Linux-Security-Module Archive on lore.kernel.org
 help / color / Atom feed
* clean up kernel_{read,write} & friends v2
@ 2020-05-28  5:40 Christoph Hellwig
  2020-05-28  5:40 ` [PATCH 01/14] cachefiles: switch to kernel_write Christoph Hellwig
                   ` (15 more replies)
  0 siblings, 16 replies; 47+ messages in thread
From: Christoph Hellwig @ 2020-05-28  5:40 UTC (permalink / raw)
  To: Al Viro
  Cc: Linus Torvalds, Ian Kent, David Howells, linux-kernel,
	linux-fsdevel, linux-security-module, netfilter-devel

Hi Al,

this series fixes a few issues and cleans up the helpers that read from
or write to kernel space buffers, and ensures that we don't change the
address limit if we are using the ->read_iter and ->write_iter methods
that don't need the changed address limit.

Changes since v2:
 - picked up a few ACKs

Changes since v1:
 - __kernel_write must not take sb_writers
 - unexport __kernel_write

^ permalink raw reply	[flat|nested] 47+ messages in thread

* [PATCH 01/14] cachefiles: switch to kernel_write
  2020-05-28  5:40 clean up kernel_{read,write} & friends v2 Christoph Hellwig
@ 2020-05-28  5:40 ` Christoph Hellwig
  2020-05-28  5:40 ` [PATCH 02/14] autofs: " Christoph Hellwig
                   ` (14 subsequent siblings)
  15 siblings, 0 replies; 47+ messages in thread
From: Christoph Hellwig @ 2020-05-28  5:40 UTC (permalink / raw)
  To: Al Viro
  Cc: Linus Torvalds, Ian Kent, David Howells, linux-kernel,
	linux-fsdevel, linux-security-module, netfilter-devel

__kernel_write doesn't take a sb_writers references, which we need here.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: David Howells <dhowells@redhat.com>
---
 fs/cachefiles/rdwr.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/cachefiles/rdwr.c b/fs/cachefiles/rdwr.c
index e7726f5f1241c..3080cda9e8245 100644
--- a/fs/cachefiles/rdwr.c
+++ b/fs/cachefiles/rdwr.c
@@ -937,7 +937,7 @@ int cachefiles_write_page(struct fscache_storage *op, struct page *page)
 	}
 
 	data = kmap(page);
-	ret = __kernel_write(file, data, len, &pos);
+	ret = kernel_write(file, data, len, &pos);
 	kunmap(page);
 	fput(file);
 	if (ret != len)
-- 
2.26.2


^ permalink raw reply	[flat|nested] 47+ messages in thread

* [PATCH 02/14] autofs: switch to kernel_write
  2020-05-28  5:40 clean up kernel_{read,write} & friends v2 Christoph Hellwig
  2020-05-28  5:40 ` [PATCH 01/14] cachefiles: switch to kernel_write Christoph Hellwig
@ 2020-05-28  5:40 ` Christoph Hellwig
  2020-05-28  5:40 ` [PATCH 03/14] bpfilter: " Christoph Hellwig
                   ` (13 subsequent siblings)
  15 siblings, 0 replies; 47+ messages in thread
From: Christoph Hellwig @ 2020-05-28  5:40 UTC (permalink / raw)
  To: Al Viro
  Cc: Linus Torvalds, Ian Kent, David Howells, linux-kernel,
	linux-fsdevel, linux-security-module, netfilter-devel

While pipes don't really need sb_writers projection, __kernel_write is an
interface better kept private, and the additional rw_verify_area does not
hurt here.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Acked-by: Ian Kent <raven@themaw.net>
---
 fs/autofs/waitq.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/autofs/waitq.c b/fs/autofs/waitq.c
index b04c528b19d34..74c886f7c51cb 100644
--- a/fs/autofs/waitq.c
+++ b/fs/autofs/waitq.c
@@ -53,7 +53,7 @@ static int autofs_write(struct autofs_sb_info *sbi,
 
 	mutex_lock(&sbi->pipe_mutex);
 	while (bytes) {
-		wr = __kernel_write(file, data, bytes, &file->f_pos);
+		wr = kernel_write(file, data, bytes, &file->f_pos);
 		if (wr <= 0)
 			break;
 		data += wr;
-- 
2.26.2


^ permalink raw reply	[flat|nested] 47+ messages in thread

* [PATCH 03/14] bpfilter: switch to kernel_write
  2020-05-28  5:40 clean up kernel_{read,write} & friends v2 Christoph Hellwig
  2020-05-28  5:40 ` [PATCH 01/14] cachefiles: switch to kernel_write Christoph Hellwig
  2020-05-28  5:40 ` [PATCH 02/14] autofs: " Christoph Hellwig
@ 2020-05-28  5:40 ` Christoph Hellwig
  2020-05-28  5:40 ` [PATCH 04/14] fs: unexport __kernel_write Christoph Hellwig
                   ` (12 subsequent siblings)
  15 siblings, 0 replies; 47+ messages in thread
From: Christoph Hellwig @ 2020-05-28  5:40 UTC (permalink / raw)
  To: Al Viro
  Cc: Linus Torvalds, Ian Kent, David Howells, linux-kernel,
	linux-fsdevel, linux-security-module, netfilter-devel

While pipes don't really need sb_writers projection, __kernel_write is an
interface better kept private, and the additional rw_verify_area does not
hurt here.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 net/bpfilter/bpfilter_kern.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/bpfilter/bpfilter_kern.c b/net/bpfilter/bpfilter_kern.c
index c0f0990f30b60..1905e01c3aa9a 100644
--- a/net/bpfilter/bpfilter_kern.c
+++ b/net/bpfilter/bpfilter_kern.c
@@ -50,7 +50,7 @@ static int __bpfilter_process_sockopt(struct sock *sk, int optname,
 	req.len = optlen;
 	if (!bpfilter_ops.info.pid)
 		goto out;
-	n = __kernel_write(bpfilter_ops.info.pipe_to_umh, &req, sizeof(req),
+	n = kernel_write(bpfilter_ops.info.pipe_to_umh, &req, sizeof(req),
 			   &pos);
 	if (n != sizeof(req)) {
 		pr_err("write fail %zd\n", n);
-- 
2.26.2


^ permalink raw reply	[flat|nested] 47+ messages in thread

* [PATCH 04/14] fs: unexport __kernel_write
  2020-05-28  5:40 clean up kernel_{read,write} & friends v2 Christoph Hellwig
                   ` (2 preceding siblings ...)
  2020-05-28  5:40 ` [PATCH 03/14] bpfilter: " Christoph Hellwig
@ 2020-05-28  5:40 ` Christoph Hellwig
  2020-05-28  5:40 ` [PATCH 05/14] fs: check FMODE_WRITE in __kernel_write Christoph Hellwig
                   ` (11 subsequent siblings)
  15 siblings, 0 replies; 47+ messages in thread
From: Christoph Hellwig @ 2020-05-28  5:40 UTC (permalink / raw)
  To: Al Viro
  Cc: Linus Torvalds, Ian Kent, David Howells, linux-kernel,
	linux-fsdevel, linux-security-module, netfilter-devel

This is a very special interface that skips sb_writes protection, and not
used by modules anymore.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 fs/read_write.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/fs/read_write.c b/fs/read_write.c
index bbfa9b12b15eb..2c601d853ff3d 100644
--- a/fs/read_write.c
+++ b/fs/read_write.c
@@ -522,7 +522,6 @@ ssize_t __kernel_write(struct file *file, const void *buf, size_t count, loff_t
 	inc_syscw(current);
 	return ret;
 }
-EXPORT_SYMBOL(__kernel_write);
 
 ssize_t kernel_write(struct file *file, const void *buf, size_t count,
 			    loff_t *pos)
-- 
2.26.2


^ permalink raw reply	[flat|nested] 47+ messages in thread

* [PATCH 05/14] fs: check FMODE_WRITE in __kernel_write
  2020-05-28  5:40 clean up kernel_{read,write} & friends v2 Christoph Hellwig
                   ` (3 preceding siblings ...)
  2020-05-28  5:40 ` [PATCH 04/14] fs: unexport __kernel_write Christoph Hellwig
@ 2020-05-28  5:40 ` Christoph Hellwig
  2020-05-28  5:40 ` [PATCH 06/14] fs: remove the call_{read,write}_iter functions Christoph Hellwig
                   ` (10 subsequent siblings)
  15 siblings, 0 replies; 47+ messages in thread
From: Christoph Hellwig @ 2020-05-28  5:40 UTC (permalink / raw)
  To: Al Viro
  Cc: Linus Torvalds, Ian Kent, David Howells, linux-kernel,
	linux-fsdevel, linux-security-module, netfilter-devel

We still need to check if the fѕ is open write, even for the low-level
helper.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 fs/read_write.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/fs/read_write.c b/fs/read_write.c
index 2c601d853ff3d..76be155ad9824 100644
--- a/fs/read_write.c
+++ b/fs/read_write.c
@@ -505,6 +505,8 @@ ssize_t __kernel_write(struct file *file, const void *buf, size_t count, loff_t
 	const char __user *p;
 	ssize_t ret;
 
+	if (!(file->f_mode & FMODE_WRITE))
+		return -EBADF;
 	if (!(file->f_mode & FMODE_CAN_WRITE))
 		return -EINVAL;
 
-- 
2.26.2


^ permalink raw reply	[flat|nested] 47+ messages in thread

* [PATCH 06/14] fs: remove the call_{read,write}_iter functions
  2020-05-28  5:40 clean up kernel_{read,write} & friends v2 Christoph Hellwig
                   ` (4 preceding siblings ...)
  2020-05-28  5:40 ` [PATCH 05/14] fs: check FMODE_WRITE in __kernel_write Christoph Hellwig
@ 2020-05-28  5:40 ` Christoph Hellwig
  2020-05-28 18:56   ` Al Viro
  2020-05-28  5:40 ` [PATCH 07/14] fs: implement kernel_write using __kernel_write Christoph Hellwig
                   ` (9 subsequent siblings)
  15 siblings, 1 reply; 47+ messages in thread
From: Christoph Hellwig @ 2020-05-28  5:40 UTC (permalink / raw)
  To: Al Viro
  Cc: Linus Torvalds, Ian Kent, David Howells, linux-kernel,
	linux-fsdevel, linux-security-module, netfilter-devel

