From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=AT+A=7W=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-0.8 required=3.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,
	SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id E8C9FC433E1
	for <linux-mm@archiver.kernel.org>; Tue,  9 Jun 2020 18:01:51 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id 8C51820734
	for <linux-mm@archiver.kernel.org>; Tue,  9 Jun 2020 18:01:51 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (1024-bit key) header.d=linux-foundation.org header.i=@linux-foundation.org header.b="eT15FlEM"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 8C51820734
Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux-foundation.org
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id EA2076B0003; Tue,  9 Jun 2020 14:01:50 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id E52346B0005; Tue,  9 Jun 2020 14:01:50 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id D69516B0006; Tue,  9 Jun 2020 14:01:50 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0154.hostedemail.com [216.40.44.154])
	by kanga.kvack.org (Postfix) with ESMTP id BE2B86B0003
	for <linux-mm@kvack.org>; Tue,  9 Jun 2020 14:01:50 -0400 (EDT)
Received: from smtpin27.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay01.hostedemail.com (Postfix) with ESMTP id 809C2180C8E8C
	for <linux-mm@kvack.org>; Tue,  9 Jun 2020 18:01:50 +0000 (UTC)
X-FDA: 76910441580.27.tramp96_2b0fc9b26dc4
Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251])
	by smtpin27.hostedemail.com (Postfix) with ESMTP id E056A497D80
	for <linux-mm@kvack.org>; Tue,  9 Jun 2020 18:01:47 +0000 (UTC)
X-HE-Tag: tramp96_2b0fc9b26dc4
X-Filterd-Recvd-Size: 5009
Received: from mail-lf1-f68.google.com (mail-lf1-f68.google.com [209.85.167.68])
	by imf45.hostedemail.com (Postfix) with ESMTP
	for <linux-mm@kvack.org>; Tue,  9 Jun 2020 18:01:47 +0000 (UTC)
Received: by mail-lf1-f68.google.com with SMTP id c21so13028433lfb.3
        for <linux-mm@kvack.org>; Tue, 09 Jun 2020 11:01:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linux-foundation.org; s=google;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=554L9J+J8d5vWPSNDI/j0s3ZiUo45+CbsKtyrpHE9eQ=;
        b=eT15FlEMpS3khIgKo4ldntmBW5oiQN4PL4gOAvA65k/2S0OnFj6ohsxVFFc0j0gxWZ
         U8nUXEmIHb22hZUXR+41FKZqT9MKtYET7hJDUkHqmm4raawZqFTjgKK1w8E6FCEvj1PL
         dirNoEzAkQhKBXhp7p77kaFq/4LYd/Z0VUsxA=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=554L9J+J8d5vWPSNDI/j0s3ZiUo45+CbsKtyrpHE9eQ=;
        b=SlGC+viigiCwHvPnN+IjtDd+UEYkFhTZk3BKPZI22Gd6zhwu6vDcJdg3J6FE0yJqYc
         KbmSM7oMubDHoTeHVT2AozTYomcj25xrRcZIF49oiVQbuUeZkQ2oCMkcX5m8UUjF/wtW
         5lhv9qxLRoLRLXY48cIr0TB+2YXAN4ta2so4H59zd1pU+w64vJnpWVFyFuho+5jzLJJk
         zgOpbJtlTS1ga6nsFHI1TYJz3nhxgQfVY02TpjU+ssv9/xnd9g6FgEvl0iGGZk99mK8t
         mRPWDb0YJ4cgPir3PFoeM3fWOe/47b7585jxQRwxdlF0YLRDqiR4y2G4JoE5WbsnCvDR
         tKKw==
X-Gm-Message-State: AOAM531uBRJsYyovDC6f89QllrJba9mNdKOiyA7spsyMwQnWJIHDZxhf
	P2Bv3Bd/pNPSdvsrQAypPYWU5JROsEM=
X-Google-Smtp-Source: ABdhPJxR5Df/0urZO16NmdtFFkrhXGd6qa3ZY/xIs5CO2vUzBmFB9wmXaFTzUSYefrnn/lstq19yDA==
X-Received: by 2002:a19:c187:: with SMTP id r129mr16224086lff.35.1591725704450;
