: localhost; dkim=pass reason="1024-bit key; insecure key" header.d=c-s.fr header.i=@c-s.fr header.b=AQQa/JgG; dkim-adsp=pass; dkim-atps=neutral X-Virus-Scanned: Debian amavisd-new at c-s.fr Received: from pegase1.c-s.fr ([192.168.12.234]) by localhost (pegase1.c-s.fr [192.168.12.234]) (amavisd-new, port 10024) with ESMTP id hnYClEVc0eyG; Sat, 18 Apr 2020 10:15:45 +0200 (CEST) Received: from messagerie.si.c-s.fr (messagerie.si.c-s.fr [192.168.25.192]) by pegase1.c-s.fr (Postfix) with ESMTP id 4945PY6R23z9txY6; Sat, 18 Apr 2020 10:15:45 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=c-s.fr; s=mail; t=1587197745; bh=jB5Gl7RxVqyXpo2Hse+3VUzGqM2gawZmxz49L7U420s=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=AQQa/JgGK4MzHvWoF2Z5uKFlyqbmJPtwJYfrPJO+D4iL/MNPzfUNv7235qVqZ+XxE 2qr4B+iHbPm8eirpT2+BC1epVeoc8Tb7up/e08oG8+cE8EbaSzsZsFepDU+MrCJbhV jaPxQfZ42OA6Bw5qa9V+tN+58qaX+TXbTogZbPbo= Received: from localhost (localhost [127.0.0.1]) by messagerie.si.c-s.fr (Postfix) with ESMTP id EAF788B772; Sat, 18 Apr 2020 10:15:46 +0200 (CEST) X-Virus-Scanned: amavisd-new at c-s.fr Received: from messagerie.si.c-s.fr ([127.0.0.1]) by localhost (messagerie.si.c-s.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id xduYPJ1JYzVW; Sat, 18 Apr 2020 10:15:46 +0200 (CEST) Received: from [192.168.4.90] (unknown [192.168.4.90]) by messagerie.si.c-s.fr (Postfix) with ESMTP id 972068B75E; Sat, 18 Apr 2020 10:15:45 +0200 (CEST) Subject: Re: [PATCH 8/8] exec: open code copy_string_kernel To: Christoph Hellwig , Andrew Morton , Alexander Viro Cc: Arnd Bergmann , linux-kernel@vger.kernel.org, Jeremy Kerr , linux-fsdevel@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, "Eric W . Biederman" References: <20200414070142.288696-1-hch@lst.de> <20200414070142.288696-9-hch@lst.de> From: Christophe Leroy Message-ID: Date: Sat, 18 Apr 2020 10:15:42 +0200 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.7.0 MIME-Version: 1.0 In-Reply-To: <20200414070142.288696-9-hch@lst.de> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: fr Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Le 14/04/2020 à 09:01, Christoph Hellwig a écrit : > Currently copy_string_kernel is just a wrapper around copy_strings that > simplifies the calling conventions and uses set_fs to allow passing a > kernel pointer. But due to the fact the we only need to handle a single > kernel argument pointer, the logic can be sigificantly simplified while > getting rid of the set_fs. Instead of duplicating almost identical code, can you write a function that takes whether the source is from user or from kernel, then you just do things like: if (from_user) len = strnlen_user(str, MAX_ARG_STRLEN); else len = strnlen(str, MAX_ARG_STRLEN); if (from_user) copy_from_user(kaddr+offset, str, bytes_to_copy); else memcpy(kaddr+offset, str, bytes_to_copy); > > Signed-off-by: Christoph Hellwig > --- > fs/exec.c | 43 ++++++++++++++++++++++++++++++++++--------- > 1 file changed, 34 insertions(+), 9 deletions(-) > > diff --git a/fs/exec.c b/fs/exec.c > index b2a77d5acede..ea90af1fb236 100644 > --- a/fs/exec.c > +++ b/fs/exec.c > @@ -592,17 +592,42 @@ static int copy_strings(int argc, struct user_arg_ptr argv, > */ > int copy_string_kernel(const char *arg, struct linux_binprm *bprm) > { > - int r; > - mm_segment_t oldfs = get_fs(); > - struct user_arg_ptr argv = { > - .ptr.native = (const char __user *const __user *)&arg, > - }; > + int len = strnlen(arg, MAX_ARG_STRLEN) + 1 /* terminating NUL */; > + unsigned long pos = bprm->p; > + > + if (len == 0) > + return -EFAULT; > + if (!valid_arg_len(bprm, len)) > + return -E2BIG; > + > + /* We're going to work our way backwards. */ > + arg += len; > + bprm->p -= len; > + if (IS_ENABLED(CONFIG_MMU) && bprm->p < bprm->argmin) > + return -E2BIG; > + > + while (len > 0) { > + unsigned int bytes_to_copy = min_t(unsigned int, len, > + min_not_zero(offset_in_page(pos), PAGE_SIZE)); > + struct page *page; > + char *kaddr; > > - set_fs(KERNEL_DS); > - r = copy_strings(1, argv, bprm); > - set_fs(oldfs); > + pos -= bytes_to_copy; > + arg -= bytes_to_copy; > + len -= bytes_to_copy; > > - return r; > + page = get_arg_page(bprm, pos, 1); > + if (!page) > + return -E2BIG; > + kaddr = kmap_atomic(page); > + flush_arg_page(bprm, pos & PAGE_MASK, page); > + memcpy(kaddr + offset_in_page(pos), arg, bytes_to_copy); > + flush_kernel_dcache_page(page); > + kunmap_atomic(kaddr); > + put_arg_page(page); > + } > + > + return 0; > } > EXPORT_SYMBOL(copy_string_kernel); > > Christophe