Received: by 2002:a05:7412:b10a:b0:f3:1519:9f41 with SMTP id az10csp2831379rdb; Mon, 4 Dec 2023 08:36:47 -0800 (PST) X-Google-Smtp-Source: AGHT+IEMxTB03N1jZUZbMsl+hkQKM3vmlM6QUaYpd4xCDJBCxz4OUobvemWMBIP2rw+LiQAAAeDZ X-Received: by 2002:a05:6a00:cc3:b0:6cb:db73:a6db with SMTP id b3-20020a056a000cc300b006cbdb73a6dbmr2363553pfv.21.1701707807141; Mon, 04 Dec 2023 08:36:47 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1701707807; cv=none; d=google.com; s=arc-20160816; b=zU4bcbBWi4LQlJDKq6/zyv9sW5Epm9gmvmkxqhiztpJsYT+7Yqcif1hXr69AziY2bp 8JkOK8eRMrv6e78Y87d8KlyE8I+jhqsjKbfi51j82l7vgpniGoPSsY3nDK7bBMIADDyy XxaklA26sl2OiFvhPdZxrruKS9hI4LPF6tLo4c/06h0WWlUsQvZzio9c+rxtDDusWkZB eK1MV2K8zl7/U0lRjWDU+mZqZYN+CFw1MQTTB0E6W1hfgHFqyg3nefLqovMrOqo8ms8r ZzsNeOayT8DAYWMW0uety32o760KFGqNSH1RnmmufVQUbzpQ69tw/7mOCpRgM+cSgqU3 dd1A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=us8gsjHarIzs7ZFxugV7AhwY15FOF2F+Lt1IT0vCWcg=; fh=AfxGswf3yTZBk0W1kNIu6vEgQxaiS6mloGDALOQxfSo=; b=HH932kuvAOskfZ+8yiwBWSPLKfBc0xEE30hJ5gFcmKi7b/Siyz8ttYqfCuIDeCsCOw rwzIWIJIbwnLS3G6gg5L/aRRtNpm+C2239ssP+TI3AtF1/tv1YLWBbVWow0FuvhZgxle eIhHSP9A/TV8/YCdcqveELkCbvBBPbq2ytx8ex8xmdYq5/8A2amt20OYNAM0+Y20vMuu u+LPhf0TkqDuVJaTv0MnY6TZHtsOfEMTyKvYRqfjP12nRnWdxbXiRGMigN5y12XbEfoB EZLbL7eHHhzw8P6Asasib+PukmXLcE/zTJjKpjOotMW1HOnhQD4voIWfovLE5EhrEf6l /cOw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel-dk.20230601.gappssmtp.com header.s=20230601 header.b=2v+inNOo; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from lipwig.vger.email (lipwig.vger.email. [2620:137:e000::3:3]) by mx.google.com with ESMTPS id a1-20020a056a001d0100b006cdd1aed274si8146814pfx.349.2023.12.04.08.36.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Dec 2023 08:36:47 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) client-ip=2620:137:e000::3:3; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel-dk.20230601.gappssmtp.com header.s=20230601 header.b=2v+inNOo; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id 0B56D8053607; Mon, 4 Dec 2023 08:36:45 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344692AbjLDQga (ORCPT + 99 others); Mon, 4 Dec 2023 11:36:30 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48874 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1344666AbjLDQg3 (ORCPT ); Mon, 4 Dec 2023 11:36:29 -0500 Received: from mail-io1-xd2e.google.com (mail-io1-xd2e.google.com [IPv6:2607:f8b0:4864:20::d2e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1A821AC for ; Mon, 4 Dec 2023 08:36:35 -0800 (PST) Received: by mail-io1-xd2e.google.com with SMTP id ca18e2360f4ac-7b359dad0e7so42558839f.0 for ; Mon, 04 Dec 2023 08:36:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kernel-dk.20230601.gappssmtp.com; s=20230601; t=1701707794; x=1702312594; darn=vger.kernel.org; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=us8gsjHarIzs7ZFxugV7AhwY15FOF2F+Lt1IT0vCWcg=; b=2v+inNOoVN+RdPntZFXEOBSYl40N39myJY1BPWjuXl78dL4v1xuLZ6Z0pt7wynm5iS 