Just open coding the methods calls is a lot easier to follow.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 drivers/block/loop.c              |  4 ++--
 drivers/target/target_core_file.c |  4 ++--
 fs/aio.c                          |  4 ++--
 fs/io_uring.c                     |  4 ++--
 fs/read_write.c                   | 12 ++++++------
 fs/splice.c                       |  2 +-
 include/linux/fs.h                | 12 ------------
 7 files changed, 15 insertions(+), 27 deletions(-)

diff --git a/drivers/block/loop.c b/drivers/block/loop.c
index da693e6a834e5..ad167050a4ec4 100644
--- a/drivers/block/loop.c
+++ b/drivers/block/loop.c
@@ -572,9 +572,9 @@ static int lo_rw_aio(struct loop_device *lo, struct loop_cmd *cmd,
 		kthread_associate_blkcg(cmd->css);
 
 	if (rw == WRITE)
-		ret = call_write_iter(file, &cmd->iocb, &iter);
+		ret = file->f_op->write_iter(&cmd->iocb, &iter);
 	else
-		ret = call_read_iter(file, &cmd->iocb, &iter);
+		ret = file->f_op->read_iter(&cmd->iocb, &iter);
 
 	lo_rw_aio_do_completion(cmd);
 	kthread_associate_blkcg(NULL);
diff --git a/drivers/target/target_core_file.c b/drivers/target/target_core_file.c
index 7143d03f0e027..79f0707877917 100644
--- a/drivers/target/target_core_file.c
+++ b/drivers/target/target_core_file.c
@@ -303,9 +303,9 @@ fd_execute_rw_aio(struct se_cmd *cmd, struct scatterlist *sgl, u32 sgl_nents,
 		aio_cmd->iocb.ki_flags |= IOCB_DSYNC;
 
 	if (is_write)
-		ret = call_write_iter(file, &aio_cmd->iocb, &iter);
+		ret = file->f_op->write_iter(&aio_cmd->iocb, &iter);
 	else
-		ret = call_read_iter(file, &aio_cmd->iocb, &iter);
+		ret = file->f_op->read_iter(&aio_cmd->iocb, &iter);
 
 	kfree(bvec);
 
diff --git a/fs/aio.c b/fs/aio.c
index 5f3d3d8149287..1ccc0efdc357d 100644
--- a/fs/aio.c
+++ b/fs/aio.c
@@ -1540,7 +1540,7 @@ static int aio_read(struct kiocb *req, const struct iocb *iocb,
 		return ret;
 	ret = rw_verify_area(READ, file, &req->ki_pos, iov_iter_count(&iter));
 	if (!ret)
-		aio_rw_done(req, call_read_iter(file, req, &iter));
+		aio_rw_done(req, file->f_op->read_iter(req, &iter));
 	kfree(iovec);
 	return ret;
 }
@@ -1580,7 +1580,7 @@ static int aio_write(struct kiocb *req, const struct iocb *iocb,
 			__sb_writers_release(file_inode(file)->i_sb, SB_FREEZE_WRITE);
 		}
 		req->ki_flags |= IOCB_WRITE;
-		aio_rw_done(req, call_write_iter(file, req, &iter));
+		aio_rw_done(req, file->f_op->write_iter(req, &iter));
 	}
 	kfree(iovec);
 	return ret;
diff --git a/fs/io_uring.c b/fs/io_uring.c
index bb25e3997d418..f4b808231af0b 100644
--- a/fs/io_uring.c
+++ b/fs/io_uring.c
@@ -2579,7 +2579,7 @@ static int io_read(struct io_kiocb *req, bool force_nonblock)
 		ssize_t ret2;
 
 		if (req->file->f_op->read_iter)
-			ret2 = call_read_iter(req->file, kiocb, &iter);
+			ret2 = req->file->f_op->read_iter(kiocb, &iter);
 		else
 			ret2 = loop_rw_iter(READ, req->file, kiocb, &iter);
 
@@ -2694,7 +2694,7 @@ static int io_write(struct io_kiocb *req, bool force_nonblock)
 			current->signal->rlim[RLIMIT_FSIZE].rlim_cur = req->fsize;
 
 		if (req->file->f_op->write_iter)
-			ret2 = call_write_iter(req->file, kiocb, &iter);
+			ret2 = req->file->f_op->write_iter(kiocb, &iter);
 		else
 			ret2 = loop_rw_iter(WRITE, req->file, kiocb, &iter);
 
diff --git a/fs/read_write.c b/fs/read_write.c
index 76be155ad9824..f0768313ea010 100644
--- a/fs/read_write.c
+++ b/fs/read_write.c
@@ -412,7 +412,7 @@ static ssize_t new_sync_read(struct file *filp, char __user *buf, size_t len, lo
 	kiocb.ki_pos = (ppos ? *ppos : 0);
 	iov_iter_init(&iter, READ, &iov, 1, len);
 
-	ret = call_read_iter(filp, &kiocb, &iter);
+	ret = filp->f_op->read_iter(&kiocb, &iter);
 	BUG_ON(ret == -EIOCBQUEUED);
 	if (ppos)
 		*ppos = kiocb.ki_pos;
@@ -481,7 +481,7 @@ static ssize_t new_sync_write(struct file *filp, const char __user *buf, size_t
 	kiocb.ki_pos = (ppos ? *ppos : 0);
 	iov_iter_init(&iter, WRITE, &iov, 1, len);
 
-	ret = call_write_iter(filp, &kiocb, &iter);
+	ret = filp->f_op->write_iter(&kiocb, &iter);
 	BUG_ON(ret == -EIOCBQUEUED);
 	if (ret > 0 && ppos)
 		*ppos = kiocb.ki_pos;
@@ -690,9 +690,9 @@ static ssize_t do_iter_readv_writev(struct file *filp, struct iov_iter *iter,
 	kiocb.ki_pos = (ppos ? *ppos : 0);
 
 	if (type == READ)
-		ret = call_read_iter(filp, &kiocb, iter);
+		ret = filp->f_op->read_iter(&kiocb, iter);
 	else
-		ret = call_write_iter(filp, &kiocb, iter);
+		ret = filp->f_op->write_iter(&kiocb, iter);
 	BUG_ON(ret == -EIOCBQUEUED);
 	if (ppos)
 		*ppos = kiocb.ki_pos;
@@ -961,7 +961,7 @@ ssize_t vfs_iocb_iter_read(struct file *file, struct kiocb *iocb,
 	if (ret < 0)
 		return ret;
 
-	ret = call_read_iter(file, iocb, iter);
+	ret = file->f_op->read_iter(iocb, iter);
 out:
 	if (ret >= 0)
 		fsnotify_access(file);
@@ -1025,7 +1025,7 @@ ssize_t vfs_iocb_iter_write(struct file *file, struct kiocb *iocb,
 	if (ret < 0)
 		return ret;
 
-	ret = call_write_iter(file, iocb, iter);
+	ret = file->f_op->write_iter(iocb, iter);
 	if (ret > 0)
 		fsnotify_modify(file);
 
diff --git a/fs/splice.c b/fs/splice.c
index 4e53efbd621db..3382d5f0610dd 100644
--- a/fs/splice.c
+++ b/fs/splice.c
@@ -310,7 +310,7 @@ ssize_t generic_file_splice_read(struct file *in, loff_t *ppos,
 	i_head = to.head;
 	init_sync_kiocb(&kiocb, in);
 	kiocb.ki_pos = *ppos;
-	ret = call_read_iter(in, &kiocb, &to);
+	ret = in->f_op->read_iter(&kiocb, &to);
 	if (ret > 0) {
 		*ppos = kiocb.ki_pos;
 		file_accessed(in);
diff --git a/include/linux/fs.h b/include/linux/fs.h
index 45cc10cdf6ddd..21f126957c2cf 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -1895,18 +1895,6 @@ struct inode_operations {
 	int (*set_acl)(struct inode *, struct posix_acl *, int);
 } ____cacheline_aligned;
 
-static inline ssize_t call_read_iter(struct file *file, struct kiocb *kio,
-				     struct iov_iter *iter)
-{
-	return file->f_op->read_iter(kio, iter);
-}
-
-static inline ssize_t call_write_iter(struct file *file, struct kiocb *kio,
-				      struct iov_iter *iter)
-{
-	return file->f_op->write_iter(kio, iter);
-}
-
 static inline int call_mmap(struct file *file, struct vm_area_struct *vma)
 {
 	return file->f_op->mmap(file, vma);
-- 
2.26.2


^ permalink raw reply	[flat|nested] 47+ messages in thread

* [PATCH 07/14] fs: implement kernel_write using __kernel_write
  2020-05-28  5:40 clean up kernel_{read,write} & friends v2 Christoph Hellwig
                   ` (5 preceding siblings ...)
  2020-05-28  5:40 ` [PATCH 06/14] fs: remove the call_{read,write}_iter functions Christoph Hellwig
@ 2020-05-28  5:40 ` Christoph Hellwig
  2020-05-28  5:40 ` [PATCH 08/14] fs: remove __vfs_write Christoph Hellwig
                   ` (8 subsequent siblings)
  15 siblings, 0 replies; 47+ messages in thread
From: Christoph Hellwig @ 2020-05-28  5:40 UTC (permalink / raw)
  To: Al Viro
  Cc: Linus Torvalds, Ian Kent, David Howells, linux-kernel,
	linux-fsdevel, linux-security-module, netfilter-devel

Consolidate the two in-kernel write helpers to make upcoming changes
easier.  The only difference are the missing call to rw_verify_area
in kernel_write, and an access_ok check that doesn't make sense for
kernel buffers to start with.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 fs/read_write.c | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/fs/read_write.c b/fs/read_write.c
index f0768313ea010..abb84391cfbc5 100644
--- a/fs/read_write.c
+++ b/fs/read_write.c
@@ -499,6 +499,7 @@ static ssize_t __vfs_write(struct file *file, const char __user *p,
 		return -EINVAL;
 }
 
+/* caller is responsible for file_start_write/file_end_write */
 ssize_t __kernel_write(struct file *file, const void *buf, size_t count, loff_t *pos)
 {
 	mm_segment_t old_fs;
@@ -528,16 +529,16 @@ ssize_t __kernel_write(struct file *file, const void *buf, size_t count, loff_t
 ssize_t kernel_write(struct file *file, const void *buf, size_t count,
 			    loff_t *pos)
 {
-	mm_segment_t old_fs;
-	ssize_t res;
+	ssize_t ret;
 
-	old_fs = get_fs();
-	set_fs(KERNEL_DS);
-	/* The cast to a user pointer is valid due to the set_fs() */
-	res = vfs_write(file, (__force const char __user *)buf, count, pos);
-	set_fs(old_fs);
+	ret = rw_verify_area(WRITE, file, pos, count);
+	if (ret)
+		return ret;
 
-	return res;
+	file_start_write(file);
+	ret =  __kernel_write(file, buf, count, pos);
+	file_end_write(file);
+	return ret;
 }
 EXPORT_SYMBOL(kernel_write);
 
-- 
2.26.2


^ permalink raw reply	[flat|nested] 47+ messages in thread

* [PATCH 08/14] fs: remove __vfs_write
  2020-05-28  5:40 clean up kernel_{read,write} & friends v2 Christoph Hellwig
                   ` (6 preceding siblings ...)
  2020-05-28  5:40 ` [PATCH 07/14] fs: implement kernel_write using __kernel_write Christoph Hellwig
@ 2020-05-28  5:40 ` Christoph Hellwig
  2020-05-28  5:40 ` [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write Christoph Hellwig
                   ` (7 subsequent siblings)
  15 siblings, 0 replies; 47+ messages in thread
From: Christoph Hellwig @ 2020-05-28  5:40 UTC (permalink / raw)
  To: Al Viro
  Cc: Linus Torvalds, Ian Kent, David Howells, linux-kernel,
	linux-fsdevel, linux-security-module, netfilter-devel

Fold it into the two callers.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 fs/read_write.c | 46 ++++++++++++++++++++++------------------------
 1 file changed, 22 insertions(+), 24 deletions(-)

diff --git a/fs/read_write.c b/fs/read_write.c
index abb84391cfbc5..3bcb084f160de 100644
--- a/fs/read_write.c
+++ b/fs/read_write.c
@@ -488,17 +488,6 @@ static ssize_t new_sync_write(struct file *filp, const char __user *buf, size_t
 	return ret;
 }
 
