Received: by 2002:a05:6a10:1a4d:0:0:0:0 with SMTP id nk13csp244128pxb; Mon, 7 Feb 2022 10:14:07 -0800 (PST) X-Google-Smtp-Source: ABdhPJwOuecGqVnEUvcpDoYohMkTqDZYP0SSXwYVOpZg/pqml8TWy/fBd17VmPlnttU5j/2ts+a9 X-Received: by 2002:a63:8149:: with SMTP id t70mr519557pgd.266.1644257647483; Mon, 07 Feb 2022 10:14:07 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1644257647; cv=none; d=google.com; s=arc-20160816; b=V59HrUxNObXLIuVTftj/1YZbDaBrtcLU4xNLVrN3+VP0jblGKMOAqxY0VxR/+jJ2zR QlGr2fqVjuxu2umkVpEtE6WQDPufdoANFsXr0Co1W6xZ8P7d/uCDgJLBcn9GWKXmtxC+ GXlC1/5MbRy2NDj8C0YNlHp9Qbe5HXkT4Y/xcPdi8Te4+aKe6ydMStk+UhzNDadmVikh LRakz2mpVEb3w0VBEPWWLDiowFrtFkdssSIJq4thKMeUFdXKoa+Qs1+y9cEUe7IaCrfy QXlmiuJFDH/b6zBSRTnK9T1myZysvDEGljxyh3RcBIWJHQb+yzpA94KLv4q4N/QBGcMa XxPw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=QrLTNVShrpy6/lAFMq068G4UwTS0BnpdGIILr+5Fs3Y=; b=cMl1+eAz+SmcoSZt9dDzDV5j8bPjfIUBQT/6oFTCwhRDku51rW0j5ag6Vr27HS9LBt AowOq7kTAJIxrGFTOyB5184s4hDZ7kUc0SUdgvynEaF1SIBZxgZ9eQG4CQjGsie2A81A sk5L11bVLK286v68sIH350iv5NzJkqQhwli/GE5Ln1DOGdfH8cVVET5Uey42DUz8PHyP sRvSBljPrSZgd8dt5HH1YYSCxHoc6Q2jVTJH1+Lqs87Wj59zv1wBD6Fo+7bNd440NmkA kwMvIpi0lTQwMFo/HgXCLgoaRbE3ycdzPvfeo0WsGnFA44RwzkRY6KLcL+Ag8qkcPqeS k3Fw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=qupMA6Y+; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id q9si11191289pgg.428.2022.02.07.10.13.54; Mon, 07 Feb 2022 10:14:07 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=qupMA6Y+; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1353255AbiBCSL6 (ORCPT + 99 others); Thu, 3 Feb 2022 13:11:58 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:52732 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232248AbiBCSL4 (ORCPT ); Thu, 3 Feb 2022 13:11:56 -0500 Received: from pps.filterd (m0098399.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 213GfCvS021697; Thu, 3 Feb 2022 18:11:50 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=QrLTNVShrpy6/lAFMq068G4UwTS0BnpdGIILr+5Fs3Y=; b=qupMA6Y+vyvnQ3FaRD54A5BIruwryQUCXUL2Q2bQGpqwGYkQmog0/lLZ3DOFoZS4l/5Y Yb2sgbVCg+AtOcdEl/8SEE7VRpXOoRbOPxExoJ6v/dFaDioNocYtiISzZjO6uFVT3QHh 1UkNtHfk2jPD8tF99ifA6BMedmEa9SXLImsqpkMBwTj35JCD2/sG8zcoRGBa/yDgLsHr KkI1NZzSj8O5riqO2jE6v7rCIdC1j2+hCayNnxlcrzEkl9Eh9KbmOdlbVxXmPe8wJ22b UWARuPQ6b6DTtpZAf8bywRztSRydIGkIa3E3rPDXjcB6JJIeVFXyVa8FdizxPWenZGI2 TA== Received: from ppma04fra.de.ibm.com (6a.4a.5195.ip4.static.sl-reverse.com [149.81.74.106]) by mx0a-001b2d01.pphosted.com with ESMTP id 3dyvcmx4m9-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 03 Feb 2022 18:11:49 +0000 Received: from pps.filterd (ppma04fra.de.ibm.com [127.0.0.1]) by ppma04fra.de.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 213I38Zf005142; Thu, 3 Feb 2022 18:11:47 GMT Received: from b06avi18878370.portsmouth.uk.ibm.com (b06avi18878370.portsmouth.uk.ibm.com [9.149.26.194]) by ppma04fra.de.ibm.com with ESMTP id 3dvw79xu0u-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 03 Feb 2022 18:11:47 +0000 Received: from d06av21.portsmouth.uk.ibm.com (d06av21.portsmouth.uk.ibm.com [9.149.105.232]) by b06avi18878370.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 213IBhRZ33030610 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 3 Feb 2022 18:11:43 GMT Received: from d06av21.