Received: by 2002:a05:6a10:1d13:0:0:0:0 with SMTP id pp19csp846785pxb;
        Wed, 1 Sep 2021 11:10:08 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJySsuTJqnPUjmZCFmZa3MsOOCA0dlxrIyNOjrmImNTHm1TR8WBRkG/nqC58jz08uU3rL6PP
X-Received: by 2002:a17:907:c10:: with SMTP id ga16mr826475ejc.174.1630519807514;
        Wed, 01 Sep 2021 11:10:07 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1630519807; cv=none;
        d=google.com; s=arc-20160816;
        b=fNwCMpf90QjlF1Jwe8AgcP05DBjmkVjmeIdHjwp+kV+s5G4Z9S1CpggQVWZNhJaq5W
         35AIUmOLEeRidBBtbnrkq3B/ZTaulRk2bpIa31FH6KRDeALqagEXv+sl9uO7SW8x4qYa
         mmSxOPOrhtQzeSpWaRkVzt1DBXoskN4hDiqPtoQcYGmjN6kupJbqW70z5g9fPogE95HF
         V3tcRgsurvDuFdRWc28T5NXHKfO2ItqIcFURUU7r0sXMx6PJS4GPQZLicykXdUT5Pzez
         vDYcKk9VImrJc8mErtxrVf1hXgdbYdTLYwaXEOjX+qbceigm27NpA1TEC2I51xeWp93P
         4tXg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to
         :references:mime-version:dkim-signature;
        bh=j7RqTfIlND2syTvjqIu2Q5uS78m15882rXoX/dLksfk=;
        b=BuofccADUdnUcc+RdTV+clZMMk/bqkC9UdPqBZxKEiFR3LJqtTpvsRIqsmEphnGrJi
         DRS6ANzwEzqoKrcfImgceO0wlvIl2rOCpsKo8wn6tltzck8qLenI1rm52MhQHe00EoH+
         5dzTOzD8TWz2Yl+Lh7FHsNCrgIwA4VRYIBeMsK0BK+TuNS1vKcyj+LVt7dYMmO/e8C+d
         3s/Hba9uKlRCa/YWDGDAgvyjY/GAKDhnnPyDFHBT5Ke3yX9OqH3Cu8ICSOYNeL9NtfRy
         ytIEcHJQN8wkHtWQO5cW9nXmhLhx0EvpQJaxEM2EDP4wOHfrIxc/cqM7rSy1RsuIQV3+
         ySxA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=ncSc4Rkc;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id bm24si408362ejb.577.2021.09.01.11.09.17;
        Wed, 01 Sep 2021 11:10:07 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=ncSc4Rkc;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1344597AbhIASCm (ORCPT <rfc822;liuwu.linux@gmail.com>
        + 99 others); Wed, 1 Sep 2021 14:02:42 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51126 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229560AbhIASCl (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 1 Sep 2021 14:02:41 -0400
Received: from mail-il1-x12e.google.com (mail-il1-x12e.google.com [IPv6:2607:f8b0:4864:20::12e])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9496BC061575
        for <linux-kernel@vger.kernel.org>; Wed,  1 Sep 2021 11:01:44 -0700 (PDT)
Received: by mail-il1-x12e.google.com with SMTP id s16so114872ilo.9
        for <linux-kernel@vger.kernel.org>; Wed, 01 Sep 2021 11:01:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=j7RqTfIlND2syTvjqIu2Q5uS78m15882rXoX/dLksfk=;
        b=ncSc4RkcmzknHFOy+NFnmoCd7Jjyra6USvWhhitwHBBK6BpCBq9WjKA57EH+7SoN4X
         VWXPG2Gy8VIuV5RzMDNp/fAEijSL1eu0JEFOidC/OpCXFXMBmLYvmaGb3eiMQ6svaJMb
         4hfIlaXz/nPF+IhigO8o+/qn9ccp1QxBDLu++FmzW1vH63sand1HoP9T8qoyEHQAAwZt
         OikQFMvXS6u4io8Jz/0FczYZYKB7DKyD/PcmO3b8zhVQoWsgCDRUsJdp9I+NamHYKqs6
         8Ic99AdNfkWLJKit8vTm3x3nV66L6Nbn2sDijeici/BlOsc/z1e4m9NH42d0jZ8WPJ4E
         Ybrw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=j7RqTfIlND2syTvjqIu2Q5uS78m15882rXoX/dLksfk=;
        b=gSqglRkUx8tDN8zpTTvMDP7DYezwLwxyh6qkYDHAS3XRgAqfTl8LwlUd3l54PGPQLU
         +QCZrAe+01CEGIXvYefOYvovI9nEGlpfQiukqa7uxBQirDH8OyGDguV7aqa7EXwIr6YP
         avqpjPYLrwNzHrJSh+5b2U+stlaM6MqGzwxHIvjd29UolU0jMi4MjUbrUKIIk5k5+J/r
