From: Stefano Garzarella <sgarzare@redhat.com> To: kernel test robot <lkp@intel.com> Cc: Jens Axboe <axboe@kernel.dk>, kbuild-all@lists.01.org, Christian Brauner <christian.brauner@ubuntu.com>, Jann Horn <jannh@google.com>, Jeff Moyer <jmoyer@redhat.com>, linux-fsdevel@vger.kernel.org, Sargun Dhillon <sargun@sargun.me>, Kees Cook <keescook@chromium.org>, Alexander Viro <viro@zeniv.linux.org.uk>, Kernel Hardening <kernel-hardening@lists.openwall.com>, Stefan Hajnoczi <stefanha@redhat.com> Subject: Re: [PATCH v4 2/3] io_uring: add IOURING_REGISTER_RESTRICTIONS opcode Date: Mon, 17 Aug 2020 12:41:34 +0200 [thread overview] Message-ID: <20200817104134.fgmrppzchno2hcci@steredhat> (raw) In-Reply-To: <202008140142.UYrgnsNY%lkp@intel.com> On Fri, Aug 14, 2020 at 01:42:15AM +0800, kernel test robot wrote: > Hi Stefano, > > I love your patch! Perhaps something to improve: > > [auto build test WARNING on linus/master] > [also build test WARNING on v5.8 next-20200813] > [If your patch is applied to the wrong git tree, kindly drop us a note. > And when submitting patch, we suggest to use '--base' as documented in > https://git-scm.com/docs/git-format-patch] > > url: https://github.com/0day-ci/linux/commits/Stefano-Garzarella/io_uring-add-restrictions-to-support-untrusted-applications-and-guests/20200813-233653 > base: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git dc06fe51d26efc100ac74121607c01a454867c91 > config: s390-randconfig-c003-20200813 (attached as .config) > compiler: s390-linux-gcc (GCC) 9.3.0 > > If you fix the issue, kindly add following tag as appropriate > Reported-by: kernel test robot <lkp@intel.com> > > > coccinelle warnings: (new ones prefixed by >>) > > >> fs/io_uring.c:8516:7-14: WARNING opportunity for memdup_user Yeah, I think make sense. I'll use memdup_user() in the next version. > > vim +8516 fs/io_uring.c > > 8497 > 8498 static int io_register_restrictions(struct io_ring_ctx *ctx, void __user *arg, > 8499 unsigned int nr_args) > 8500 { > 8501 struct io_uring_restriction *res; > 8502 size_t size; > 8503 int i, ret; > 8504 > 8505 /* We allow only a single restrictions registration */ > 8506 if (ctx->restricted) > 8507 return -EBUSY; > 8508 > 8509 if (!arg || nr_args > IORING_MAX_RESTRICTIONS) > 8510 return -EINVAL; > 8511 > 8512 size = array_size(nr_args, sizeof(*res)); > 8513 if (size == SIZE_MAX) > 8514 return -EOVERFLOW; > 8515 > > 8516 res = kmalloc(size, GFP_KERNEL); > 8517 if (!res) > 8518 return -ENOMEM; > 8519 > 8520 if (copy_from_user(res, arg, size)) { > 8521 ret = -EFAULT; > 8522 goto out; > 8523 } > 8524 > 8525 for (i = 0; i < nr_args; i++) { > 8526 switch (res[i].opcode) { > 8527 case IORING_RESTRICTION_REGISTER_OP: > 8528 if (res[i].register_op >= IORING_REGISTER_LAST) { > 8529 ret = -EINVAL; > 8530 goto out; > 8531 } > 8532 > 8533 __set_bit(res[i].register_op, > 8534 ctx->restrictions.register_op); > 8535 break; > 8536 case IORING_RESTRICTION_SQE_OP: > 8537 if (res[i].sqe_op >= IORING_OP_LAST) { > 8538 ret = -EINVAL; > 8539 goto out; > 8540 } > 8541 > 8542 __set_bit(res[i].sqe_op, ctx->restrictions.sqe_op); > 8543 break; > 8544 case IORING_RESTRICTION_SQE_FLAGS_ALLOWED: > 8545 ctx->restrictions.sqe_flags_allowed = res[i].sqe_flags; > 8546 break; > 8547 case IORING_RESTRICTION_SQE_FLAGS_REQUIRED: > 8548 ctx->restrictions.sqe_flags_required = res[i].sqe_flags; > 8549 break; > 8550 default: > 8551 ret = -EINVAL; > 8552 goto out; > 8553 } > 8554 } > 8555 > 8556 ctx->restricted = 1; > 8557 > 8558 ret = 0; > 8559 out: > 8560 /* Reset all restrictions if an error happened */ > 8561 if (ret != 0) > 8562 memset(&ctx->restrictions, 0, sizeof(ctx->restrictions)); > 8563 > 8564 kfree(res); > 8565 return ret; > 8566 } > 8567 > > --- > 0-DAY CI Kernel Test Service, Intel Corporation > https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
WARNING: multiple messages have this Message-ID (diff)
From: Stefano Garzarella <sgarzare@redhat.com> To: kbuild-all@lists.01.org Subject: Re: [PATCH v4 2/3] io_uring: add IOURING_REGISTER_RESTRICTIONS opcode Date: Mon, 17 Aug 2020 12:41:34 +0200 [thread overview] Message-ID: <20200817104134.fgmrppzchno2hcci@steredhat> (raw) In-Reply-To: <202008140142.UYrgnsNY%lkp@intel.com> [-- Attachment #1: Type: text/plain, Size: 3507 bytes --] On Fri, Aug 14, 2020 at 01:42:15AM +0800, kernel test robot wrote: > Hi Stefano, > > I love your patch! Perhaps something to improve: > > [auto build test WARNING on linus/master] > [also build test WARNING on v5.8 next-20200813] > [If your patch is applied to the wrong git tree, kindly drop us a note. > And when submitting patch, we suggest to use '--base' as documented in > https://git-scm.com/docs/git-format-patch] > > url: https://github.com/0day-ci/linux/commits/Stefano-Garzarella/io_uring-add-restrictions-to-support-untrusted-applications-and-guests/20200813-233653 > base: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git dc06fe51d26efc100ac74121607c01a454867c91 > config: s390-randconfig-c003-20200813 (attached as .config) > compiler: s390-linux-gcc (GCC) 9.3.0 > > If you fix the issue, kindly add following tag as appropriate > Reported-by: kernel test robot <lkp@intel.com> > > > coccinelle warnings: (new ones prefixed by >>) > > >> fs/io_uring.c:8516:7-14: WARNING opportunity for memdup_user Yeah, I think make sense. I'll use memdup_user() in the next version. > > vim +8516 fs/io_uring.c > > 8497 > 8498 static int io_register_restrictions(struct io_ring_ctx *ctx, void __user *arg, > 8499 unsigned int nr_args) > 8500 { > 8501 struct io_uring_restriction *res; > 8502 size_t size; > 8503 int i, ret; > 8504 > 8505 /* We allow only a single restrictions registration */ > 8506 if (ctx->restricted) > 8507 return -EBUSY; > 8508 > 8509 if (!arg || nr_args > IORING_MAX_RESTRICTIONS) > 8510 return -EINVAL; > 8511 > 8512 size = array_size(nr_args, sizeof(*res)); > 8513 if (size == SIZE_MAX) > 8514 return -EOVERFLOW; > 8515 > > 8516 res = kmalloc(size, GFP_KERNEL); > 8517 if (!res) > 8518 return -ENOMEM; > 8519 > 8520 if (copy_from_user(res, arg, size)) { > 8521 ret = -EFAULT; > 8522 goto