-static ssize_t __vfs_write(struct file *file, const char __user *p,
-			   size_t count, loff_t *pos)
-{
-	if (file->f_op->write)
-		return file->f_op->write(file, p, count, pos);
-	else if (file->f_op->write_iter)
-		return new_sync_write(file, p, count, pos);
-	else
-		return -EINVAL;
-}
-
 /* caller is responsible for file_start_write/file_end_write */
 ssize_t __kernel_write(struct file *file, const void *buf, size_t count, loff_t *pos)
 {
@@ -516,7 +505,12 @@ ssize_t __kernel_write(struct file *file, const void *buf, size_t count, loff_t
 	p = (__force const char __user *)buf;
 	if (count > MAX_RW_COUNT)
 		count =  MAX_RW_COUNT;
-	ret = __vfs_write(file, p, count, pos);
+	if (file->f_op->write)
+		ret = file->f_op->write(file, p, count, pos);
+	else if (file->f_op->write_iter)
+		ret = new_sync_write(file, p, count, pos);
+	else
+		ret = -EINVAL;
 	set_fs(old_fs);
 	if (ret > 0) {
 		fsnotify_modify(file);
@@ -554,19 +548,23 @@ ssize_t vfs_write(struct file *file, const char __user *buf, size_t count, loff_
 		return -EFAULT;
 
 	ret = rw_verify_area(WRITE, file, pos, count);
-	if (!ret) {
-		if (count > MAX_RW_COUNT)
-			count =  MAX_RW_COUNT;
-		file_start_write(file);
-		ret = __vfs_write(file, buf, count, pos);
-		if (ret > 0) {
-			fsnotify_modify(file);
-			add_wchar(current, ret);
-		}
-		inc_syscw(current);
-		file_end_write(file);
+	if (ret)
+		return ret;
+	if (count > MAX_RW_COUNT)
+		count =  MAX_RW_COUNT;
+	file_start_write(file);
+	if (file->f_op->write)
+		ret = file->f_op->write(file, buf, count, pos);
+	else if (file->f_op->write_iter)
+		ret = new_sync_write(file, buf, count, pos);
+	else
+		ret = -EINVAL;
+	if (ret > 0) {
+		fsnotify_modify(file);
+		add_wchar(current, ret);
 	}
-
+	inc_syscw(current);
+	file_end_write(file);
 	return ret;
 }
 
-- 
2.26.2


^ permalink raw reply	[flat|nested] 47+ messages in thread

* [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
  2020-05-28  5:40 clean up kernel_{read,write} & friends v2 Christoph Hellwig
                   ` (7 preceding siblings ...)
  2020-05-28  5:40 ` [PATCH 08/14] fs: remove __vfs_write Christoph Hellwig
@ 2020-05-28  5:40 ` Christoph Hellwig
  2020-05-28 18:43   ` Linus Torvalds
  2020-05-28 19:00   ` Al Viro
  2020-05-28  5:40 ` [PATCH 10/14] fs: add a __kernel_read helper Christoph Hellwig
                   ` (6 subsequent siblings)
  15 siblings, 2 replies; 47+ messages in thread
From: Christoph Hellwig @ 2020-05-28  5:40 UTC (permalink / raw)
  To: Al Viro
  Cc: Linus Torvalds, Ian Kent, David Howells, linux-kernel,
	linux-fsdevel, linux-security-module, netfilter-devel

If we write to a file that implements ->write_iter there is no need
to change the address limit if we send a kvec down.  Implement that
case, and prefer it over using plain ->write with a changed address
limit if available.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 fs/read_write.c | 34 ++++++++++++++++++++++------------
 1 file changed, 22 insertions(+), 12 deletions(-)

diff --git a/fs/read_write.c b/fs/read_write.c
index 3bcb084f160de..8cfca5f8fc3ce 100644
--- a/fs/read_write.c
+++ b/fs/read_write.c
@@ -489,10 +489,9 @@ static ssize_t new_sync_write(struct file *filp, const char __user *buf, size_t
 }
 
 /* caller is responsible for file_start_write/file_end_write */
-ssize_t __kernel_write(struct file *file, const void *buf, size_t count, loff_t *pos)
+ssize_t __kernel_write(struct file *file, const void *buf, size_t count,
+		loff_t *pos)
 {
-	mm_segment_t old_fs;
-	const char __user *p;
 	ssize_t ret;
 
 	if (!(file->f_mode & FMODE_WRITE))
@@ -500,18 +499,29 @@ ssize_t __kernel_write(struct file *file, const void *buf, size_t count, loff_t
 	if (!(file->f_mode & FMODE_CAN_WRITE))
 		return -EINVAL;
 
-	old_fs = get_fs();
-	set_fs(KERNEL_DS);
-	p = (__force const char __user *)buf;
 	if (count > MAX_RW_COUNT)
 		count =  MAX_RW_COUNT;
-	if (file->f_op->write)
-		ret = file->f_op->write(file, p, count, pos);
-	else if (file->f_op->write_iter)
-		ret = new_sync_write(file, p, count, pos);
-	else
+	if (file->f_op->write_iter) {
+		struct kvec iov = { .iov_base = (void *)buf, .iov_len = count };
+		struct kiocb kiocb;
+		struct iov_iter iter;
+
+		init_sync_kiocb(&kiocb, file);
+		kiocb.ki_pos = *pos;
+		iov_iter_kvec(&iter, WRITE, &iov, 1, count);
+		ret = file->f_op->write_iter(&kiocb, &iter);
+		if (ret > 0)
+			*pos = kiocb.ki_pos;
+	} else if (file->f_op->write) {
+		mm_segment_t old_fs = get_fs();
+
+		set_fs(KERNEL_DS);
+		ret = file->f_op->write(file, (__force const char __user *)buf,
+				count, pos);
+		set_fs(old_fs);
+	} else {
 		ret = -EINVAL;
-	set_fs(old_fs);
+	}
 	if (ret > 0) {
 		fsnotify_modify(file);
 		add_wchar(current, ret);
-- 
2.26.2


^ permalink raw reply	[flat|nested] 47+ messages in thread

* [PATCH 10/14] fs: add a __kernel_read helper
  2020-05-28  5:40 clean up kernel_{read,write} & friends v2 Christoph Hellwig
                   ` (8 preceding siblings ...)
  2020-05-28  5:40 ` [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write Christoph Hellwig
@ 2020-05-28  5:40 ` Christoph Hellwig
  2020-05-28  5:40 ` [PATCH 11/14] integrity/ima: switch to using __kernel_read Christoph Hellwig
                   ` (5 subsequent siblings)
  15 siblings, 0 replies; 47+ messages in thread
From: Christoph Hellwig @ 2020-05-28  5:40 UTC (permalink / raw)
  To: Al Viro
  Cc: Linus Torvalds, Ian Kent, David Howells, linux-kernel,
	linux-fsdevel, linux-security-module, netfilter-devel

This is the counterpart to __kernel_write, and skip the rw_verify_area
call compared to kernel_read.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 fs/read_write.c    | 21 +++++++++++++++++++++
 include/linux/fs.h |  1 +
 2 files changed, 22 insertions(+)

diff --git a/fs/read_write.c b/fs/read_write.c
index 8cfca5f8fc3ce..bd12af8a895c8 100644
--- a/fs/read_write.c
+++ b/fs/read_write.c
@@ -430,6 +430,27 @@ ssize_t __vfs_read(struct file *file, char __user *buf, size_t count,
 		return -EINVAL;
 }
 
+ssize_t __kernel_read(struct file *file, void *buf, size_t count, loff_t *pos)
+{
+	mm_segment_t old_fs = get_fs();
+	ssize_t ret;
+
+	if (!(file->f_mode & FMODE_CAN_READ))
+		return -EINVAL;
+
+	if (count > MAX_RW_COUNT)
+		count =  MAX_RW_COUNT;
+	set_fs(KERNEL_DS);
+	ret = __vfs_read(file, (void __user *)buf, count, pos);
+	set_fs(old_fs);
+	if (ret > 0) {
+		fsnotify_access(file);
+		add_rchar(current, ret);
+	}
+	inc_syscr(current);
+	return ret;
+}
+
 ssize_t kernel_read(struct file *file, void *buf, size_t count, loff_t *pos)
 {
 	mm_segment_t old_fs;
diff --git a/include/linux/fs.h b/include/linux/fs.h
index 21f126957c2cf..6441aaa25f8f2 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -3011,6 +3011,7 @@ extern int kernel_read_file_from_path_initns(const char *, void **, loff_t *, lo
 extern int kernel_read_file_from_fd(int, void **, loff_t *, loff_t,
 				    enum kernel_read_file_id);
 extern ssize_t kernel_read(struct file *, void *, size_t, loff_t *);
+ssize_t __kernel_read(struct file *file, void *buf, size_t count, loff_t *pos);
 extern ssize_t kernel_write(struct file *, const void *, size_t, loff_t *);
 extern ssize_t __kernel_write(struct file *, const void *, size_t, loff_t *);
 extern struct file * open_exec(const char *);
-- 
2.26.2


^ permalink raw reply	[flat|nested] 47+ messages in thread

* [PATCH 11/14] integrity/ima: switch to using __kernel_read
  2020-05-28  5:40 clean up kernel_{read,write} & friends v2 Christoph Hellwig
                   ` (9 preceding siblings ...)
  2020-05-28  5:40 ` [PATCH 10/14] fs: add a __kernel_read helper Christoph Hellwig
@ 2020-05-28  5:40 ` Christoph Hellwig
  2020-05-28  5:40 ` [PATCH 12/14] fs: implement kernel_read " Christoph Hellwig
                   ` (4 subsequent siblings)
  15 siblings, 0 replies; 47+ messages in thread
From: Christoph Hellwig @ 2020-05-28  5:40 UTC (permalink / raw)
  To: Al Viro
  Cc: Linus Torvalds, Ian Kent, David Howells, linux-kernel,
	linux-fsdevel, linux-security-module, netfilter-devel

__kernel_read has a bunch of additional sanity checks, and this moves
the set_fs out of non-core code.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 security/integrity/iint.c | 14 +-------------
 1 file changed, 1 insertion(+), 13 deletions(-)

diff --git a/security/integrity/iint.c b/security/integrity/iint.c
index e12c4900510f6..1d20003243c3f 100644
--- a/security/integrity/iint.c
+++ b/security/integrity/iint.c
@@ -188,19 +188,7 @@ DEFINE_LSM(integrity) = {
 int integrity_kernel_read(struct file *file, loff_t offset,
 			  void *addr, unsigned long count)
 {
-	mm_segment_t old_fs;
-	char __user *buf = (char __user *)addr;
-	ssize_t ret;
-
-	if (!(file->f_mode & FMODE_READ))
-		return -EBADF;
-
-	old_fs = get_fs();
-	set_fs(KERNEL_DS);
-	ret = __vfs_read(file, buf, count, &offset);
-	set_fs(old_fs);
-
-	return ret;
+	return __kernel_read(file, addr, count, &offset);
 }
 
 /*
-- 
2.26.2


^ permalink raw reply	[flat|nested] 47+ messages in thread

* [PATCH 12/14] fs: implement kernel_read using __kernel_read
  2020-05-28  5:40 clean up kernel_{read,write} & friends v2 Christoph Hellwig
                   ` (10 preceding siblings ...)
  2020-05-28  5:40 ` [PATCH 11/14] integrity/ima: switch to using __kernel_read Christoph Hellwig
@ 2020-05-28  5:40 ` Christoph Hellwig
  2020-05-28  5:40 ` [PATCH 13/14] fs: remove __vfs_read Christoph Hellwig
                   ` (3 subsequent siblings)
  15 siblings, 0 replies; 47+ messages in thread
From: Christoph Hellwig @ 2020-05-28  5:40 UTC (permalink / raw)
  To: Al Viro
  Cc: Linus Torvalds, Ian Kent, David Howells, linux-kernel,
	linux-fsdevel, linux-security-module, netfilter-devel

