From: David Laight <David.Laight@ACULAB.COM>
To: 'Al Viro' <viro@zeniv.linux.org.uk>, Christoph Hellwig <hch@lst.de>
Cc: Andrew Morton <akpm@linux-foundation.org>,
Jens Axboe <axboe@kernel.dk>, Arnd Bergmann <arnd@arndb.de>,
David Howells <dhowells@redhat.com>,
"linux-arm-kernel@lists.infradead.org"
<linux-arm-kernel@lists.infradead.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-mips@vger.kernel.org" <linux-mips@vger.kernel.org>,
"linux-parisc@vger.kernel.org" <linux-parisc@vger.kernel.org>,
"linuxppc-dev@lists.ozlabs.org" <linuxppc-dev@lists.ozlabs.org>,
"linux-s390@vger.kernel.org" <linux-s390@vger.kernel.org>,
"sparclinux@vger.kernel.org" <sparclinux@vger.kernel.org>,
"linux-block@vger.kernel.org" <linux-block@vger.kernel.org>,
"linux-scsi@vger.kernel.org" <linux-scsi@vger.kernel.org>,
"linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>,
"linux-aio@kvack.org" <linux-aio@kvack.org>,
"io-uring@vger.kernel.org" <io-uring@vger.kernel.org>,
"linux-arch@vger.kernel.org" <linux-arch@vger.kernel.org>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
"netdev@vger.kernel.org" <netdev@vger.kernel.org>,
"keyrings@vger.kernel.org" <keyrings@vger.kernel.org>,
"linux-security-module@vger.kernel.org"
<linux-security-module@vger.kernel.org>
Subject: RE: [PATCH 02/11] mm: call import_iovec() instead of rw_copy_check_uvector() in process_vm_rw()
Date: Mon, 21 Sep 2020 15:21:35 +0000 [thread overview]
Message-ID: <ef67787edb2f48548d69caaaff6997ba@AcuMS.aculab.com> (raw)
In-Reply-To: <20200921150211.GS3421308@ZenIV.linux.org.uk>
From: Al Viro
> Sent: 21 September 2020 16:02
>
> On Mon, Sep 21, 2020 at 04:34:25PM +0200, Christoph Hellwig wrote:
> > From: David Laight <David.Laight@ACULAB.COM>
> >
> > This is the only direct call of rw_copy_check_uvector(). Removing it
> > will allow rw_copy_check_uvector() to be inlined into import_iovec(),
> > while only paying a minor price by setting up an otherwise unused
> > iov_iter in the process_vm_readv/process_vm_writev syscalls that aren't
> > in a super hot path.
>
> > @@ -443,7 +443,7 @@ void iov_iter_init(struct iov_iter *i, unsigned int direction,
> > const struct iovec *iov, unsigned long nr_segs,
> > size_t count)
> > {
> > - WARN_ON(direction & ~(READ | WRITE));
> > + WARN_ON(direction & ~(READ | WRITE | CHECK_IOVEC_ONLY));
> > direction &= READ | WRITE;
>
> Ugh...
>
> > - rc = rw_copy_check_uvector(CHECK_IOVEC_ONLY, rvec, riovcnt, UIO_FASTIOV,
> > - iovstack_r, &iov_r);
> > + rc = import_iovec(CHECK_IOVEC_ONLY, rvec, riovcnt, UIO_FASTIOV, &iov_r,
> > + &iter_r);
> > if (rc <= 0)
> > goto free_iovecs;
> >
> > - rc = process_vm_rw_core(pid, &iter, iov_r, riovcnt, flags, vm_write);
> > + rc = process_vm_rw_core(pid, &iter_l, iter_r.iov, iter_r.nr_segs,
> > + flags, vm_write);
>
> ... and ugh^2, since now you are not only setting a meaningless iov_iter,
> you are creating a new place that pokes directly into struct iov_iter
> guts.
>
> Sure, moving rw_copy_check_uvector() over to lib/iov_iter.c makes sense.
> But I would rather split the access_ok()-related checks out of that thing
> and bury CHECK_IOVEC_ONLY.
