All of lore.kernel.org
 help / color / mirror / Atom feed
From: Aleksa Sarai <cyphar@cyphar.com>
To: Ingo Molnar <mingo@redhat.com>,
	Peter Zijlstra <peterz@infradead.org>,
	Alexander Shishkin <alexander.shishkin@linux.intel.com>,
	Jiri Olsa <jolsa@redhat.com>, Namhyung Kim <namhyung@kernel.org>,
	Christian Brauner <christian@brauner.io>
Cc: Aleksa Sarai <cyphar@cyphar.com>,
	Rasmus Villemoes <linux@rasmusvillemoes.dk>,
	Al Viro <viro@zeniv.linux.org.uk>,
	Linus Torvalds <torvalds@linux-foundation.org>,
	libc-alpha@sourceware.org, linux-api@vger.kernel.org,
	linux-kernel@vger.kernel.org
Subject: [PATCH v1 0/4] lib: introduce copy_struct_from_user() helper
Date: Wed, 25 Sep 2019 18:59:11 +0200	[thread overview]
Message-ID: <20190925165915.8135-1-cyphar@cyphar.com> (raw)

This series was split off from the openat2(2) syscall discussion[1].
However, the copy_struct_to_user() helper has been dropped, because
after some discussion it appears that there is no really obvious
semantics for how copy_struct_to_user() should work on mixed-vintages
(for instance, whether [2] is the correct semantics for all syscalls).

A common pattern for syscall extensions is increasing the size of a
struct passed from userspace, such that the zero-value of the new fields
result in the old kernel behaviour (allowing for a mix of userspace and
kernel vintages to operate on one another in most cases).

Previously there was no common lib/ function that implemented
the necessary extension-checking semantics (and different syscalls
implemented them slightly differently or incompletely[3]). This series
implements the helper and ports several syscalls to use it.

[1]: https://lore.kernel.org/lkml/20190904201933.10736-1-cyphar@cyphar.com/

[2]: commit 1251201c0d34 ("sched/core: Fix uclamp ABI bug, clean up and
     robustify sched_read_attr() ABI logic and code")

[3]: For instance {sched_setattr,perf_event_open,clone3}(2) all do do
     similar checks to copy_struct_from_user() while rt_sigprocmask(2)
     always rejects differently-sized struct arguments.

Aleksa Sarai (4):
  lib: introduce copy_struct_from_user() helper
  clone3: switch to copy_struct_from_user()
  sched_setattr: switch to copy_struct_from_user()
  perf_event_open: switch to copy_struct_from_user()

 include/linux/uaccess.h    |  4 +++
 include/uapi/linux/sched.h |  2 ++
 kernel/events/core.c       | 47 +++++-------------------
 kernel/fork.c              | 34 ++++--------------
 kernel/sched/core.c        | 43 ++++------------------
 lib/Makefile               |  2 +-
 lib/strnlen_user.c         | 52 +++++++++++++++++++++++++++
 lib/struct_user.c          | 73 ++++++++++++++++++++++++++++++++++++++
 8 files changed, 155 insertions(+), 102 deletions(-)
 create mode 100644 lib/struct_user.c

-- 
2.23.0


             reply	other threads:[~2019-09-25 17:00 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-09-25 16:59 Aleksa Sarai [this message]
2019-09-25 16:59 ` [PATCH v1 1/4] lib: introduce copy_struct_from_user() helper Aleksa Sarai
2019-09-25 17:10   ` Linus Torvalds
2019-09-25 17:20     ` Aleksa Sarai
2019-09-25 17:48       ` Linus Torvalds
2019-09-25 18:04         ` Al Viro
2019-09-25 18:13           ` Linus Torvalds
2019-09-25 19:43             ` Al Viro
2019-09-25 20:23               ` Linus Torvalds
2019-09-25 17:18   ` Christian Brauner
2019-09-25 17:20     ` Christian Brauner
2019-09-25 19:16   ` kbuild test robot
2019-09-25 19:16     ` kbuild test robot
2019-09-25 20:47   ` kbuild test robot
2019-09-25 20:47     ` kbuild test robot
2019-09-25 16:59 ` [PATCH v1 2/4] clone3: switch to copy_struct_from_user() Aleksa Sarai
2019-09-25 17:22   ` Christian Brauner
2019-09-25 18:59   ` kbuild test robot
2019-09-25 18:59     ` kbuild test robot
2019-09-25 19:08   ` kbuild test robot
2019-09-25 19:08     ` kbuild test robot
2019-09-25 16:59 ` [PATCH v1 3/4] sched_setattr: " Aleksa Sarai
2019-09-25 16:59 ` [PATCH v1 4/4] perf_event_open: " Aleksa Sarai
2019-09-25 17:09 ` [PATCH v1 0/4] lib: introduce copy_struct_from_user() helper Christian Brauner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190925165915.8135-1-cyphar@cyphar.com \
    --to=cyphar@cyphar.com \
    --cc=alexander.shishkin@linux.intel.com \
    --cc=christian@brauner.io \
    --cc=jolsa@redhat.com \
    --cc=libc-alpha@sourceware.org \
    --cc=linux-api@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux@rasmusvillemoes.dk \
    --cc=mingo@redhat.com \
    --cc=namhyung@kernel.org \
    --cc=peterz@infradead.org \
    --cc=torvalds@linux-foundation.org \
    --cc=viro@zeniv.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.