Consolidate the two in-kernel read helpers to make upcoming changes
easier.  The only difference are the missing call to rw_verify_area
in kernel_read, and an access_ok check that doesn't make sense for
kernel buffers to start with.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 fs/read_write.c | 13 +++++--------
 1 file changed, 5 insertions(+), 8 deletions(-)

diff --git a/fs/read_write.c b/fs/read_write.c
index bd12af8a895c8..4e19152a7efe0 100644
--- a/fs/read_write.c
+++ b/fs/read_write.c
@@ -453,15 +453,12 @@ ssize_t __kernel_read(struct file *file, void *buf, size_t count, loff_t *pos)
 
 ssize_t kernel_read(struct file *file, void *buf, size_t count, loff_t *pos)
 {
-	mm_segment_t old_fs;
-	ssize_t result;
+	ssize_t ret;
 
-	old_fs = get_fs();
-	set_fs(KERNEL_DS);
-	/* The cast to a user pointer is valid due to the set_fs() */
-	result = vfs_read(file, (void __user *)buf, count, pos);
-	set_fs(old_fs);
-	return result;
+	ret = rw_verify_area(READ, file, pos, count);
+	if (ret)
+		return ret;
+	return __kernel_read(file, buf, count, pos);
 }
 EXPORT_SYMBOL(kernel_read);
 
-- 
2.26.2


^ permalink raw reply	[flat|nested] 47+ messages in thread

* [PATCH 13/14] fs: remove __vfs_read
  2020-05-28  5:40 clean up kernel_{read,write} & friends v2 Christoph Hellwig
                   ` (11 preceding siblings ...)
  2020-05-28  5:40 ` [PATCH 12/14] fs: implement kernel_read " Christoph Hellwig
@ 2020-05-28  5:40 ` Christoph Hellwig
  2020-05-28  5:40 ` [PATCH 14/14] fs: don't change the address limit for ->read_iter in __kernel_read Christoph Hellwig
                   ` (2 subsequent siblings)
  15 siblings, 0 replies; 47+ messages in thread
From: Christoph Hellwig @ 2020-05-28  5:40 UTC (permalink / raw)
  To: Al Viro
  Cc: Linus Torvalds, Ian Kent, David Howells, linux-kernel,
	linux-fsdevel, linux-security-module, netfilter-devel

Fold it into the two callers.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 fs/read_write.c    | 43 +++++++++++++++++++++----------------------
 include/linux/fs.h |  1 -
 2 files changed, 21 insertions(+), 23 deletions(-)

diff --git a/fs/read_write.c b/fs/read_write.c
index 4e19152a7efe0..46ddfce17e839 100644
--- a/fs/read_write.c
+++ b/fs/read_write.c
@@ -419,17 +419,6 @@ static ssize_t new_sync_read(struct file *filp, char __user *buf, size_t len, lo
 	return ret;
 }
 
-ssize_t __vfs_read(struct file *file, char __user *buf, size_t count,
-		   loff_t *pos)
-{
-	if (file->f_op->read)
-		return file->f_op->read(file, buf, count, pos);
-	else if (file->f_op->read_iter)
-		return new_sync_read(file, buf, count, pos);
-	else
-		return -EINVAL;
-}
-
 ssize_t __kernel_read(struct file *file, void *buf, size_t count, loff_t *pos)
 {
 	mm_segment_t old_fs = get_fs();
@@ -441,7 +430,12 @@ ssize_t __kernel_read(struct file *file, void *buf, size_t count, loff_t *pos)
 	if (count > MAX_RW_COUNT)
 		count =  MAX_RW_COUNT;
 	set_fs(KERNEL_DS);
-	ret = __vfs_read(file, (void __user *)buf, count, pos);
+	if (file->f_op->read)
+		ret = file->f_op->read(file, (void __user *)buf, count, pos);
+	else if (file->f_op->read_iter)
+		ret = new_sync_read(file, (void __user *)buf, count, pos);
+	else
+		ret = -EINVAL;
 	set_fs(old_fs);
 	if (ret > 0) {
 		fsnotify_access(file);
@@ -474,17 +468,22 @@ ssize_t vfs_read(struct file *file, char __user *buf, size_t count, loff_t *pos)
 		return -EFAULT;
 
 	ret = rw_verify_area(READ, file, pos, count);
-	if (!ret) {
-		if (count > MAX_RW_COUNT)
-			count =  MAX_RW_COUNT;
-		ret = __vfs_read(file, buf, count, pos);
-		if (ret > 0) {
-			fsnotify_access(file);
-			add_rchar(current, ret);
-		}
-		inc_syscr(current);
-	}
+	if (ret)
+		return ret;
+	if (count > MAX_RW_COUNT)
+		count =  MAX_RW_COUNT;
 
+	if (file->f_op->read)
+		ret = file->f_op->read(file, buf, count, pos);
+	else if (file->f_op->read_iter)
+		ret = new_sync_read(file, buf, count, pos);
+	else
+		ret = -EINVAL;
+	if (ret > 0) {
+		fsnotify_access(file);
+		add_rchar(current, ret);
+	}
+	inc_syscr(current);
 	return ret;
 }
 
diff --git a/include/linux/fs.h b/include/linux/fs.h
index 6441aaa25f8f2..4c10a07a36178 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -1905,7 +1905,6 @@ ssize_t rw_copy_check_uvector(int type, const struct iovec __user * uvector,
 			      struct iovec *fast_pointer,
 			      struct iovec **ret_pointer);
 
-extern ssize_t __vfs_read(struct file *, char __user *, size_t, loff_t *);
 extern ssize_t vfs_read(struct file *, char __user *, size_t, loff_t *);
 extern ssize_t vfs_write(struct file *, const char __user *, size_t, loff_t *);
 extern ssize_t vfs_readv(struct file *, const struct iovec __user *,
-- 
2.26.2


^ permalink raw reply	[flat|nested] 47+ messages in thread

* [PATCH 14/14] fs: don't change the address limit for ->read_iter in __kernel_read
  2020-05-28  5:40 clean up kernel_{read,write} & friends v2 Christoph Hellwig
                   ` (12 preceding siblings ...)
  2020-05-28  5:40 ` [PATCH 13/14] fs: remove __vfs_read Christoph Hellwig
@ 2020-05-28  5:40 ` Christoph Hellwig
  2020-05-28 19:03   ` Al Viro
  2020-05-28 18:51 ` clean up kernel_{read,write} & friends v2 Linus Torvalds
  2020-05-28 20:17 ` David Howells
  15 siblings, 1 reply; 47+ messages in thread
From: Christoph Hellwig @ 2020-05-28  5:40 UTC (permalink / raw)
  To: Al Viro
  Cc: Linus Torvalds, Ian Kent, David Howells, linux-kernel,
	linux-fsdevel, linux-security-module, netfilter-devel

If we read to a file that implements ->read_iter there is no need
to change the address limit if we send a kvec down.  Implement that
case, and prefer it over using plain ->read with a changed address
limit if available.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 fs/read_write.c | 24 +++++++++++++++++-------
 1 file changed, 17 insertions(+), 7 deletions(-)

diff --git a/fs/read_write.c b/fs/read_write.c
index 46ddfce17e839..c93acbd8bf5a3 100644
--- a/fs/read_write.c
+++ b/fs/read_write.c
@@ -421,7 +421,6 @@ static ssize_t new_sync_read(struct file *filp, char __user *buf, size_t len, lo
 
 ssize_t __kernel_read(struct file *file, void *buf, size_t count, loff_t *pos)
 {
-	mm_segment_t old_fs = get_fs();
 	ssize_t ret;
 
 	if (!(file->f_mode & FMODE_CAN_READ))
@@ -429,14 +428,25 @@ ssize_t __kernel_read(struct file *file, void *buf, size_t count, loff_t *pos)
 
 	if (count > MAX_RW_COUNT)
 		count =  MAX_RW_COUNT;
-	set_fs(KERNEL_DS);
-	if (file->f_op->read)
+	if (file->f_op->read_iter) {
+		struct kvec iov = { .iov_base = buf, .iov_len = count };
+		struct kiocb kiocb;
+		struct iov_iter iter;
+
+		init_sync_kiocb(&kiocb, file);
+		kiocb.ki_pos = *pos;
+		iov_iter_kvec(&iter, READ, &iov, 1, count);
+		ret = file->f_op->read_iter(&kiocb, &iter);
+		*pos = kiocb.ki_pos;
+	} else if (file->f_op->read) {
+		mm_segment_t old_fs = get_fs();
+
+		set_fs(KERNEL_DS);
 		ret = file->f_op->read(file, (void __user *)buf, count, pos);
-	else if (file->f_op->read_iter)
-		ret = new_sync_read(file, (void __user *)buf, count, pos);
-	else
+		set_fs(old_fs);
+	} else {
 		ret = -EINVAL;
-	set_fs(old_fs);
+	}
 	if (ret > 0) {
 		fsnotify_access(file);
 		add_rchar(current, ret);
-- 
2.26.2


^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
  2020-05-28  5:40 ` [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write Christoph Hellwig
@ 2020-05-28 18:43   ` Linus Torvalds
  2020-05-29 12:32     ` Christoph Hellwig
  2020-05-28 19:00   ` Al Viro
  1 sibling, 1 reply; 47+ messages in thread
From: Linus Torvalds @ 2020-05-28 18:43 UTC (permalink / raw)
  To: Christoph Hellwig
  Cc: Al Viro, Ian Kent, David Howells, Linux Kernel Mailing List,
	linux-fsdevel, LSM List, NetFilter

On Wed, May 27, 2020 at 10:41 PM Christoph Hellwig <hch@lst.de> wrote:
>
> -ssize_t __kernel_write(struct file *file, const void *buf, size_t count, loff_t *pos)
> +ssize_t __kernel_write(struct file *file, const void *buf, size_t count,
> +               loff_t *pos)

Please don't do these kinds of pointless whitespace changes.

If you have an actual 80x25 vt100 sitting in a corner, it's not really
conducive to kernel development any more.

Yes, yes, we'd like to have shorter lines for new code, but no, don't
do silly line breaks that just makes old code look and grep worse.

             Linus

^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: clean up kernel_{read,write} & friends v2
  2020-05-28  5:40 clean up kernel_{read,write} & friends v2 Christoph Hellwig
                   ` (13 preceding siblings ...)
  2020-05-28  5:40 ` [PATCH 14/14] fs: don't change the address limit for ->read_iter in __kernel_read Christoph Hellwig
@ 2020-05-28 18:51 ` Linus Torvalds
  2020-05-28 18:57   ` Sedat Dilek
  2020-05-28 19:22   ` Joe Perches
  2020-05-28 20:17 ` David Howells
  15 siblings, 2 replies; 47+ messages in thread
From: Linus Torvalds @ 2020-05-28 18:51 UTC (permalink / raw)
  To: Christoph Hellwig
  Cc: Al Viro, Ian Kent, David Howells, Linux Kernel Mailing List,
	linux-fsdevel, LSM List, NetFilter

On Wed, May 27, 2020 at 10:40 PM Christoph Hellwig <hch@lst.de> wrote:
>
> this series fixes a few issues and cleans up the helpers that read from
> or write to kernel space buffers, and ensures that we don't change the
> address limit if we are using the ->read_iter and ->write_iter methods
> that don't need the changed address limit.

