From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.3 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3031AC433E0 for ; Tue, 19 May 2020 16:41:50 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 0D3E6207FB for ; Tue, 19 May 2020 16:41:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729185AbgESQlt (ORCPT ); Tue, 19 May 2020 12:41:49 -0400 Received: from verein.lst.de ([213.95.11.211]:44884 "EHLO verein.lst.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728689AbgESQlt (ORCPT ); Tue, 19 May 2020 12:41:49 -0400 Received: by verein.lst.de (Postfix, from userid 2407) id 8FD3068B02; Tue, 19 May 2020 18:41:46 +0200 (CEST) Date: Tue, 19 May 2020 18:41:46 +0200 From: Christoph Hellwig To: Linus Torvalds Cc: Christoph Hellwig , the arch/x86 maintainers , Alexei Starovoitov , Daniel Borkmann , Masami Hiramatsu , Andrew Morton , linux-parisc@vger.kernel.org, linux-um , Netdev , bpf@vger.kernel.org, Linux-MM , Linux Kernel Mailing List Subject: Re: [PATCH 12/20] maccess: remove strncpy_from_unsafe Message-ID: <20200519164146.GA28313@lst.de> References: <20200519134449.1466624-1-hch@lst.de> <20200519134449.1466624-13-hch@lst.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.17 (2007-11-01) Sender: linux-parisc-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-parisc@vger.kernel.org On Tue, May 19, 2020 at 09:25:57AM -0700, Linus Torvalds wrote: > On Tue, May 19, 2020 at 6:45 AM Christoph Hellwig wrote: > > > > + if (IS_ENABLED(CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE) && > > + compat && (unsigned long)unsafe_ptr < TASK_SIZE) > > + ret = strncpy_from_user_nofault(dst, user_ptr, size); > > + else > > + ret = strncpy_from_kernel_nofault(dst, unsafe_ptr, size); > > These conditionals are completely illegible. I had a lot of folks complaining about things like: #ifdef CONFIG_FOO if (foo) do_stuff(); else #endif do_something_else(); which I personally don't mind at all, so I switched to this style. > static long bpf_strncpy_from_legacy(void *dest, const void > *unsafe_ptr, long size, bool legacy) > { > #ifdef CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE > if (legacy && addr < TASK_SIZE) > return strncpy_from_user_nofault(dst, (const void __user > *) unsafe_ptr, size); > #endif > > return strncpy_from_kernel_nofault(dst, unsafe_ptr, size); > } > > and then you'd just use > > if (bpf_strncpy_from_unsafe(dst, unsafe_ptr, size, compat) < 0) > memset(dst, 0, size); > > and avoid any complicated conditionals, goto's, and make the code much > easier to understand thanks to having a big comment about the legacy > case. Sure. > In fact, separately I'd probably want that "compat" naming to be > scrapped entirely in that file. Not my choice.. Maybe Daniel has a recommendation of what to change there, but I'd love to not have to deal with that renaming as well in this series.