>
> Step 1: move the damn thing to lib/iov_iter.c (same as you do, but without
> making it static)
>
> Step 2: split it in two:
>
> ssize_t rw_copy_check_uvector(const struct iovec __user * uvector,
> unsigned long nr_segs, unsigned long fast_segs,
> struct iovec *fast_pointer,
> struct iovec **ret_pointer)
> {
> unsigned long seg;
...
> ret = 0;
> for (seg = 0; seg < nr_segs; seg++) {
> void __user *buf = iov[seg].iov_base;
> ssize_t len = (ssize_t)iov[seg].iov_len;
>
> /* see if we we're about to use an invalid len or if
> * it's about to overflow ssize_t */
> if (len < 0)
> return -EINVAL;
> if (len > MAX_RW_COUNT - ret) {
> len = MAX_RW_COUNT - ret;
> iov[seg].iov_len = len;
> }
> ret += len;
> }
> return ret;
> }
>
> /*
> * This is merely an early sanity check; we do _not_ rely upon
> * it when we get to the actual memory accesses.
> */
> static bool check_iovecs(const struct iovec *iov, int nr_segs)
> {
> for (seg = 0; seg < nr_segs; seg++) {
> void __user *buf = iov[seg].iov_base;
> ssize_t len = (ssize_t)iov[seg].iov_len;
>
> if (unlikely(!access_ok(buf, len)))
> return false;
> }
> return true;
> }
You really don't want to be looping through the array twice.
In fact you don't really want to be doing all those tests at all.
This code makes a significant fraction of the not-insignificant
difference between the 'costs' of send() and sendmsg().
I think the 'length' check can be optimised to do something like:
for (...) {
ssize_t len = (ssize_t)iov[seg].iov_len;
ret += len;
len_hi += (unsigned long)len >> 20;
}
if (len_hi) {
/* Something potentially odd in the lengths.
* Might just be a very long fragment.
* Check the individial values. */
Add the exiting loop here.
}
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
next prev parent reply other threads:[~2020-09-21 15:21 UTC|newest]
Thread overview: 184+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-18 12:45 let import_iovec deal with compat_iovecs as well Christoph Hellwig
2020-09-18 12:45 ` [PATCH 1/9] kernel: add a PF_FORCE_COMPAT flag Christoph Hellwig
2020-09-18 13:40 ` Al Viro
2020-09-18 13:44 ` Christoph Hellwig
2020-09-18 13:58 ` Al Viro
2020-09-18 15:16 ` Christoph Hellwig
2020-09-19 16:21 ` Andy Lutomirski
2020-09-19 21:16 ` Arnd Bergmann
2020-09-19 21:52 ` Finn Thain
2020-09-19 22:22 ` Andy Lutomirski
2020-09-21 16:10 ` Pavel Begunkov
2020-09-21 16:13 ` Pavel Begunkov
2020-09-21 23:51 ` Andy Lutomirski
2020-09-22 0:22 ` Pavel Begunkov
2020-09-22 0:58 ` Andy Lutomirski
2020-09-22 6:30 ` Pavel Begunkov
2020-09-22 7:23 ` Arnd Bergmann
2020-09-22 7:57 ` Pavel Begunkov
2020-09-22 9:01 ` Arnd Bergmann
2020-09-22 16:20 ` Andy Lutomirski
2020-09-23 8:01 ` Pavel Begunkov
2020-09-23 13:22 ` Al Viro
2020-09-19 22:09 ` Al Viro
2020-09-19 22:23 ` Andy Lutomirski
2020-09-19 22:41 ` Al Viro
2020-09-19 22:53 ` Andy Lutomirski
2020-09-19 23:24 ` Al Viro
2020-09-20 0:14 ` Andy Lutomirski
2020-09-20 2:57 ` Al Viro
