* [PATCH] lib: test_user_copy: style cleanup
@ 2019-10-05 23:30 Aleksa Sarai
2019-10-06 5:01 ` Nathan Chancellor
2019-10-06 8:41 ` Christian Brauner
0 siblings, 2 replies; 4+ messages in thread
From: Aleksa Sarai @ 2019-10-05 23:30 UTC (permalink / raw)
To: Christian Brauner, Kees Cook
Cc: Aleksa Sarai, Nathan Chancellor, linux-kernel
While writing the tests for copy_struct_from_user(), I used a construct
that Linus doesn't appear to be too fond of:
On 2019-10-04, Linus Torvalds <torvalds@linux-foundation.org> wrote:
> Hmm. That code is ugly, both before and after the fix.
>
> This just doesn't make sense for so many reasons:
>
> if ((ret |= test(umem_src == NULL, "kmalloc failed")))
>
> where the insanity comes from
>
> - why "|=" when you know that "ret" was zero before (and it had to
> be, for the test to make sense)
>
> - why do this as a single line anyway?
>
> - don't do the stupid "double parenthesis" to hide a warning. Make it
> use an actual comparison if you add a layer of parentheses.
So instead, use a bog-standard check that isn't nearly as ugly.
Fixes: 341115822f88 ("usercopy: Add parentheses around assignment in test_copy_struct_from_user")
Fixes: f5a1a536fa14 ("lib: introduce copy_struct_from_user() helper")
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
---
lib/test_user_copy.c | 15 +++++++++------
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/lib/test_user_copy.c b/lib/test_user_copy.c
index e365ace06538..ad2372727b1b 100644
--- a/lib/test_user_copy.c
+++ b/lib/test_user_copy.c
@@ -52,13 +52,14 @@ static int test_check_nonzero_user(char *kmem, char __user *umem, size_t size)
size_t zero_end = size - zero_start;
/*
- * We conduct a series of check_nonzero_user() tests on a block of memory
- * with the following byte-pattern (trying every possible [start,end]
- * pair):
+ * We conduct a series of check_nonzero_user() tests on a block of
+ * memory with the following byte-pattern (trying every possible
+ * [start,end] pair):
*
* [ 00 ff 00 ff ... 00 00 00 00 ... ff 00 ff 00 ]
*
- * And we verify that check_nonzero_user() acts identically to memchr_inv().
+ * And we verify that check_nonzero_user() acts identically to
+ * memchr_inv().
*/
memset(kmem, 0x0, size);
@@ -93,11 +94,13 @@ static int test_copy_struct_from_user(char *kmem, char __user *umem,
size_t ksize, usize;
umem_src = kmalloc(size, GFP_KERNEL);
- if ((ret |= test(umem_src == NULL, "kmalloc failed")))
+ ret = test(umem_src == NULL, "kmalloc failed");
+ if (ret)
goto out_free;
expected = kmalloc(size, GFP_KERNEL);
- if ((ret |= test(expected == NULL, "kmalloc failed")))
+ ret = test(expected == NULL, "kmalloc failed");
+ if (ret)
goto out_free;
/* Fill umem with a fixed byte pattern. */
--
2.23.0
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] lib: test_user_copy: style cleanup
2019-10-05 23:30 [PATCH] lib: test_user_copy: style cleanup Aleksa Sarai
@ 2019-10-06 5:01 ` Nathan Chancellor
2019-10-06 8:41 ` Christian Brauner
1 sibling, 0 replies; 4+ messages in thread
From: Nathan Chancellor @ 2019-10-06 5:01 UTC (permalink / raw)
To: Aleksa Sarai; +Cc: Christian Brauner, Kees Cook, linux-kernel
On Sun, Oct 06, 2019 at 10:30:28AM +1100, Aleksa Sarai wrote:
> While writing the tests for copy_struct_from_user(), I used a construct
> that Linus doesn't appear to be too fond of:
>
> On 2019-10-04, Linus Torvalds <torvalds@linux-foundation.org> wrote:
> > Hmm. That code is ugly, both before and after the fix.
> >
> > This just doesn't make sense for so many reasons:
> >
> > if ((ret |= test(umem_src == NULL, "kmalloc failed")))
> >
> > where the insanity comes from
> >
> > - why "|=" when you know that "ret" was zero before (and it had to
> > be, for the test to make sense)
> >
> > - why do this as a single line anyway?
> >
> > - don't do the stupid "double parenthesis" to hide a warning. Make it
> > use an actual comparison if you add a layer of parentheses.
>
> So instead, use a bog-standard check that isn't nearly as ugly.
>
> Fixes: 341115822f88 ("usercopy: Add parentheses around assignment in test_copy_struct_from_user")
> Fixes: f5a1a536fa14 ("lib: introduce copy_struct_from_user() helper")
> Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
I assume the comment diff is a line length/alignment thing? The commit
message does not mention it.
