Received: by 2002:a25:e74b:0:0:0:0:0 with SMTP id e72csp175573ybh; Fri, 17 Jul 2020 23:49:20 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwg4nd+ftp2tCB2giAil2IevxdCtZKa6MnoqT9GgeLcnrWdaBItGcAjA11Ge3GF2WEesQHt X-Received: by 2002:aa7:d58c:: with SMTP id r12mr13184304edq.160.1595054960600; Fri, 17 Jul 2020 23:49:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1595054960; cv=none; d=google.com; s=arc-20160816; b=oDlSxtkKZNjNKr7RAco+g3XkN67gb++d+FTiRjGsnFf5fk1jG3wxySruJUHFBE7exA JZM/tRBatYL57aKkIgJlq2g4MuJ/MqdpD/H2rU9/MlpoNTsYWp8r4TccNNyrLNm3avOS WG9kNh52Ghwi9MSb3orNZQ0HMfnUI6+1oFlP86APRM2o+/1QnOED4UUr9ASYw3DgdKS3 EWF9zUC6GM4fCqxxFA6r7PT6Bmy8FOp+UlhFzwUdFINVR7I8NBVPyTpQ3iUskYzM7dPl V+Mbx5/BohVibyNANWLsgdhvDwwGf0n0ddkOW1mQnPV3YG2wzGicLWtV5phCu9Q7RBgb cZVg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature; bh=CAlMxU7CoR9lQ5WxFNzVMi8RjZR+ujqK4FjnHbfpufg=; b=rsxR3i8Zfhwde4vC8Eg0Y8tN5RpnTEzflUk/Sm75XSeq+ZgfXNZ5CEsO943JnVMCB4 UlybzVWlZS1MkNWL09/ccESYvVAz9UfaAYTXVMY8EgKYDoRlQlXhGWwN1m7IpSBpD8yk GGT8vdJ7efF0zL3zMfhOt6uKSwSkUo5Y+vRM5wX72PUuvHXjj18AUuCVMHDSL5NDYX49 CvJSo3bsiWKn1hWcnNEQyctlUYOFBLlPlvRg2YvWfTMNErzOwfyl/4mP/SJUgsErzT9g 8P1aM37yYB4Mv8lS5gU8wBOULf0GBRbTieBZzRgEiHe8s1/+Gzn/XSYDXDp2oq7FEuj8 /F0g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=SzQqCtxb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id k2si6601732eds.173.2020.07.17.23.48.58; Fri, 17 Jul 2020 23:49:20 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=SzQqCtxb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726672AbgGRGso (ORCPT + 99 others); Sat, 18 Jul 2020 02:48:44 -0400 Received: from mail.kernel.org ([198.145.29.99]:60726 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725983AbgGRGso (ORCPT ); Sat, 18 Jul 2020 02:48:44 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 4CA1E2074B; Sat, 18 Jul 2020 06:48:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1595054923; bh=AYcf4lCF4uqguLe3tllnR/0HNedkP2GPCOoNk6kdXq4=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=SzQqCtxba1xFIIIvASbEPoSm8uKUPvcTsYCF08xgeOAFsM1n37aU3T2Edip4A2nzJ CU+iMPW8QwLrZzG92ye0FAOVYNrRhKlQFZ+Nu/i5fYon2Zp2ChL+kPgh5T8perZpXg h2fMTjQPOk4AvBH+L1lUqkn67kWog1I5y8T9XdAY= Date: Sat, 18 Jul 2020 08:48:41 +0200 From: gregkh To: "Eads, Gage" Cc: Arnd Bergmann , "linux-kernel@vger.kernel.org" , "Karlsson, Magnus" , "Topel, Bjorn" Subject: Re: [PATCH 04/20] dlb2: add device ioctl layer and first 4 ioctls Message-ID: <20200718064841.GC245355@kroah.com> References: <20200712134331.8169-1-gage.eads@intel.com> <20200712134331.8169-5-gage.eads@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Jul 17, 2020 at 08:05:08PM +0000, Eads, Gage wrote: > > > > -----Original Message----- > > From: Arnd Bergmann > > Sent: Friday, July 17, 2020 1:57 PM > > To: Eads, Gage > > Cc: linux-kernel@vger.kernel.org; gregkh ; > > Karlsson, Magnus ; Topel, Bjorn > > > > Subject: Re: [PATCH 04/20] dlb2: add device ioctl layer and first 4 ioctls > > > > On Fri, Jul 17, 2020 at 8:19 PM Eads, Gage wrote: > > > > > > A plain copy_from_user() in place of this function should be fine. > > > > > > This function also validates the user size arg to prevent buffer overflow; > > centralizing it here avoids the case where a programmer accidentally forgets > > the check in an ioctl handler (and reduces code duplication). If it's alright with > > you, I'll keep the function but drop the dev_err() prints. > > > > Once you use a 'switch(cmd)' statement in the top ioctl handler, the data > > structure size will be fixed, so there is no way the argument size can go wrong. > > > > Ah, understood. Will fix in v2. > > > > > > > > > > +/* [7:0]: device revision, [15:8]: device version */ #define > > > > > +DLB2_SET_DEVICE_VERSION(ver, rev) (((ver) << 8) | (rev)) > > > > > + > > > > > +static int dlb2_ioctl_get_device_version(struct dlb2_dev *dev, > > > > > + unsigned long user_arg, > > > > > + u16 size) { > > > > > + struct dlb2_get_device_version_args arg; > > > > > + struct dlb2_cmd_response response; > > > > > + int ret; > > > > > + > > > > > + dev_dbg(dev->dlb2_device, "Entering %s()\n", __func__); > > > > > + > > > > > + response.status = 0; > > > > > + response.id = DLB2_SET_DEVICE_VERSION(2, DLB2_REV_A0); > > > > > + > > > > > + ret = dlb2_copy_from_user(dev, user_arg, size, &arg, sizeof(arg)); > > > > > + if (ret) > > > > > + return ret; > > > > > + > > > > > + ret = dlb2_copy_resp_to_user(dev, arg.response, > > > > > + &response); > > > > > > > > Better avoid any indirect pointers. As you always return a constant > > > > here, I think the entire ioctl command can be removed until you > > > > actually need it. If you have an ioctl command that needs both input > > > > and output, use _IOWR() to define it and put all arguments into the same > > structure. > > > > > > Ok, I'll merge the response structure into the ioctl structure (here and > > elsewhere). > > > > > > Say I add this command later: without driver versioning, how would > > > user-space know in advance whether the command is supported? > > > It could attempt the command and interpret -ENOTTY as "unsupported", > > > but that strikes me as an inelegant way to reverse-engineer the version. > > > > There is not really a driver "version" once the driver is upstream, the concept > > doesn't really make sense here when arbitrary patches can get backported > > from the latest kernel into whatever the user is running. > > > > "Driver interface version" is the better term for what I'm trying to accomplish here. Any backports would have to be done in such a way that the interface version is honored, but if that can't be reasonably expected...then I agree, versioning is unworkable. There is no such thing as a "driver interface version", sorry, that is not going to be workable at all. thanks, greg k-h