1uHyMlVSvOvKqtpRRF6wyNGGmfYCcsvseBggFBSXOOBB4qzqMdyTTbZ/mcCEF6MnLrIq 9vioo8PJPiuD/Y9w6Ux8ZVP3QeV8SdFzii2HY50+uhxbSAi/8bpzFNtsaSrUGaXynoSi VbULkOPQWo5N1i3yp+ZAwlYryvJbXwc+TZxs619yL5UiOtN+1/KU5vTJCHiubLSgtqA1 x7XXFv9+OqwSBcgUQ663fRD9VhELsA84/m18bod9dn05WOKIPLDOd2bN7rVpWiPOxUou gSeQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701707794; x=1702312594; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=us8gsjHarIzs7ZFxugV7AhwY15FOF2F+Lt1IT0vCWcg=; b=Nk7Mm11XD4zgWpq7SSLCW+aI2fNTuafWacEmj0X9b54AIXUR2o3dHfahZOX9kMQj4M 4+gWRbmg/9qXqInN7A2allyD25vjrarBobhwFX6K6lWyZ+U0a4JJVu4hEuuk2/JbG0tt f5yuhyoBV8JwOlUMqHLiUqjtE8BzqnXElLjkNcJM87f5RpL4wn7Lm3KD7ZviCAsK7Iwz HWqsZv95a/k95oLfO9MTZWpe5eyFbWiIkZOn8oL9tGIYJePU9Hi0oXAv/xA8KhFkM9gB KaY8V51/eSJLYhwdqW0WmCHLDtAFN1MIMkI+8NgdWPtU/Sx76qRxRdlMU3uXoL/unkuz 4qKg== X-Gm-Message-State: AOJu0Yy5qz6h9r2as1Fa4Uo5a6WIlM9dIZcDReS5md1z1bGfBwwYagkt BDImEPp+437M07PE4S+GfK3WEE0intB6KyqOxNuW2w== X-Received: by 2002:a5e:8303:0:b0:7b4:2e28:2343 with SMTP id x3-20020a5e8303000000b007b42e282343mr5979763iom.1.1701707794411; Mon, 04 Dec 2023 08:36:34 -0800 (PST) Received: from [192.168.1.116] ([96.43.243.2]) by smtp.gmail.com with ESMTPSA id p21-20020a02b395000000b0046667bf4555sm2636149jan.34.2023.12.04.08.36.32 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 04 Dec 2023 08:36:33 -0800 (PST) Message-ID: <438a8b44-ea5f-4e13-bd7e-e1c2e2a481c4@kernel.dk> Date: Mon, 4 Dec 2023 09:36:31 -0700 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v4] tee: Use iov_iter to better support shared buffer registration Content-Language: en-US To: Sumit Garg , Arnaud POULIQUEN , Al Viro Cc: Jens Wiklander , Christoph Hellwig , op-tee@lists.trustedfirmware.org, linux-kernel@vger.kernel.org References: <20231129164439.1130903-1-arnaud.pouliquen@foss.st.com> <60b67bd5-36c3-4318-9a2b-bcf172681d45@foss.st.com> <40902a86-3b88-45bc-bb6f-2de0eb48dc9d@foss.st.com> From: Jens Axboe In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Mon, 04 Dec 2023 08:36:45 -0800 (PST) On 12/4/23 5:42 AM, Sumit Garg wrote: > IMO, access_ok() should be the first thing that import_ubuf() or > import_single_range() should do, something as follows: > > diff --git a/lib/iov_iter.c b/lib/iov_iter.c > index 8ff6824a1005..4aee0371824c 100644 > --- a/lib/iov_iter.c > +++ b/lib/iov_iter.c > @@ -1384,10 +1384,10 @@ EXPORT_SYMBOL(import_single_range); > > int import_ubuf(int rw, void __user *buf, size_t len, struct iov_iter *i) > { > - if (len > MAX_RW_COUNT) > - len = MAX_RW_COUNT; > if (unlikely(!access_ok(buf, len))) > return -EFAULT; > + if (len > MAX_RW_COUNT) > + len = MAX_RW_COUNT; > > iov_iter_ubuf(i, rw, buf, len); > return 0; > > Jens A., Al Viro, > > Was there any particular reason which I am unaware of to perform > access_ok() check on modified input length? This change makes sense to me, and seems consistent with what is done elsewhere too. -- Jens Axboe