2020-09-20 16:59 ` Andy Lutomirski
2020-09-20 18:12 ` Al Viro
2020-09-20 13:55 ` Arnd Bergmann
2020-09-20 15:02 ` Al Viro
2020-09-19 14:53 ` David Laight
2020-09-18 13:59 ` Arnd Bergmann
2020-09-20 15:15 ` Matthew Wilcox
2020-09-20 15:55 ` William Kucharski
2020-09-21 16:20 ` Pavel Begunkov
2020-09-20 16:00 ` Arnd Bergmann
2020-09-20 18:07 ` Al Viro
2020-09-20 18:41 ` Al Viro
2020-09-20 19:01 ` Matthew Wilcox
2020-09-20 19:10 ` Al Viro
2020-09-20 19:22 ` Matthew Wilcox
2020-09-20 19:28 ` Andy Lutomirski
2020-09-20 20:49 ` Arnd Bergmann
2020-09-20 21:13 ` David Laight
2020-09-21 16:31 ` Pavel Begunkov
2020-09-20 21:42 ` Al Viro
2020-09-21 16:26 ` Pavel Begunkov
2020-09-20 19:14 ` Andy Lutomirski
2020-09-21 4:28 ` Christoph Hellwig
2020-09-18 12:45 ` [PATCH 2/9] compat.h: fix a spelling error in <linux/compat.h> Christoph Hellwig
2020-09-18 13:37 ` Johannes Thumshirn
2020-09-18 12:45 ` [PATCH 3/9] fs: explicitly check for CHECK_IOVEC_ONLY in rw_copy_check_uvector Christoph Hellwig
2020-09-18 12:56 ` Matthew Wilcox
2020-09-18 13:39 ` Johannes Thumshirn
2020-09-18 12:45 ` [PATCH 4/9] fs: handle the compat case in import_iovec Christoph Hellwig
2020-09-18 12:45 ` [PATCH 5/9] fs: remove various compat readv/writev helpers Christoph Hellwig
2020-09-18 12:45 ` [PATCH 6/9] fs: remove the compat readv/writev syscalls Christoph Hellwig
2020-09-18 12:45 ` [PATCH 7/9] fs: remove compat_sys_vmsplice Christoph Hellwig
2020-09-18 12:45 ` [PATCH 8/9] mm: remove compat_process_vm_{readv,writev} Christoph Hellwig
2020-09-18 13:48 ` Arnd Bergmann
2020-09-18 12:45 ` [PATCH 9/9] security/keys: remove compat_keyctl_instantiate_key_iov Christoph Hellwig
2020-09-19 14:24 ` let import_iovec deal with compat_iovecs as well David Laight
2020-09-21 4:41 ` 'Christoph Hellwig'
2020-09-21 11:11 ` David Laight
2020-09-21 14:34 ` let import_iovec deal with compat_iovecs as well v2 Christoph Hellwig
2020-09-21 14:34 ` [PATCH 01/11] compat.h: fix a spelling error in <linux/compat.h> Christoph Hellwig
2020-09-21 14:34 ` [PATCH 02/11] mm: call import_iovec() instead of rw_copy_check_uvector() in process_vm_rw() Christoph Hellwig
2020-09-21 14:48 ` Matthew Wilcox
2020-09-21 15:02 ` Al Viro
2020-09-21 15:21 ` David Laight [this message]
2020-09-21 15:29 ` Al Viro
2020-09-21 15:44 ` David Laight
2020-09-21 16:27 ` Al Viro
2020-09-21 16:12 ` Christoph Hellwig
2020-09-21 14:34 ` [PATCH 03/11] iov_iter: move rw_copy_check_uvector() into lib/iov_iter.c and mark it static Christoph Hellwig
2020-09-21 14:34 ` [PATCH 04/11] iov_iter: explicitly check for CHECK_IOVEC_ONLY in rw_copy_check_uvector Christoph Hellwig
2020-09-21 15:05 ` David Laight
2020-09-21 15:11 ` Al Viro
2020-09-21 15:26 ` David Laight
2020-09-21 15:07 ` Al Viro
2020-09-21 14:34 ` [PATCH 05/11] iov_iter: merge the compat case into rw_copy_check_uvector Christoph Hellwig
2020-09-21 15:14 ` Al Viro
2021-01-08 11:49 ` David Laight
2020-09-21 14:34 ` [PATCH 06/11] iov_iter: handle the compat case in import_iovec Christoph Hellwig