Apart from the "please don't mix irrelevant whitespace changes with
other changes" comment, this looks fine to me.

And a rant related to that change: I'm really inclined to remove the
checkpatch check for 80 columns entirely, but it shouldn't have been
triggering for old lines even now.

Or maybe make it check for something more reasonable, like 100 characters.

I find it ironic and annoying how "checkpatch" warns about that silly
legacy limit, when checkpatch itself then on the very next few lines
has a line that is 124 columns wide

And yes, that 124 character line has a good reason for it. But that's
kind of the point. There are lots of perfectly fine reasons for longer
lines.

I'd much rather check for "no deep indentation" or "no unnecessarily
complex conditionals" or other issues that are more likely to be
_real_ problems.  But do we really have 80x25 terminals any more that
we'd care about?

               Linus

^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: [PATCH 06/14] fs: remove the call_{read,write}_iter functions
  2020-05-28  5:40 ` [PATCH 06/14] fs: remove the call_{read,write}_iter functions Christoph Hellwig
@ 2020-05-28 18:56   ` Al Viro
  2020-05-29  5:51     ` Christoph Hellwig
  0 siblings, 1 reply; 47+ messages in thread
From: Al Viro @ 2020-05-28 18:56 UTC (permalink / raw)
  To: Christoph Hellwig
  Cc: Linus Torvalds, Ian Kent, David Howells, linux-kernel,
	linux-fsdevel, linux-security-module, netfilter-devel

On Thu, May 28, 2020 at 07:40:35AM +0200, Christoph Hellwig wrote:
> Just open coding the methods calls is a lot easier to follow.

Not sure about this one, TBH - it's harder to grep that way, since
you get all the initializers for read_iter/write_iter thrown into
the mix.  Sure, you can do something like '\->[ 	]*read_iter\>',
but it's a PITA.

^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: clean up kernel_{read,write} & friends v2
  2020-05-28 18:51 ` clean up kernel_{read,write} & friends v2 Linus Torvalds
@ 2020-05-28 18:57   ` Sedat Dilek
  2020-05-28 19:22   ` Joe Perches
  1 sibling, 0 replies; 47+ messages in thread
From: Sedat Dilek @ 2020-05-28 18:57 UTC (permalink / raw)
  To: Linus Torvalds
  Cc: Christoph Hellwig, Al Viro, Ian Kent, David Howells,
	Linux Kernel Mailing List, linux-fsdevel, LSM List, NetFilter

On Thu, May 28, 2020 at 8:53 PM Linus Torvalds
<torvalds@linux-foundation.org> wrote:
>
> On Wed, May 27, 2020 at 10:40 PM Christoph Hellwig <hch@lst.de> wrote:
> >
> > this series fixes a few issues and cleans up the helpers that read from
> > or write to kernel space buffers, and ensures that we don't change the
> > address limit if we are using the ->read_iter and ->write_iter methods
> > that don't need the changed address limit.
>
> Apart from the "please don't mix irrelevant whitespace changes with
> other changes" comment, this looks fine to me.
>
> And a rant related to that change: I'm really inclined to remove the
> checkpatch check for 80 columns entirely, but it shouldn't have been
> triggering for old lines even now.
>
> Or maybe make it check for something more reasonable, like 100 characters.
>
> I find it ironic and annoying how "checkpatch" warns about that silly
> legacy limit, when checkpatch itself then on the very next few lines
> has a line that is 124 columns wide
>
> And yes, that 124 character line has a good reason for it. But that's
> kind of the point. There are lots of perfectly fine reasons for longer
> lines.
>
> I'd much rather check for "no deep indentation" or "no unnecessarily
> complex conditionals" or other issues that are more likely to be
> _real_ problems.  But do we really have 80x25 terminals any more that
> we'd care about?
>

Please kill that 80-columns-checkpatch-rule for more human-readability of code.

- Sedat -

^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
  2020-05-28  5:40 ` [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write Christoph Hellwig
  2020-05-28 18:43   ` Linus Torvalds
@ 2020-05-28 19:00   ` Al Viro
  2020-05-29  5:57     ` Christoph Hellwig
  1 sibling, 1 reply; 47+ messages in thread
From: Al Viro @ 2020-05-28 19:00 UTC (permalink / raw)
  To: Christoph Hellwig
  Cc: Linus Torvalds, Ian Kent, David Howells, linux-kernel,
	linux-fsdevel, linux-security-module, netfilter-devel

On Thu, May 28, 2020 at 07:40:38AM +0200, Christoph Hellwig wrote:
> If we write to a file that implements ->write_iter there is no need
> to change the address limit if we send a kvec down.  Implement that
> case, and prefer it over using plain ->write with a changed address
> limit if available.

Umm...  It needs a comment along the lines of "weird shits like
/dev/sg that currently check for uaccess_kernel() will just
have to make sure they never switch to ->write_iter()"

^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: [PATCH 14/14] fs: don't change the address limit for ->read_iter in __kernel_read
  2020-05-28  5:40 ` [PATCH 14/14] fs: don't change the address limit for ->read_iter in __kernel_read Christoph Hellwig
@ 2020-05-28 19:03   ` Al Viro
  0 siblings, 0 replies; 47+ messages in thread
From: Al Viro @ 2020-05-28 19:03 UTC (permalink / raw)
  To: Christoph Hellwig
  Cc: Linus Torvalds, Ian Kent, David Howells, linux-kernel,
	linux-fsdevel, linux-security-module, netfilter-devel

On Thu, May 28, 2020 at 07:40:43AM +0200, Christoph Hellwig wrote:
> If we read to a file that implements ->read_iter there is no need
> to change the address limit if we send a kvec down.  Implement that
> case, and prefer it over using plain ->read with a changed address
> limit if available.

Ditto re never converting something that bails out on uaccess_kernel()
in ->read() over to ->read_iter().

^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: clean up kernel_{read,write} & friends v2
  2020-05-28 18:51 ` clean up kernel_{read,write} & friends v2 Linus Torvalds
  2020-05-28 18:57   ` Sedat Dilek
@ 2020-05-28 19:22   ` Joe Perches
  2020-05-28 19:33     ` Al Viro
  2020-05-28 21:03     ` Joe Perches
  1 sibling, 2 replies; 47+ messages in thread
From: Joe Perches @ 2020-05-28 19:22 UTC (permalink / raw)
  To: Linus Torvalds, Christoph Hellwig
  Cc: Al Viro, Ian Kent, David Howells, Linux Kernel Mailing List,
	linux-fsdevel, LSM List, NetFilter

On Thu, 2020-05-28 at 11:51 -0700, Linus Torvalds wrote:
> On Wed, May 27, 2020 at 10:40 PM Christoph Hellwig <hch@lst.de> wrote:
> > this series fixes a few issues and cleans up the helpers that read from
> > or write to kernel space buffers, and ensures that we don't change the
> > address limit if we are using the ->read_iter and ->write_iter methods
> > that don't need the changed address limit.
> 
> Apart from the "please don't mix irrelevant whitespace changes with
> other changes" comment, this looks fine to me.
> 
> And a rant related to that change: I'm really inclined to remove the
> checkpatch check for 80 columns entirely, but it shouldn't have been
> triggering for old lines even now.
> 
> Or maybe make it check for something more reasonable, like 100 characters.
> 
> I find it ironic and annoying how "checkpatch" warns about that silly
> legacy limit, when checkpatch itself then on the very next few lines
> has a line that is 124 columns wide

Yeah.  perl ain't c.

And this discussion has been had many times.

Here's one from 2009
https://lkml.org/lkml/2009/12/15/490

Another from 2012
https://lkml.org/lkml/2012/2/5/141

Line lengths checks are normally pretty silly.

Hard limits at 80 really don't work well, especially with
some of the 25+ character length identifiers used today.

I think a line length warning at 132 is generally reasonable
but it could depend on complexity and identifier lengths.

> And yes, that 124 character line has a good reason for it. But that's
> kind of the point. There are lots of perfectly fine reasons for longer
> lines.
> 
> I'd much rather check for "no deep indentation" or "no unnecessarily
> complex conditionals" or other issues that are more likely to be
> _real_ problems.

That deep indentation test already exists at 6 tabs.
Maybe it should be 5 instead.  Or maybe even 4, but
that's a pretty easy to need and common use case.

Tab depth use in the kernel is more or less

$ git grep -Poh '^\t+(if|do|while|for|switch)\b' | \
  sed -r 's/\w+//g' | \
  awk '{print length($0);}' | \
  sort | uniq -c | sort -rn
 903993 1
 339059 2
  89334 3
  18216 4
   3282 5
    605 6
    148 7
     36 8
      4 9
      1 10

> But do we really have 80x25 terminals any more that
> we'd care about?

trivial btw: VT100s were 80x24 or 132x24, PCs were 80x25



^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: clean up kernel_{read,write} & friends v2
  2020-05-28 19:22   ` Joe Perches
@ 2020-05-28 19:33     ` Al Viro
  2020-05-28 19:44       ` Matthew Wilcox
  2020-05-28 20:29       ` Dave Airlie
  2020-05-28 21:03     ` Joe Perches
  1 sibling, 2 replies; 47+ messages in thread
From: Al Viro @ 2020-05-28 19:33 UTC (permalink / raw)
  To: Joe Perches
  Cc: Linus Torvalds, Christoph Hellwig, Ian Kent, David Howells,
	Linux Kernel Mailing List, linux-fsdevel, LSM List, NetFilter

On Thu, May 28, 2020 at 12:22:08PM -0700, Joe Perches wrote:

> Hard limits at 80 really don't work well, especially with
> some of the 25+ character length identifiers used today.

IMO any such identifier is a good reason for a warning.

The litmus test is actually very simple: how unpleasant would it be
to mention the identifiers while discussing the code over the phone?

^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: clean up kernel_{read,write} & friends v2
  2020-05-28 19:33     ` Al Viro
@ 2020-05-28 19:44       ` Matthew Wilcox
  2020-05-28 20:06         ` Al Viro
  2020-05-28 20:18         ` Joe Perches
  2020-05-28 20:29       ` Dave Airlie
  1 sibling, 2 replies; 47+ messages in thread
From: Matthew Wilcox @ 2020-05-28 19:44 UTC (permalink / raw)
  To: Al Viro
  Cc: Joe Perches, Linus Torvalds, Christoph Hellwig, Ian Kent,
	David Howells, Linux Kernel Mailing List, linux-fsdevel,
	LSM List, NetFilter, Alex Deucher, David Airlie

On Thu, May 28, 2020 at 08:33:40PM +0100, Al Viro wrote:
> On Thu, May 28, 2020 at 12:22:08PM -0700, Joe Perches wrote:
> 
> > Hard limits at 80 really don't work well, especially with
> > some of the 25+ character length identifiers used today.
> 
> IMO any such identifier is a good reason for a warning.
> 
> The litmus test is actually very simple: how unpleasant would it be
> to mention the identifiers while discussing the code over the phone?

