Received: by 2002:a05:6358:4e97:b0:b3:742d:4702 with SMTP id ce23csp2018869rwb; Fri, 19 Aug 2022 13:40:12 -0700 (PDT) X-Google-Smtp-Source: AA6agR5O0k/5R3YKpDv20owoQyKlUKBVnr0s/WxYjoVkP/DpTtpcnBr2NlU2nKbufbq3dXLOXd/n X-Received: by 2002:a05:6402:4385:b0:440:679a:c3fa with SMTP id o5-20020a056402438500b00440679ac3famr7122136edc.118.1660941612492; Fri, 19 Aug 2022 13:40:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1660941612; cv=none; d=google.com; s=arc-20160816; b=oj9BpZZuNEgzWhB/ICtFdbrPXbQIUltiKRmmdRGv+XRWdYtQfpzYzq5AvT5MfZx+86 UE+a+kmRlFLRMI8sudjI45jCQt0ZqMAC7TUv5nB6qYx6uiAbNvhUw4NWZVmElo71G7Cc ZJrhT/ENkZ8uX1PwT7dEuqPMUNn1vYpS7KF8xCIPY72gXKFEYg+/ykM0OrYuVUR4zsv+ vY9ZWlEOypJbvMSGCwBQ6XEvwD+4pR/BZtqI4VkBEc/Pjfbmio57QnBzJidP47WPJqmU vJl4ytpwy5/DrhV6w5oqTlqYLsOL96sIDl5IzaRW2XYAi/jOu49CN2bL3KFGry0+pfar vlPA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=TWnGx0tsPzDsYWN5IvwyG0/F4n3/lHDuvrydVsnCdTg=; b=a+fUdJDPYWMyTOMtxGHdngb8WRrEhHmfmrAqa2UR82LUj89y4zQIiP1D+2DYkV8V54 VBnzow0y5aBJadgM6fDlsDZzRUSOPA+eyYoRc9dVuLFfFbTezSHipaRG8jRAl4T9hmi3 aYN37t8oGOSCvypIWhE+TW/hPTKjQ1rkZLIfNz1KhQSTdC9vM2dhBBB3gk6S8EFJjrQB b+kwYDNcFX/lILZH+47o3v/OHGAvz9DQ59rMMzO0U0YxP5s9uJX7m8XncTHZ+tbMVwcY U9H7h0E6dE/W3XdQXz/hvBnxgx80cjpuiiBqBSFyCD38Mo+yu/eNDhJJK4Ug2XwLoutW GxBQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=FamF99PO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u13-20020a170906b10d00b00733b061e7ccsi3352671ejy.476.2022.08.19.13.39.45; Fri, 19 Aug 2022 13:40:12 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=FamF99PO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1351747AbiHSUMw (ORCPT + 99 others); Fri, 19 Aug 2022 16:12:52 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55374 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1351744AbiHSUMt (ORCPT ); Fri, 19 Aug 2022 16:12:49 -0400 Received: from mail-io1-xd34.google.com (mail-io1-xd34.google.com [IPv6:2607:f8b0:4864:20::d34]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 752BB106510 for ; Fri, 19 Aug 2022 13:12:48 -0700 (PDT) Received: by mail-io1-xd34.google.com with SMTP id y187so4138163iof.0 for ; Fri, 19 Aug 2022 13:12:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc; bh=TWnGx0tsPzDsYWN5IvwyG0/F4n3/lHDuvrydVsnCdTg=; b=FamF99POPr6PtKGcfiAFaDyK/px9/QEUZ9jAWq0VuRMjBQuH/SIEycINUXdEisf8wJ GB5Fp0sV/9jsr8SHRoKkycJAodjombPVpppk1giNuh7jurYysChORzMPgyHKQdBRx6Yi bMQ8CZykRl92tAcPu+aCfb2R1BHuyiGBmYyICNbj6NOdCbqR0y056zBRI5sucULdSXWP iBSs6go4YjTUccStqlOuQrHTd0ys3ntGBcGxqR0SgI4W+Fz4sL7vOXN4324d30h8iu/T k8P9H+ggVIlKLOTUU3V6HrleaFRS/uGb9Vw8lQ57cl7kluTFPaNsmbjckIsP6sE3O2xR GObw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc; bh=TWnGx0tsPzDsYWN5IvwyG0/F4n3/lHDuvrydVsnCdTg=; b=fMzUwE6SEkBJitP8MPOxr1FNgu22ltEZX2H4DmnLMH5i2B2UoD9nNJTF76eB55C3nm +4iGmtaNayKvYUROhYQgBmAsnUyPLg8VPofReXWkkHQBiJVjaUSqDs129exvDF432n8l