         znsGyBcElTLcqfg/Ak8qLeiyvXLKepZsHlb15HX+KaUZdDSbcUxDJI2Ojl3wq8+LXbnw
         tQRWWa6k70aDtibru6D9rjWLs/Rraj1fxdOcckqx+OCioL3EnjgC/ewej08O6vM6yLIQ
         O0OQ==
X-Gm-Message-State: AOAM533MBcwljB9x5g7GqtdJUKkk8TFkPlW9gGDpG2V0YzNsHV7f730c
        YQI4uuDbMBLYzD5DDLyl7k9ags97XJla3q54dyiB/A==
X-Received: by 2002:a05:6e02:e53:: with SMTP id l19mr554302ilk.108.1630519303767;
 Wed, 01 Sep 2021 11:01:43 -0700 (PDT)
MIME-Version: 1.0
References: <20210826194601.3509717-1-pcc@google.com> <20210831093006.6db30672@kicinski-fedora-pc1c0hjn.dhcp.thefacebook.com>
 <bf0f47974d7141358d810d512d4b9a00@AcuMS.aculab.com> <20210901070356.750ea996@kicinski-fedora-pc1c0hjn.dhcp.thefacebook.com>
In-Reply-To: <20210901070356.750ea996@kicinski-fedora-pc1c0hjn.dhcp.thefacebook.com>
From:   Peter Collingbourne <pcc@google.com>
Date:   Wed, 1 Sep 2021 11:01:32 -0700
Message-ID: <CAMn1gO5OmHg_10s698tNqf4X-hJ_gn17D8afyRhbW1nKpvLzWQ@mail.gmail.com>
Subject: Re: [PATCH v2] net: don't unconditionally copy_from_user a struct
 ifreq for socket ioctls
To:     Jakub Kicinski <kuba@kernel.org>
Cc:     David Laight <David.Laight@aculab.com>,
        "David S. Miller" <davem@davemloft.net>,
        Colin Ian King <colin.king@canonical.com>,
        Cong Wang <cong.wang@bytedance.com>,
        Al Viro <viro@zeniv.linux.org.uk>,
        Greg KH <gregkh@linuxfoundation.org>,
        Arnd Bergmann <arnd@kernel.org>,
        "netdev@vger.kernel.org" <netdev@vger.kernel.org>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        "stable@vger.kernel.org" <stable@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, Sep 1, 2021 at 7:04 AM Jakub Kicinski <kuba@kernel.org> wrote:
>
> On Wed, 1 Sep 2021 08:22:42 +0000 David Laight wrote:
> > From: Jakub Kicinski
> > > Sent: 31 August 2021 17:30
> > >
> > > On Thu, 26 Aug 2021 12:46:01 -0700 Peter Collingbourne wrote:
> > > > @@ -3306,6 +3308,8 @@ static int compat_ifr_data_ioctl(struct net *net, unsigned int cmd,
> > > >   struct ifreq ifreq;
> > > >   u32 data32;
> > > >
> > > > + if (!is_socket_ioctl_cmd(cmd))
> > > > +         return -ENOTTY;
> > > >   if (copy_from_user(ifreq.ifr_name, u_ifreq32->ifr_name, IFNAMSIZ))
> > > >           return -EFAULT;
> > > >   if (get_user(data32, &u_ifreq32->ifr_data))
> > >
> > > Hi Peter, when resolving the net -> net-next merge conflict I couldn't
> > > figure out why this chunk is needed. It seems all callers of
> > > compat_ifr_data_ioctl() already made sure it's a socket IOCTL.
> > > Please double check my resolution (tip of net-next) and if this is
> > > indeed unnecessary perhaps send a cleanup? Thanks!
> >
> > To stop the copy_from_user() faulting when the user buffer
> > isn't long enough.
> > In particular for iasatty() on arm with tagged pointers.
>
> Let me rephrase. is_socket_ioctl_cmd() is always true here. There were
> only two callers, both check cmd is of specific, "sockety" type.

I see, it looks like we don't need the check on the compat path then.

I can send a followup to clean this up but given that I got a comment
from another reviewer saying that we should try to make the native and
compat paths as similar as possible, maybe it isn't too bad to leave
things as is?

Peter