2020-09-21 15:20 ` Al Viro
2020-09-21 14:34 ` [PATCH 07/11] fs: remove various compat readv/writev helpers Christoph Hellwig
2020-09-21 14:34 ` [PATCH 08/11] fs: remove the compat readv/writev syscalls Christoph Hellwig
2020-09-21 14:34 ` [PATCH 09/11] fs: remove compat_sys_vmsplice Christoph Hellwig
2020-09-21 14:34 ` [PATCH 10/11] mm: remove compat_process_vm_{readv,writev} Christoph Hellwig
2020-09-21 14:34 ` [PATCH 11/11] security/keys: remove compat_keyctl_instantiate_key_iov Christoph Hellwig
2020-09-23 6:05 ` let import_iovec deal with compat_iovecs as well v3 Christoph Hellwig
2020-09-23 6:05 ` [PATCH 1/9] compat.h: fix a spelling error in <linux/compat.h> Christoph Hellwig
2020-09-23 6:05 ` [PATCH 2/9] iov_iter: move rw_copy_check_uvector() into lib/iov_iter.c Christoph Hellwig
2020-09-23 6:05 ` [PATCH 3/9] iov_iter: refactor rw_copy_check_uvector and import_iovec Christoph Hellwig
2020-09-23 14:16 ` Al Viro
2020-09-23 14:38 ` David Laight
2020-09-23 14:49 ` Al Viro
2020-09-23 14:40 ` Al Viro
2020-09-23 6:05 ` [PATCH 4/9] iov_iter: transparently handle compat iovecs in import_iovec Christoph Hellwig
2020-09-23 6:05 ` [PATCH 5/9] fs: remove various compat readv/writev helpers Christoph Hellwig
2020-09-23 14:25 ` Al Viro
2020-09-23 14:32 ` Christoph Hellwig
2020-09-23 14:59 ` Al Viro
2020-09-23 16:38 ` Al Viro
2020-09-23 17:05 ` Al Viro
2020-09-23 17:46 ` Christoph Hellwig
2020-09-23 17:08 ` Brian Gerst
2020-09-23 18:45 ` Arnd Bergmann
2020-09-23 19:47 ` Al Viro
2020-09-23 19:52 ` Arnd Bergmann
2020-09-23 21:30 ` David Laight
2020-09-23 6:05 ` [PATCH 6/9] fs: remove the compat readv/writev syscalls Christoph Hellwig
2020-09-23 6:05 ` [PATCH 7/9] fs: remove compat_sys_vmsplice Christoph Hellwig
2020-09-23 6:05 ` [PATCH 8/9] mm: remove compat_process_vm_{readv,writev} Christoph Hellwig
2020-09-23 6:05 ` [PATCH 9/9] security/keys: remove compat_keyctl_instantiate_key_iov Christoph Hellwig
2020-09-25 4:51 ` let import_iovec deal with compat_iovecs as well v4 Christoph Hellwig
2020-09-25 4:51 ` [PATCH 1/9] compat.h: fix a spelling error in <linux/compat.h> Christoph Hellwig
2020-09-25 4:51 ` [PATCH 2/9] iov_iter: move rw_copy_check_uvector() into lib/iov_iter.c Christoph Hellwig
2020-10-21 16:13 ` Buggy commit tracked to: "Re: [PATCH 2/9] iov_iter: move rw_copy_check_uvector() into lib/iov_iter.c" Greg KH
2020-10-21 20:59 ` David Laight
2020-10-21 23:39 ` Al Viro
2020-10-22 8:26 ` Greg KH
2020-10-22 8:35 ` David Hildenbrand
2020-10-22 8:40 ` David Laight
2020-10-22 8:48 ` David Hildenbrand
2020-10-22 9:01 ` Greg KH
2020-10-22 9:06 ` David Laight
2020-10-22 9:19 ` David Hildenbrand
2020-10-22 9:25 ` David Hildenbrand
2020-10-22 9:32 ` David Laight
2020-10-22 9:36 ` David Hildenbrand
2020-10-22 10:48 ` Greg KH
2020-10-22 12:18 ` Greg KH
2020-10-22 12:42 ` David Hildenbrand
2020-10-22 12:57 ` Greg KH
2020-10-22 13:50 ` Greg KH