awbRGUqMk6c8tiUCmKZ0vnI+OoENpQlljxupGDtWV68d6+jJj6srJY4x4YuJnj602p6Q m4pwK/cMQg2UwrMtVoWV8G9/+FIe9ZD1G5pu9pmkEVmMqLx7xd0WaYiRqfFlgxLd9rzm gWosjcjq8bTR8KgEp3w7VB9I37/9DCVl6ZVJ/k3D8qZ2FAUgsBOpEs3jso/Tn2fYM0Bc 8miQ== X-Gm-Message-State: ACgBeo2eJvF7QHou/4i9m4p3oehPryJFIAaWfmF4QZu6aUmX1TyNz//j MDO1HtJbyi074V7qiUTZ2vlxg1WEQ+6H7Zn1y8Pa0Q== X-Received: by 2002:a05:6638:34a8:b0:343:4d0a:5984 with SMTP id t40-20020a05663834a800b003434d0a5984mr4292780jal.167.1660939967732; Fri, 19 Aug 2022 13:12:47 -0700 (PDT) MIME-Version: 1.0 References: <20220817214728.489904-1-axelrasmussen@google.com> <20220817214728.489904-3-axelrasmussen@google.com> In-Reply-To: From: Axel Rasmussen Date: Fri, 19 Aug 2022 13:12:10 -0700 Message-ID: Subject: Re: [PATCH v6 2/5] userfaultfd: add /dev/userfaultfd for fine grained access control To: Greg KH Cc: Alexander Viro , Andrew Morton , Dave Hansen , "Dmitry V . Levin" , Gleb Fotengauer-Malinovskiy , Hugh Dickins , Jan Kara , Jonathan Corbet , Mel Gorman , Mike Kravetz , Mike Rapoport , Nadav Amit , Peter Xu , Shuah Khan , Suren Baghdasaryan , Vlastimil Babka , zhangyi , linux-doc@vger.kernel.org, linux-fsdevel , LKML , Linuxkselftest , Linux MM , linux-security-module@vger.kernel.org, Mike Rapoport Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Aug 17, 2022 at 11:26 PM Greg KH wrote: > > On Wed, Aug 17, 2022 at 02:47:25PM -0700, Axel Rasmussen wrote: > > +static int userfaultfd_dev_open(struct inode *inode, struct file *file) > > +{ > > + return 0; > > If your open does nothing, no need to list it here at all, right? > > > +} > > + > > +static long userfaultfd_dev_ioctl(struct file *file, unsigned int cmd, unsigned long flags) > > +{ > > + if (cmd != USERFAULTFD_IOC_NEW) > > + return -EINVAL; > > + > > + return new_userfaultfd(flags); > > +} > > + > > +static const struct file_operations userfaultfd_dev_fops = { > > + .open = userfaultfd_dev_open, > > + .unlocked_ioctl = userfaultfd_dev_ioctl, > > + .compat_ioctl = userfaultfd_dev_ioctl, > > Why do you need to set compat_ioctl? Shouldn't it just default to the > existing one? I took some more time looking at this today, and I think it actually has to be the way it is. I didn't find anywhere we noticed compat_ioctl unset, and default to the "normal" one (e.g. see the compat ioctl syscall definition in fs/ioctl.c). It looks to me like it really does need some value. It's common to use compat_ptr_ioctl for this, but since we're interpreting the arg as a scalar not as a pointer, doing that here would be incorrect. It looks like there are other existing examples that do it the same way, e.g. seccomp_notify_ops in linux/seccomp.c. > > And why is this a device node at all? Shouldn't the syscall handle all > of this (to be honest, I didn't read anything but the misc code, sorry.) > > thanks, > > greg k-h