        Tue, 09 Jun 2020 11:01:44 -0700 (PDT)
Received: from mail-lj1-f169.google.com (mail-lj1-f169.google.com. [209.85.208.169])
        by smtp.gmail.com with ESMTPSA id k7sm5202194lfd.53.2020.06.09.11.01.43
        for <linux-mm@kvack.org>
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Tue, 09 Jun 2020 11:01:43 -0700 (PDT)
Received: by mail-lj1-f169.google.com with SMTP id s1so26242569ljo.0
        for <linux-mm@kvack.org>; Tue, 09 Jun 2020 11:01:43 -0700 (PDT)
X-Received: by 2002:a2e:97c3:: with SMTP id m3mr14782945ljj.312.1591725703056;
 Tue, 09 Jun 2020 11:01:43 -0700 (PDT)
MIME-Version: 1.0
References: <20200608212922.5b7fa74ca3f4e2444441b7f9@linux-foundation.org> <20200609043501.zcGYY277G%akpm@linux-foundation.org>
In-Reply-To: <20200609043501.zcGYY277G%akpm@linux-foundation.org>
From: Linus Torvalds <torvalds@linux-foundation.org>
Date: Tue, 9 Jun 2020 11:01:26 -0700
X-Gmail-Original-Message-ID: <CAHk-=wi=D+Fh2APC5bs-iEbnhoD7_oftH9+dz+odTkQ_Gfux2A@mail.gmail.com>
Message-ID: <CAHk-=wi=D+Fh2APC5bs-iEbnhoD7_oftH9+dz+odTkQ_Gfux2A@mail.gmail.com>
Subject: Re: [patch 91/93] x86: use non-set_fs based maccess routines
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Alexei Starovoitov <ast@kernel.org>, Daniel Borkmann <daniel@iogearbox.net>, Christoph Hellwig <hch@lst.de>, 
	Peter Anvin <hpa@zytor.com>, Linux-MM <linux-mm@kvack.org>, 
	Masami Hiramatsu <mhiramat@kernel.org>, Ingo Molnar <mingo@elte.hu>, mm-commits@vger.kernel.org, 
	Thomas Gleixner <tglx@linutronix.de>
Content-Type: text/plain; charset="UTF-8"
X-Rspamd-Queue-Id: E056A497D80
X-Spamd-Result: default: False [0.00 / 100.00]
X-Rspamd-Server: rspam04
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Mon, Jun 8, 2020 at 9:35 PM Andrew Morton <akpm@linux-foundation.org> wrote:
>
> From: Christoph Hellwig <hch@lst.de>
> Subject: x86: use non-set_fs based maccess routines

Ugh. I've seen this patch before, but only after I had applied it and
then pushed out the result did I notice that it has some nasty
behavior:

> +       __get_user_size(*((type *)dst), (__force type __user *)src,     \

Those casts of 'dst' and 'src' don't have the parentheses to make it
safe with random arguments. No such use exists right now, but these
aren't just some internal helper, they are used by code in
mm/maccess.c, and the arguments easily _could_ be something like
"ptr+offset", and then the pointer cast would do potentially very very
bad things.

I'm fixing it up, this is just a notice.

That's the trivial problem with that new macro, a more serious problem
is that I really think it should use

        __inttype(*(src)) __gk_val;
        __get_user_size(__gu_val, (__force type __user *)(src), ..
        (dst) = (__force __typeof__(*(src)))__gk_val;

instead.

Because right now it does something horribly horribly wrong if the
type of 'src' is at all different from the type of dst, or either of
them is different from 'type'

But the fix to that is to remove the 'type' argument and the users, so
I'm not doing that part.

Christoph? I'm not seeing why you insisted on making
__get_kernel_nofault different from unsafe_get_user().

Because as far as I can tell, every single difference is basically a
bug waiting to happen.

                   Linus