[not found] ` <CAK8P3a1B7OVdyzW0-97JwzZiwp0D0fnSfyete16QTvPp_1m07A@mail.gmail.com>
2020-10-22 14:40 ` Greg KH
2020-10-22 16:15 ` David Laight
2020-10-23 12:46 ` David Laight
2020-10-23 13:09 ` David Hildenbrand
2020-10-23 14:33 ` David Hildenbrand
2020-10-23 14:39 ` David Laight
2020-10-23 14:47 ` 'Greg KH'
2020-10-23 16:33 ` David Hildenbrand
2020-11-02 9:06 ` David Laight
2020-11-02 13:52 ` 'Greg KH'
2020-11-02 18:23 ` David Laight
2020-10-23 17:58 ` Al Viro
2020-10-23 18:27 ` Segher Boessenkool
2020-10-23 21:28 ` David Laight
2020-10-24 17:29 ` Segher Boessenkool
2020-10-24 21:12 ` David Laight
[not found] ` <CAK8P3a1n+b8hOMhNQSDzgic03dyXbmpccfTJ3C1bGKvzsgMXbg@mail.gmail.com>
2020-10-23 13:28 ` David Laight
2020-10-22 13:23 ` Christoph Hellwig
2020-10-22 16:35 ` David Laight
2020-10-22 16:40 ` Matthew Wilcox
2020-10-22 16:50 ` David Laight
2020-10-22 17:00 ` Nick Desaulniers
2020-10-22 20:59 ` Eric Biggers
2020-10-22 21:28 ` Al Viro
2020-10-22 18:19 ` Al Viro
2020-10-22 17:54 ` Nick Desaulniers
[not found] ` <CAK8P3a3LjG+ZvmQrkb9zpgov8xBkQQWrkHBPgjfYSqBKGrwT4w@mail.gmail.com>
2020-10-22 19:04 ` Nick Desaulniers
2020-10-22 19:24 ` Al Viro
2020-10-22 19:27 ` Al Viro
2020-10-22 20:06 ` Al Viro
2020-10-22 20:09 ` Al Viro
2020-10-22 20:11 ` Nick Desaulniers
2020-10-22 22:07 ` David Laight
2020-10-23 13:12 ` David Hildenbrand
2020-10-22 22:04 ` David Laight
2020-10-22 9:28 ` David Laight
2020-10-22 9:02 ` David Laight
2020-09-25 4:51 ` [PATCH 3/9] iov_iter: refactor rw_copy_check_uvector and import_iovec Christoph Hellwig
2020-09-25 4:51 ` [PATCH 4/9] iov_iter: transparently handle compat iovecs in import_iovec Christoph Hellwig
2020-09-25 4:51 ` [PATCH 5/9] fs: remove various compat readv/writev helpers Christoph Hellwig
2020-09-25 4:51 ` [PATCH 6/9] fs: remove the compat readv/writev syscalls Christoph Hellwig
2020-09-25 4:51 ` [PATCH 7/9] fs: remove compat_sys_vmsplice Christoph Hellwig
2020-09-25 4:51 ` [PATCH 8/9] mm: remove compat_process_vm_{readv,writev} Christoph Hellwig
2020-09-25 4:51 ` [PATCH 9/9] security/keys: remove compat_keyctl_instantiate_key_iov Christoph Hellwig
2020-09-25 15:23 ` let import_iovec deal with compat_iovecs as well v4 Al Viro
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ef67787edb2f48548d69caaaff6997ba@AcuMS.aculab.com \
--to=david.laight@aculab.com \
--cc=akpm@linux-foundation.org \
--cc=arnd@arndb.de \
--cc=axboe@kernel.dk \
--cc=dhowells@redhat.com \
--cc=hch@lst.de \
--cc=io-uring@vger.kernel.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-aio@kvack.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-block@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mips@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-parisc@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=linux-scsi@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=netdev@vger.kernel.org \
--cc=sparclinux@vger.kernel.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).