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 78F865204F; Thu, 3 Feb 2022 18:11:43 +0000 (GMT) Received: from tuxmaker.boeblingen.de.ibm.com (unknown [9.152.85.9]) by d06av21.portsmouth.uk.ibm.com (Postfix) with ESMTP id 3224D52050; Thu, 3 Feb 2022 18:11:43 +0000 (GMT) From: Janis Schoetterl-Glausch To: scgl@linux.ibm.com Cc: akpm@linux-foundation.org, arnd@arndb.de, borntraeger@linux.ibm.com, hca@linux.ibm.com, keescook@chromium.org, linux-kernel@vger.kernel.org, viro@zeniv.linux.org.uk Subject: Re: [RFC PATCH 0/2] uaccess: Add mechanism for key checked access to user memory Date: Thu, 3 Feb 2022 19:11:39 +0100 Message-Id: <20220203181141.2682997-1-scgl@linux.ibm.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20220126173358.2951879-1-scgl@linux.ibm.com> References: <20220126173358.2951879-1-scgl@linux.ibm.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-TM-AS-GCONF: 00 X-Proofpoint-GUID: -h49B-CSwRzWiPWHgGgI0NY10eNw1Duk X-Proofpoint-ORIG-GUID: -h49B-CSwRzWiPWHgGgI0NY10eNw1Duk X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.816,Hydra:6.0.425,FMLib:17.11.62.513 definitions=2022-02-03_06,2022-02-03_01,2021-12-02_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 mlxscore=0 priorityscore=1501 impostorscore=0 suspectscore=0 lowpriorityscore=0 malwarescore=0 adultscore=0 clxscore=1015 phishscore=0 mlxlogscore=875 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2201110000 definitions=main-2202030110 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > Considerations: > * The key argument is an unsigned long, in order to make the functions > less specific to s390, which would only need an u8. > This could also be generalized further, i.e. by having the type be > defined by the architecture, with the default being a struct without > any members. > Also the functions could be renamed ..._opaque, ..._arg, or similar. > * Which functions do we provide _key variants for? Just defining > __copy_from/to_user_key would make it rather specific to our use > case. > * Should ...copy_from/to_user_key functions be callable from common > code? The patch defines the functions to be functionally identical > to the normal functions if the architecture does not define > raw_copy_from/to_user_key, so that this would be possible, however it > is not required for our use case. > After thinking about it some more, this variant seems an attractive compromise between the different dimensions. It maximises extensibility by having the additional argument and semantic completely architecture defined. At the same time it keeps the changes to the minimum, which reduces the maintenance cost of keeping the functions in sync. It is also clear how other use cases can be supported, when they arise. Calling the functions from common code would be supported by defining the opaque argument as an empty struct by default, and defaulting to raw_copy_from/to_user. If other variants of copy to/from user with an additional argument are required they can be added in the same manner as is done here for __copy_from/to_user. > > Comments are much appreciated. Janis Schoetterl-Glausch (2): uaccess: Add mechanism for arch specific user access with argument s390/uaccess: Provide raw_copy_from/to_user_opaque arch/s390/include/asm/uaccess.h | 27 ++++++++++++++-- arch/s390/lib/uaccess.c | 56 ++++++++++++++++++++------------- include/linux/uaccess.h | 28 +++++++++++++++++ 3 files changed, 88 insertions(+), 23 deletions(-) -- 2.32.0