From: David Laight <David.Laight@ACULAB.COM>
To: 'Christoph Hellwig' <hch@lst.de>, Andy Lutomirski <luto@kernel.org>
Cc: Jens Axboe <axboe@kernel.dk>,
linux-arch <linux-arch@vger.kernel.org>,
Linux API <linux-api@vger.kernel.org>,
LKML <linux-kernel@vger.kernel.org>,
"io-uring@vger.kernel.org" <io-uring@vger.kernel.org>
Subject: RE: io_uring vs in_compat_syscall()
Date: Wed, 22 Jul 2020 08:39:06 +0000 [thread overview]
Message-ID: <8fefa815a3924fb3b893371c988781ad@AcuMS.aculab.com> (raw)
In-Reply-To: <20200722063050.GA24968@lst.de>
From: Christoph Hellwig
> Sent: 22 July 2020 07:31
...
> > I agree that MSG_CMSG_COMPAT is nasty, but I think the concept is
> > sound -- rather than tracking whether we're compat by using a
> > different function or a per-thread variable, actually explicitly
> > tracking the mode seems sensible.
>
> I very strongly disagree. Two recent projects I did was to remove
> the compat_exec mess, and the compat get/setsockopt mess, and each
> time it removed hundreds of lines of code duplicating native
> functionality, often in slightly broken ways. We need a generic
> out of band way to transfer the information down and just check in
> in a few strategic places, and in_compat_syscall() does the right
> thing for that.
Hmmm... set_fs(KERNEL_DS) is a per-thread variable that indicates
that the current system call is being done by the kernel.
So you are pulling two different bits of code in opposite directions.
It has to be safer to track the flag through with the request.
Then once any conversion has been done the flag can be corrected.
Imagine something like a bpf hook on a compat syscall.
Having read the user buffer into kernel space it may decide
to reformat it to the native layout to process it.
After which the code has a native format buffer even though
in_compat_syscall() returns true.
To the native/compat flag is actually a property of the buffer
much the same as whether it is user/kernel.
The other property of the buffer is whether embedded addresses
are user or kernel.
If the buffer has been read from userspace then they are user.
If the request originated in the kernel they are kernel.
This difference may matter in the future.
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
prev parent reply other threads:[~2020-07-22 8:39 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-20 6:10 io_uring vs in_compat_syscall() Christoph Hellwig
2020-07-20 16:36 ` Jens Axboe
2020-07-20 16:58 ` Andy Lutomirski
2020-07-20 17:02 ` Jens Axboe
2020-07-20 17:28 ` Andy Lutomirski
2020-07-21 7:07 ` Christoph Hellwig
2020-07-21 14:31 ` Andy Lutomirski
2020-07-21 14:34 ` Christoph Hellwig
2020-07-21 17:25 ` Andy Lutomirski
2020-07-22 6:30 ` Christoph Hellwig
2020-07-22 8:39 ` David Laight [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8fefa815a3924fb3b893371c988781ad@AcuMS.aculab.com \
--to=david.laight@aculab.com \
--cc=axboe@kernel.dk \
--cc=hch@lst.de \
--cc=io-uring@vger.kernel.org \
--cc=linux-api@vger.kernel.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).