Here's a good example of a function which should be taken out and shot:

int amdgpu_atombios_get_leakage_vddc_based_on_leakage_params(struct amdgpu_devic
e *adev,
...
        switch (frev) {
        case 2:
                switch (crev) {
...
                        if (profile->ucElbVDDC_Num > 0) {
                                for (i = 0; i < profile->ucElbVDDC_Num; i++) {
                                        if (vddc_id_buf[i] == virtual_voltage_id) {
                                                for (j = 0; j < profile->ucLeakageBinNum; j++) {
                                                        if (vbios_voltage_id <= leakage_bin[j]) {
                                                                *vddc = vddc_buf[j * profile->ucElbVDDC_Num + i];

I mean, I get it that AMD want to show off just how studly a monitor they
support, but good grief ...

^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: clean up kernel_{read,write} & friends v2
  2020-05-28 19:44       ` Matthew Wilcox
@ 2020-05-28 20:06         ` Al Viro
  2020-05-28 20:14           ` Deucher, Alexander
  2020-05-28 20:18         ` Joe Perches
  1 sibling, 1 reply; 47+ messages in thread
From: Al Viro @ 2020-05-28 20:06 UTC (permalink / raw)
  To: Matthew Wilcox
  Cc: Joe Perches, Linus Torvalds, Christoph Hellwig, Ian Kent,
	David Howells, Linux Kernel Mailing List, linux-fsdevel,
	LSM List, NetFilter, Alex Deucher, David Airlie

On Thu, May 28, 2020 at 12:44:41PM -0700, Matthew Wilcox wrote:
> On Thu, May 28, 2020 at 08:33:40PM +0100, Al Viro wrote:
> > On Thu, May 28, 2020 at 12:22:08PM -0700, Joe Perches wrote:
> > 
> > > Hard limits at 80 really don't work well, especially with
> > > some of the 25+ character length identifiers used today.
> > 
> > IMO any such identifier is a good reason for a warning.
> > 
> > The litmus test is actually very simple: how unpleasant would it be
> > to mention the identifiers while discussing the code over the phone?
> 
> Here's a good example of a function which should be taken out and shot:
> 
> int amdgpu_atombios_get_leakage_vddc_based_on_leakage_params(struct amdgpu_devic
> e *adev,
> ...
>         switch (frev) {
>         case 2:
>                 switch (crev) {
> ...
>                         if (profile->ucElbVDDC_Num > 0) {
>                                 for (i = 0; i < profile->ucElbVDDC_Num; i++) {
>                                         if (vddc_id_buf[i] == virtual_voltage_id) {
>                                                 for (j = 0; j < profile->ucLeakageBinNum; j++) {
>                                                         if (vbios_voltage_id <= leakage_bin[j]) {
>                                                                 *vddc = vddc_buf[j * profile->ucElbVDDC_Num + i];
> 
> I mean, I get it that AMD want to show off just how studly a monitor they
> support, but good grief ...

I must respectfully disagree.  It clearly needs to be hanged, drawn and
quartered...

^ permalink raw reply	[flat|nested] 47+ messages in thread

* RE: clean up kernel_{read,write} & friends v2
  2020-05-28 20:06         ` Al Viro
@ 2020-05-28 20:14           ` Deucher, Alexander
  0 siblings, 0 replies; 47+ messages in thread
From: Deucher, Alexander @ 2020-05-28 20:14 UTC (permalink / raw)
  To: Al Viro, Matthew Wilcox
  Cc: Joe Perches, Linus Torvalds, Christoph Hellwig, Ian Kent,
	David Howells, Linux Kernel Mailing List, linux-fsdevel,
	LSM List, NetFilter, David Airlie

[AMD Official Use Only - Internal Distribution Only]

> -----Original Message-----
> From: Al Viro <viro@ftp.linux.org.uk> On Behalf Of Al Viro
> Sent: Thursday, May 28, 2020 4:06 PM
> To: Matthew Wilcox <willy@infradead.org>
> Cc: Joe Perches <joe@perches.com>; Linus Torvalds <torvalds@linux-
> foundation.org>; Christoph Hellwig <hch@lst.de>; Ian Kent
> <raven@themaw.net>; David Howells <dhowells@redhat.com>; Linux
> Kernel Mailing List <linux-kernel@vger.kernel.org>; linux-fsdevel <linux-
> fsdevel@vger.kernel.org>; LSM List <linux-security-
> module@vger.kernel.org>; NetFilter <netfilter-devel@vger.kernel.org>;
> Deucher, Alexander <Alexander.Deucher@amd.com>; David Airlie
> <airlied@linux.ie>
> Subject: Re: clean up kernel_{read,write} & friends v2
> 
> On Thu, May 28, 2020 at 12:44:41PM -0700, Matthew Wilcox wrote:
> > On Thu, May 28, 2020 at 08:33:40PM +0100, Al Viro wrote:
> > > On Thu, May 28, 2020 at 12:22:08PM -0700, Joe Perches wrote:
> > >
> > > > Hard limits at 80 really don't work well, especially with some of
> > > > the 25+ character length identifiers used today.
> > >
> > > IMO any such identifier is a good reason for a warning.
> > >
> > > The litmus test is actually very simple: how unpleasant would it be
> > > to mention the identifiers while discussing the code over the phone?
> >
> > Here's a good example of a function which should be taken out and shot:
> >
> > int
> amdgpu_atombios_get_leakage_vddc_based_on_leakage_params(struct
> > amdgpu_devic e *adev, ...
> >         switch (frev) {
> >         case 2:
> >                 switch (crev) {
> > ...
> >                         if (profile->ucElbVDDC_Num > 0) {
> >                                 for (i = 0; i < profile->ucElbVDDC_Num; i++) {
> >                                         if (vddc_id_buf[i] == virtual_voltage_id) {
> >                                                 for (j = 0; j < profile->ucLeakageBinNum; j++) {
> >                                                         if (vbios_voltage_id <= leakage_bin[j]) {
> >                                                                 *vddc
> > = vddc_buf[j * profile->ucElbVDDC_Num + i];
> >
> > I mean, I get it that AMD want to show off just how studly a monitor
> > they support, but good grief ...
> 
> I must respectfully disagree.  It clearly needs to be hanged, drawn and
> quartered...

You found it necessary to add me to a random thread with no context to complain about the coding style?  How about sending a patch to clean it up if you find it that unsavory.

Alex

^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: clean up kernel_{read,write} & friends v2
  2020-05-28  5:40 clean up kernel_{read,write} & friends v2 Christoph Hellwig
                   ` (14 preceding siblings ...)
  2020-05-28 18:51 ` clean up kernel_{read,write} & friends v2 Linus Torvalds
@ 2020-05-28 20:17 ` David Howells
  2020-05-28 21:20   ` Casey Schaufler
  15 siblings, 1 reply; 47+ messages in thread
From: David Howells @ 2020-05-28 20:17 UTC (permalink / raw)
  To: Linus Torvalds
  Cc: dhowells, Christoph Hellwig, Al Viro, Ian Kent,
	Linux Kernel Mailing List, linux-fsdevel, LSM List, NetFilter

Linus Torvalds <torvalds@linux-foundation.org> wrote:

> Or maybe make it check for something more reasonable, like 100 characters.

Yes please!

David


^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: clean up kernel_{read,write} & friends v2
  2020-05-28 19:44       ` Matthew Wilcox
  2020-05-28 20:06         ` Al Viro
@ 2020-05-28 20:18         ` Joe Perches
  1 sibling, 0 replies; 47+ messages in thread
From: Joe Perches @ 2020-05-28 20:18 UTC (permalink / raw)
  To: Matthew Wilcox, Al Viro
  Cc: Linus Torvalds, Christoph Hellwig, Ian Kent, David Howells,
	Linux Kernel Mailing List, linux-fsdevel, LSM List, NetFilter,
	Alex Deucher, David Airlie

On Thu, 2020-05-28 at 12:44 -0700, Matthew Wilcox wrote:
> On Thu, May 28, 2020 at 08:33:40PM +0100, Al Viro wrote:
> > On Thu, May 28, 2020 at 12:22:08PM -0700, Joe Perches wrote:
> > 
> > > Hard limits at 80 really don't work well, especially with
> > > some of the 25+ character length identifiers used today.
> > 
> > IMO any such identifier is a good reason for a warning.
> > 
> > The litmus test is actually very simple: how unpleasant would it be
> > to mention the identifiers while discussing the code over the phone?
> 
> Here's a good example of a function which should be taken out and shot:
> 
> int amdgpu_atombios_get_leakage_vddc_based_on_leakage_params(struct amdgpu_devic
> e *adev,

Ick.

Seems simple enough as it doesn't appear to be used...

$ git grep amdgpu_atombios_get_leakage_vddc_based_on_leakage_params
drivers/gpu/drm/amd/amdgpu/amdgpu_atombios.c:int amdgpu_atombios_get_leakage_vddc_based_on_leakage_params(struct amdgpu_device *adev,
drivers/gpu/drm/amd/amdgpu/amdgpu_atombios.h:int amdgpu_atombios_get_leakage_vddc_based_on_leakage_params(struct amdgpu_device *adev,



^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: clean up kernel_{read,write} & friends v2
  2020-05-28 19:33     ` Al Viro
  2020-05-28 19:44       ` Matthew Wilcox
@ 2020-05-28 20:29       ` Dave Airlie
  1 sibling, 0 replies; 47+ messages in thread
From: Dave Airlie @ 2020-05-28 20:29 UTC (permalink / raw)
  To: Al Viro
  Cc: Joe Perches, Linus Torvalds, Christoph Hellwig, Ian Kent,
	David Howells, Linux Kernel Mailing List, linux-fsdevel,
	LSM List, NetFilter

On Fri, 29 May 2020 at 05:35, Al Viro <viro@zeniv.linux.org.uk> wrote:
>
> On Thu, May 28, 2020 at 12:22:08PM -0700, Joe Perches wrote:
>
> > Hard limits at 80 really don't work well, especially with
> > some of the 25+ character length identifiers used today.
>
> IMO any such identifier is a good reason for a warning.
>
> The litmus test is actually very simple: how unpleasant would it be
> to mention the identifiers while discussing the code over the phone?

That doesn't make sense though,

if you write the full english words out for something it'll be long
but easier to say over the phone,
if you use shortened kernel abbreviations it will be short but you'd
have to read out every letter.

To take an example:
this would read pretty well on the phone, maybe params could be parameters
amdgpu_atombios_get_leakage_vddc_based_on_leakage_params

vddc would be a stumbler.

try saying O_CREAT over the phone to someone not steeped in UNIX folklore.

Dave.