Regardless, thank you for providing the fix that I should have.
Reviewed-by: Nathan Chancellor <natechancellor@gmail.com>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] lib: test_user_copy: style cleanup
2019-10-05 23:30 [PATCH] lib: test_user_copy: style cleanup Aleksa Sarai
2019-10-06 5:01 ` Nathan Chancellor
@ 2019-10-06 8:41 ` Christian Brauner
2019-10-06 10:47 ` Aleksa Sarai
1 sibling, 1 reply; 4+ messages in thread
From: Christian Brauner @ 2019-10-06 8:41 UTC (permalink / raw)
To: Aleksa Sarai; +Cc: Kees Cook, Nathan Chancellor, linux-kernel
On Sun, Oct 06, 2019 at 10:30:28AM +1100, Aleksa Sarai wrote:
> While writing the tests for copy_struct_from_user(), I used a construct
> that Linus doesn't appear to be too fond of:
>
> On 2019-10-04, Linus Torvalds <torvalds@linux-foundation.org> wrote:
> > Hmm. That code is ugly, both before and after the fix.
> >
> > This just doesn't make sense for so many reasons:
> >
> > if ((ret |= test(umem_src == NULL, "kmalloc failed")))
> >
> > where the insanity comes from
> >
> > - why "|=" when you know that "ret" was zero before (and it had to
> > be, for the test to make sense)
> >
> > - why do this as a single line anyway?
> >
> > - don't do the stupid "double parenthesis" to hide a warning. Make it
> > use an actual comparison if you add a layer of parentheses.
>
> So instead, use a bog-standard check that isn't nearly as ugly.
>
> Fixes: 341115822f88 ("usercopy: Add parentheses around assignment in test_copy_struct_from_user")
> Fixes: f5a1a536fa14 ("lib: introduce copy_struct_from_user() helper")
> Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
Fwiw, I think the commit message doesn't necessarily need to mention
stylistic preferences nor a specific mail. It's sufficient enough to say
that the new way makes things way more obvious. But ok. :)
I'll pick this up now.
Reviewed-by: Christian Brauner <christian.brauner@ubuntu.com>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] lib: test_user_copy: style cleanup
2019-10-06 8:41 ` Christian Brauner
@ 2019-10-06 10:47 ` Aleksa Sarai
0 siblings, 0 replies; 4+ messages in thread
From: Aleksa Sarai @ 2019-10-06 10:47 UTC (permalink / raw)
To: Christian Brauner; +Cc: Kees Cook, Nathan Chancellor, linux-kernel
[-- Attachment #1: Type: text/plain, Size: 1666 bytes --]
On 2019-10-06, Christian Brauner <christian.brauner@ubuntu.com> wrote:
> On Sun, Oct 06, 2019 at 10:30:28AM +1100, Aleksa Sarai wrote:
> > While writing the tests for copy_struct_from_user(), I used a construct
> > that Linus doesn't appear to be too fond of:
> >
> > On 2019-10-04, Linus Torvalds <torvalds@linux-foundation.org> wrote:
> > > Hmm. That code is ugly, both before and after the fix.
> > >
> > > This just doesn't make sense for so many reasons:
> > >
> > > if ((ret |= test(umem_src == NULL, "kmalloc failed")))
> > >
> > > where the insanity comes from
> > >
> > > - why "|=" when you know that "ret" was zero before (and it had to
> > > be, for the test to make sense)
> > >
> > > - why do this as a single line anyway?
> > >
> > > - don't do the stupid "double parenthesis" to hide a warning. Make it
> > > use an actual comparison if you add a layer of parentheses.
> >
> > So instead, use a bog-standard check that isn't nearly as ugly.
> >
> > Fixes: 341115822f88 ("usercopy: Add parentheses around assignment in test_copy_struct_from_user")
> > Fixes: f5a1a536fa14 ("lib: introduce copy_struct_from_user() helper")
> > Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
>
> Fwiw, I think the commit message doesn't necessarily need to mention
> stylistic preferences nor a specific mail. It's sufficient enough to say
> that the new way makes things way more obvious. But ok. :)
>
> I'll pick this up now.
Thanks, and feel free to rewrite the commit message to whatever you'd
prefer.
--
Aleksa Sarai
Senior Software Engineer (Containers)
SUSE Linux GmbH
<https://www.cyphar.com/>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 228 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2019-10-06 10:47 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-10-05 23:30 [PATCH] lib: test_user_copy: style cleanup Aleksa Sarai
2019-10-06 5:01 ` Nathan Chancellor
2019-10-06 8:41 ` Christian Brauner
2019-10-06 10:47 ` Aleksa Sarai
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.