out; > 8523 } > 8524 > 8525 for (i = 0; i < nr_args; i++) { > 8526 switch (res[i].opcode) { > 8527 case IORING_RESTRICTION_REGISTER_OP: > 8528 if (res[i].register_op >= IORING_REGISTER_LAST) { > 8529 ret = -EINVAL; > 8530 goto out; > 8531 } > 8532 > 8533 __set_bit(res[i].register_op, > 8534 ctx->restrictions.register_op); > 8535 break; > 8536 case IORING_RESTRICTION_SQE_OP: > 8537 if (res[i].sqe_op >= IORING_OP_LAST) { > 8538 ret = -EINVAL; > 8539 goto out; > 8540 } > 8541 > 8542 __set_bit(res[i].sqe_op, ctx->restrictions.sqe_op); > 8543 break; > 8544 case IORING_RESTRICTION_SQE_FLAGS_ALLOWED: > 8545 ctx->restrictions.sqe_flags_allowed = res[i].sqe_flags; > 8546 break; > 8547 case IORING_RESTRICTION_SQE_FLAGS_REQUIRED: > 8548 ctx->restrictions.sqe_flags_required = res[i].sqe_flags; > 8549 break; > 8550 default: > 8551 ret = -EINVAL; > 8552 goto out; > 8553 } > 8554 } > 8555 > 8556 ctx->restricted = 1; > 8557 > 8558 ret = 0; > 8559 out: > 8560 /* Reset all restrictions if an error happened */ > 8561 if (ret != 0) > 8562 memset(&ctx->restrictions, 0, sizeof(ctx->restrictions)); > 8563 > 8564 kfree(res); > 8565 return ret; > 8566 } > 8567 > > --- > 0-DAY CI Kernel Test Service, Intel Corporation > https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
next prev parent reply other threads:[~2020-08-17 10:42 UTC|newest] Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top 2020-08-13 15:32 [PATCH v4 0/3] io_uring: add restrictions to support untrusted applications and guests Stefano Garzarella 2020-08-13 15:32 ` [PATCH v4 1/3] io_uring: use an enumeration for io_uring_register(2) opcodes Stefano Garzarella 2020-08-26 19:40 ` Kees Cook 2020-08-26 19:43 ` Kees Cook 2020-08-26 19:52 ` Andreas Dilger 2020-08-27 7:11 ` Stefano Garzarella 2020-08-13 15:32 ` [PATCH v4 2/3] io_uring: add IOURING_REGISTER_RESTRICTIONS opcode Stefano Garzarella 2020-08-13 17:42 ` kernel test robot 2020-08-13 17:42 ` kernel test robot 2020-08-17 10:41 ` Stefano Garzarella [this message] 2020-08-17 10:41 ` Stefano Garzarella 2020-08-26 19:46 ` Kees Cook 2020-08-27 7:12 ` Stefano Garzarella 2020-08-13 15:32 ` [PATCH v4 3/3] io_uring: allow disabling rings during the creation Stefano Garzarella 2020-08-26 19:50 ` Kees Cook 2020-08-27 7:18 ` Stefano Garzarella 2020-08-27 15:04 ` Kees Cook 2020-08-25 15:20 ` [PATCH v4 0/3] io_uring: add restrictions to support untrusted applications and guests Stefano Garzarella 2020-08-26 16:47 ` Jens Axboe 2020-08-26 19:40 ` Kees Cook 2020-08-27 7:24 ` Stefano Garzarella
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20200817104134.fgmrppzchno2hcci@steredhat \ --to=sgarzare@redhat.com \ --cc=axboe@kernel.dk \ --cc=christian.brauner@ubuntu.com \ --cc=jannh@google.com \ --cc=jmoyer@redhat.com \ --cc=kbuild-all@lists.01.org \ --cc=keescook@chromium.org \ --cc=kernel-hardening@lists.openwall.com \ --cc=linux-fsdevel@vger.kernel.org \ --cc=lkp@intel.com \ --cc=sargun@sargun.me \ --cc=stefanha@redhat.com \ --cc=viro@zeniv.linux.org.uk \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.