^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: clean up kernel_{read,write} & friends v2
  2020-05-28 19:22   ` Joe Perches
  2020-05-28 19:33     ` Al Viro
@ 2020-05-28 21:03     ` Joe Perches
  1 sibling, 0 replies; 47+ messages in thread
From: Joe Perches @ 2020-05-28 21:03 UTC (permalink / raw)
  To: Linus Torvalds, Christoph Hellwig
  Cc: Al Viro, Ian Kent, David Howells, Linux Kernel Mailing List,
	linux-fsdevel, LSM List, NetFilter

On Thu, 2020-05-28 at 12:22 -0700, Joe Perches wrote:
> On Thu, 2020-05-28 at 11:51 -0700, Linus Torvalds wrote:
> > On Wed, May 27, 2020 at 10:40 PM Christoph Hellwig <hch@lst.de> wrote:
> > > this series fixes a few issues and cleans up the helpers that read from
> > > or write to kernel space buffers, and ensures that we don't change the
> > > address limit if we are using the ->read_iter and ->write_iter methods
> > > that don't need the changed address limit.
> > 
> > Apart from the "please don't mix irrelevant whitespace changes with
> > other changes" comment, this looks fine to me.
> > 
> > And a rant related to that change: I'm really inclined to remove the
> > checkpatch check for 80 columns entirely, but it shouldn't have been
> > triggering for old lines even now.
> > 
> > Or maybe make it check for something more reasonable, like 100 characters.
> > 
> > I find it ironic and annoying how "checkpatch" warns about that silly
> > legacy limit, when checkpatch itself then on the very next few lines
> > has a line that is 124 columns wide

Another option is to only warn by default when a line in a
patch but not a file exceeds the line length maximum.
---
 scripts/checkpatch.pl | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
index dd750241958b..78f5b7f97e42 100755
--- a/scripts/checkpatch.pl
+++ b/scripts/checkpatch.pl
@@ -3282,8 +3282,10 @@ sub process {
 
 			if ($msg_type ne "" &&
 			    (show_type("LONG_LINE") || show_type($msg_type))) {
-				WARN($msg_type,
-				     "line over $max_line_length characters\n" . $herecurr);
+				my $msg_level = \&WARN;
+				$msg_level = \&CHK if ($file);
+				&{$msg_level}($msg_type,
+					      "line over $max_line_length characters\n" . $herecurr);
 			}
 		}
 


^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: clean up kernel_{read,write} & friends v2
  2020-05-28 20:17 ` David Howells
@ 2020-05-28 21:20   ` Casey Schaufler
  2020-05-29 13:08     ` David Laight
  0 siblings, 1 reply; 47+ messages in thread
From: Casey Schaufler @ 2020-05-28 21:20 UTC (permalink / raw)
  To: David Howells, Linus Torvalds
  Cc: Christoph Hellwig, Al Viro, Ian Kent, Linux Kernel Mailing List,
	linux-fsdevel, LSM List, NetFilter

On 5/28/2020 1:17 PM, David Howells wrote:
> Linus Torvalds <torvalds@linux-foundation.org> wrote:
>
>> Or maybe make it check for something more reasonable, like 100 characters.
> Yes please!

No, thank you!

C is a symbolic language, not a text language. Encouraging newbies to declare

	int iterator;

instead of

	int i;

does the language a disservice.

It's true, nobody uses a TTY33 anymore. Those of us who have done so
understand how "{" is preferable to "BEGIN" and why tabs are better than
multiple spaces. A narrow "terminal" requires less neck and mouse movement.
Any width limit is arbitrary, so to the extent anyone might care, I advocate
80 forever.

> David
>


^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: [PATCH 06/14] fs: remove the call_{read,write}_iter functions
  2020-05-28 18:56   ` Al Viro
@ 2020-05-29  5:51     ` Christoph Hellwig
  0 siblings, 0 replies; 47+ messages in thread
From: Christoph Hellwig @ 2020-05-29  5:51 UTC (permalink / raw)
  To: Al Viro
  Cc: Christoph Hellwig, Linus Torvalds, Ian Kent, David Howells,
	linux-kernel, linux-fsdevel, linux-security-module,
	netfilter-devel

On Thu, May 28, 2020 at 07:56:43PM +0100, Al Viro wrote:
> On Thu, May 28, 2020 at 07:40:35AM +0200, Christoph Hellwig wrote:
> > Just open coding the methods calls is a lot easier to follow.
> 
> Not sure about this one, TBH - it's harder to grep that way, since
> you get all the initializers for read_iter/write_iter thrown into
> the mix.  Sure, you can do something like '\->[ 	]*read_iter\>',
> but it's a PITA.

Which you have to do anyway as not all calls go through these weird
helpers.

^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
  2020-05-28 19:00   ` Al Viro
@ 2020-05-29  5:57     ` Christoph Hellwig
  2020-05-29 13:37       ` Christoph Hellwig
  0 siblings, 1 reply; 47+ messages in thread
From: Christoph Hellwig @ 2020-05-29  5:57 UTC (permalink / raw)
  To: Al Viro
  Cc: Christoph Hellwig, Linus Torvalds, Ian Kent, David Howells,
	linux-kernel, linux-fsdevel, linux-security-module,
	netfilter-devel

On Thu, May 28, 2020 at 08:00:52PM +0100, Al Viro wrote:
> On Thu, May 28, 2020 at 07:40:38AM +0200, Christoph Hellwig wrote:
> > If we write to a file that implements ->write_iter there is no need
> > to change the address limit if we send a kvec down.  Implement that
> > case, and prefer it over using plain ->write with a changed address
> > limit if available.
> 
> Umm...  It needs a comment along the lines of "weird shits like
> /dev/sg that currently check for uaccess_kernel() will just
> have to make sure they never switch to ->write_iter()"

sg and hid has the uaccess_kernel because it accesses userspace memory not
in the range passed to it.  Something using write_iter/read_iter should
never access any memory outside the iter passed to.  rdma has it because
it uses write as a bidirectional interface, which obviously can't work at
all with an iter.  So I'm not sure what we should comment on, but if
you have a desire and a proposal for a comment I'll happily add it.

^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
  2020-05-28 18:43   ` Linus Torvalds
@ 2020-05-29 12:32     ` Christoph Hellwig
  2020-05-31 23:59       ` Logan Gunthorpe
  0 siblings, 1 reply; 47+ messages in thread
From: Christoph Hellwig @ 2020-05-29 12:32 UTC (permalink / raw)
  To: Linus Torvalds
  Cc: Christoph Hellwig, Al Viro, Ian Kent, David Howells,
	Linux Kernel Mailing List, linux-fsdevel, LSM List, NetFilter

On Thu, May 28, 2020 at 11:43:13AM -0700, Linus Torvalds wrote:
> On Wed, May 27, 2020 at 10:41 PM Christoph Hellwig <hch@lst.de> wrote:
> >
> > -ssize_t __kernel_write(struct file *file, const void *buf, size_t count, loff_t *pos)
> > +ssize_t __kernel_write(struct file *file, const void *buf, size_t count,
> > +               loff_t *pos)
> 
> Please don't do these kinds of pointless whitespace changes.
> 
> If you have an actual 80x25 vt100 sitting in a corner, it's not really
> conducive to kernel development any more.

I have real 80x25 xterms, as that allows me to comfortably fit 4 of
them onto my latop screen.

^ permalink raw reply	[flat|nested] 47+ messages in thread

* RE: clean up kernel_{read,write} & friends v2
  2020-05-28 21:20   ` Casey Schaufler
@ 2020-05-29 13:08     ` David Laight
  2020-05-29 19:19       ` Linus Torvalds
  0 siblings, 1 reply; 47+ messages in thread
From: David Laight @ 2020-05-29 13:08 UTC (permalink / raw)
  To: 'Casey Schaufler', David Howells, Linus Torvalds
  Cc: Christoph Hellwig, Al Viro, Ian Kent, Linux Kernel Mailing List,
	linux-fsdevel, LSM List, NetFilter

From: Casey Schaufler
> Sent: 28 May 2020 22:21
> It's true, nobody uses a TTY33 anymore. Those of us who have done so
> understand how "{" is preferable to "BEGIN" and why tabs are better than
> multiple spaces. A narrow "terminal" requires less neck and mouse movement.
> Any width limit is arbitrary, so to the extent anyone might care, I advocate
> 80 forever.

A wide monitor is for looking at lots of files.
Not dead space because of deep intents and very long variable names.

Although i don't understand the 'indent continuations under "("' rule.
It hides some indents and makes other excessive.
A simple 'double indent' (or half indent) makes code more readable.

A different rule for function definitions would make real sense.
They only need a single indent - the '{' marks the end.

	David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)

^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
  2020-05-29  5:57     ` Christoph Hellwig
@ 2020-05-29 13:37       ` Christoph Hellwig
  0 siblings, 0 replies; 47+ messages in thread
From: Christoph Hellwig @ 2020-05-29 13:37 UTC (permalink / raw)
  To: Al Viro
  Cc: Christoph Hellwig, Linus Torvalds, Ian Kent, David Howells,
	linux-kernel, linux-fsdevel, linux-security-module,
	netfilter-devel

On Fri, May 29, 2020 at 07:57:36AM +0200, Christoph Hellwig wrote:
> On Thu, May 28, 2020 at 08:00:52PM +0100, Al Viro wrote:
> > On Thu, May 28, 2020 at 07:40:38AM +0200, Christoph Hellwig wrote:
> > > If we write to a file that implements ->write_iter there is no need
> > > to change the address limit if we send a kvec down.  Implement that
> > > case, and prefer it over using plain ->write with a changed address
> > > limit if available.
> > 
> > Umm...  It needs a comment along the lines of "weird shits like
> > /dev/sg that currently check for uaccess_kernel() will just
> > have to make sure they never switch to ->write_iter()"
> 
> sg and hid has the uaccess_kernel because it accesses userspace memory not
> in the range passed to it.  Something using write_iter/read_iter should
> never access any memory outside the iter passed to.  rdma has it because
> it uses write as a bidirectional interface, which obviously can't work at
> all with an iter.  So I'm not sure what we should comment on, but if
> you have a desire and a proposal for a comment I'll happily add it.

And looking over all three again they actually comment why they
check uaccess_kernel.  More importantly if someone switched them to
the ->write_iter carelessly that means the uaccess outside of the range
would actually aways fail now as we didn't allow access to userspace
memory, so this should show up when testing instantly.

^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: clean up kernel_{read,write} & friends v2
  2020-05-29 13:08     ` David Laight
@ 2020-05-29 19:19       ` Linus Torvalds
  2020-05-29 22:02         ` Casey Schaufler
                           ` (2 more replies)
  0 siblings, 3 replies; 47+ messages in thread
From: Linus Torvalds @ 2020-05-29 19:19 UTC (permalink / raw)
  To: David Laight
  Cc: Casey Schaufler, David Howells, Christoph Hellwig, Al Viro,
	Ian Kent, Linux Kernel Mailing List, linux-fsdevel, LSM List,
	NetFilter

On Fri, May 29, 2020 at 6:08 AM David Laight <David.Laight@aculab.com> wrote:
>
> A wide monitor is for looking at lots of files.

Not necessarily.

Excessive line breaks are BAD. They cause real and every-day problems.

They cause problems for things like "grep" both in the patterns and in
the output, since grep (and a lot of other very basic unix utilities)
is fundamentally line-based.

So the fact is, many of us have long long since skipped the whole
"80-column terminal" model, for the same reason that we have many more
lines than 25 lines visible at a time.

And honestly, I don't want to see patches that make the kernel reading
experience worse for me and likely for the vast majority of people,
based on the argument that some odd people have small terminal
windows.

If you or Christoph have 80 character lines, you'll get possibly ugly
wrapped output. Tough. That's _your_ choice. Your hardware limitations
shouldn't be a pain for the rest of us.

Longer lines are fundamentally useful. My monitor is not only a lot
wider than it is tall, my fonts are universally narrower than they are
tall. Long lines are natural.

When I tile my terminal windows on my display, I can have 6 terminals
visible at one time, and that's because I have them three wide. And I
could still fit 80% of a fourth one side-by-side.

And guess what? That's with my default "100x50" terminal window (go to
your gnome terminal settings, you'll find that the 80x25 thing is just
an initial default that you can change), not with some 80x25 one. And
that's with a font that has anti-aliasing and isn't some pixelated
mess.

And most of my terminals actually end up being dragged wider and
taller than that. I checked, and my main one is 142x76 characters
right now, because it turns out that wider (and taller) terminals are
useful not just for source code.

Have you looked at "ps ax" output lately? Or used "top"? Or done "git
diff --stat" or any number of things where it turns out that 80x25 is
really really limiting, and is simply NO LONGER RELEVANT to most of
us.

So no. I do not care about somebody with a 80x25 terminal window
getting line wrapping.

For exactly the same reason I find it completely irrelevant if
somebody says that their kernel compile takes 10 hours because they
are doing kernel development on a Raspberry PI with 4GB of RAM.

People with restrictive hardware shouldn't make it more inconvenient
for people who have better resources. Yes, we'll accommodate things to
within reasonable limits. But no, 80-column terminals in 2020 isn't
"reasonable" any more as far as I'm concerned. People commonly used
132-column terminals even back in the 80's, for chrissake, don't try
to make 80 columns some immovable standard.

If you choose to use a 80-column terminal, you can live with the line
wrapping. It's just that simple.

And longer lines are simply useful. Part of that is that we aren't
programming in the 80's any more, and our source code is fundamentally
wider as a result.

Yes, local iteration variables are still called 'i', because more
context just isn't helpful for some anonymous counter. Being concise
is still a good thing, and overly verbose names are not inherently
better.

But still - it's entirely reasonable to have variable names that are
10-15 characters and it makes the code more legible. Writing things
out instead of using abbreviations etc.

And yes, we do use wide tabs, because that makes indentation something
you can visually see in the structure at a glance and on a
whole-function basis, rather than something you have to try to
visually "line up" things for or count spaces.

So we have lots of fairly fundamental issues that fairly easily make
for longer lines in many circumstances.

And yes, we do line breaks at some point. But there really isn't any
reason to make that point be 80 columns any more.

                  Linus

^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: clean up kernel_{read,write} & friends v2
  2020-05-29 19:19       ` Linus Torvalds
@ 2020-05-29 22:02         ` Casey Schaufler
  2020-05-29 23:12         ` [PATCH] checkpatch/coding-style: Allow 100 column lines Joe Perches
  2020-06-05  6:36         ` clean up kernel_{read,write} & friends v2 Philippe Mathieu-Daudé
  2 siblings, 0 replies; 47+ messages in thread
From: Casey Schaufler @ 2020-05-29 22:02 UTC (permalink / raw)
  To: Linus Torvalds, David Laight
  Cc: David Howells, Christoph Hellwig, Al Viro, Ian Kent,
	Linux Kernel Mailing List, linux-fsdevel, LSM List, NetFilter

On 5/29/2020 12:19 PM, Linus Torvalds wrote:
> On Fri, May 29, 2020 at 6:08 AM David Laight <David.Laight@aculab.com> wrote:
>> A wide monitor is for looking at lots of files.
> Not necessarily.
>
> Excessive line breaks are BAD. They cause real and every-day problems.
>
> They cause problems for things like "grep" both in the patterns and in
> the output, since grep (and a lot of other very basic unix utilities)
> is fundamentally line-based.
>
> So the fact is, many of us have long long since skipped the whole
> "80-column terminal" model, for the same reason that we have many more
> lines than 25 lines visible at a time.
>
> And honestly, I don't want to see patches that make the kernel reading
> experience worse for me and likely for the vast majority of people,
> based on the argument that some odd people have small terminal
> windows.
>
> If you or Christoph have 80 character lines, you'll get possibly ugly
> wrapped output. Tough. That's _your_ choice. Your hardware limitations
> shouldn't be a pain for the rest of us.
>
> Longer lines are fundamentally useful. My monitor is not only a lot
> wider than it is tall, my fonts are universally narrower than they are
> tall. Long lines are natural.
>
> When I tile my terminal windows on my display, I can have 6 terminals
> visible at one time, and that's because I have them three wide. And I
> could still fit 80% of a fourth one side-by-side.
>
> And guess what? That's with my default "100x50" terminal window (go to
> your gnome terminal settings, you'll find that the 80x25 thing is just
> an initial default that you can change), not with some 80x25 one. And
> that's with a font that has anti-aliasing and isn't some pixelated
> mess.
>
> And most of my terminals actually end up being dragged wider and
> taller than that. I checked, and my main one is 142x76 characters
> right now, because it turns out that wider (and taller) terminals are
> useful not just for source code.
>
> Have you looked at "ps ax" output lately? Or used "top"? Or done "git
> diff --stat" or any number of things where it turns out that 80x25 is
> really really limiting, and is simply NO LONGER RELEVANT to most of
> us.
>
> So no. I do not care about somebody with a 80x25 terminal window
> getting line wrapping.

The first law of good C programming is:
	"Thou shalt adhere to the One True Brace Style"

It extrapolates into indentation, line width, and a number of
other things. Since Linux is a trademark of Linus Torvalds,
you get to define what the "One Truth" is. Time to resize my
terminals.

>
> For exactly the same reason I find it completely irrelevant if
> somebody says that their kernel compile takes 10 hours because they
> are doing kernel development on a Raspberry PI with 4GB of RAM.
>
> People with restrictive hardware shouldn't make it more inconvenient
> for people who have better resources. Yes, we'll accommodate things to
> within reasonable limits. But no, 80-column terminals in 2020 isn't
> "reasonable" any more as far as I'm concerned. People commonly used
> 132-column terminals even back in the 80's, for chrissake, don't try
> to make 80 columns some immovable standard.
>
> If you choose to use a 80-column terminal, you can live with the line
> wrapping. It's just that simple.
>
> And longer lines are simply useful. Part of that is that we aren't
> programming in the 80's any more, and our source code is fundamentally
> wider as a result.
>
> Yes, local iteration variables are still called 'i', because more
> context just isn't helpful for some anonymous counter. Being concise
> is still a good thing, and overly verbose names are not inherently
> better.
>
> But still - it's entirely reasonable to have variable names that are
> 10-15 characters and it makes the code more legible. Writing things
> out instead of using abbreviations etc.
>
> And yes, we do use wide tabs, because that makes indentation something
> you can visually see in the structure at a glance and on a
> whole-function basis, rather than something you have to try to
> visually "line up" things for or count spaces.
>
> So we have lots of fairly fundamental issues that fairly easily make
> for longer lines in many circumstances.
>
> And yes, we do line breaks at some point. But there really isn't any
> reason to make that point be 80 columns any more.
>
>                   Linus


^ permalink raw reply	[flat|nested] 47+ messages in thread

* [PATCH] checkpatch/coding-style: Allow 100 column lines
  2020-05-29 19:19       ` Linus Torvalds
  2020-05-29 22:02         ` Casey Schaufler
@ 2020-05-29 23:12         ` Joe Perches
  2020-05-30 22:14           ` Andreas Dilger
  2020-06-05  6:36         ` clean up kernel_{read,write} & friends v2 Philippe Mathieu-Daudé
  2 siblings, 1 reply; 47+ messages in thread
From: Joe Perches @ 2020-05-29 23:12 UTC (permalink / raw)
  To: Linus Torvalds, David Laight
  Cc: Casey Schaufler, David Howells, Christoph Hellwig, Al Viro,
	Ian Kent, Linux Kernel Mailing List, linux-fsdevel, LSM List,
	NetFilter

Change the maximum allowed line length to 100 from 80.

Miscellanea:

o to avoid unnecessary whitespace changes in files,
  checkpatch will no longer emit a warning about line length
  when scanning files unless --strict is also used
o Add a bit to coding-style about alignment to open parenthesis

Signed-off-by: Joe Perches <joe@perches.com>
---
 Documentation/process/coding-style.rst | 25 ++++++++++++++++---------
 scripts/checkpatch.pl                  | 14 +++++++++-----
 2 files changed, 25 insertions(+), 14 deletions(-)

diff --git a/Documentation/process/coding-style.rst b/Documentation/process/coding-style.rst
index acb2f1b36350..55b148e9c6b8 100644
--- a/Documentation/process/coding-style.rst
+++ b/Documentation/process/coding-style.rst
@@ -84,15 +84,22 @@ Get a decent editor and don't leave whitespace at the end of lines.
 Coding style is all about readability and maintainability using commonly
 available tools.
 
-The limit on the length of lines is 80 columns and this is a strongly
-preferred limit.
-
-Statements longer than 80 columns will be broken into sensible chunks, unless
-exceeding 80 columns significantly increases readability and does not hide
-information. Descendants are always substantially shorter than the parent and
-are placed substantially to the right. The same applies to function headers
-with a long argument list. However, never break user-visible strings such as
-printk messages, because that breaks the ability to grep for them.
+The preferred limit on the length of a single line is 80 columns.
+
+Statements longer than 80 columns should be broken into sensible chunks,
+unless exceeding 80 columns significantly increases readability and does
+not hide information.
+
+Statements may be up to 100 columns when appropriate.
+
+Descendants are always substantially shorter than the parent and are
+are placed substantially to the right.  A very commonly used style
+is to align descendants to a function open parenthesis.
+
+These same rules are applied to function headers with a long argument list.
+
+However, never break user-visible strings such as printk messages because
+that breaks the ability to grep for them.
 
 
 3) Placing Braces and Spaces
diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
index dd750241958b..5f00df2c3f59 100755
--- a/scripts/checkpatch.pl
+++ b/scripts/checkpatch.pl
@@ -53,7 +53,7 @@ my %ignore_type = ();
 my @ignore = ();
 my $help = 0;
 my $configuration_file = ".checkpatch.conf";
-my $max_line_length = 80;
+my $max_line_length = 100;
 my $ignore_perl_version = 0;
 my $minimum_perl_version = 5.10.0;
 my $min_conf_desc_length = 4;
@@ -99,9 +99,11 @@ Options:
   --types TYPE(,TYPE2...)    show only these comma separated message types
   --ignore TYPE(,TYPE2...)   ignore various comma separated message types
   --show-types               show the specific message type in the output
-  --max-line-length=n        set the maximum line length, if exceeded, warn
+  --max-line-length=n        set the maximum line length, (default $max_line_length)
+                             if exceeded, warn on patches
+                             requires --strict for use with --file
   --min-conf-desc-length=n   set the min description length, if shorter, warn
-  --tab-size=n               set the number of spaces for tab (default 8)
+  --tab-size=n               set the number of spaces for tab (default $tabsize)
   --root=PATH                PATH to the kernel tree root
   --no-summary               suppress the per-file summary
   --mailback                 only produce a report in case of warnings/errors
@@ -3282,8 +3284,10 @@ sub process {
 
 			if ($msg_type ne "" &&
 			    (show_type("LONG_LINE") || show_type($msg_type))) {
-				WARN($msg_type,
-				     "line over $max_line_length characters\n" . $herecurr);
+				my $msg_level = \&WARN;
+				$msg_level = \&CHK if ($file);
+				&{$msg_level}($msg_type,
+					      "line length of $length exceeds $max_line_length columns\n" . $herecurr);
 			}
 		}
 


^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: [PATCH] checkpatch/coding-style: Allow 100 column lines
  2020-05-29 23:12         ` [PATCH] checkpatch/coding-style: Allow 100 column lines Joe Perches
@ 2020-05-30 22:14           ` Andreas Dilger
  2020-05-30 23:15             ` Joe Perches
  0 siblings, 1 reply; 47+ messages in thread
From: Andreas Dilger @ 2020-05-30 22:14 UTC (permalink / raw)
  To: Joe Perches
  Cc: Linus Torvalds, David Laight, Casey Schaufler, David Howells,
	Christoph Hellwig, Al Viro, Ian Kent, Linux Kernel Mailing List,
	linux-fsdevel, LSM List, NetFilter


[-- Attachment #1: Type: text/plain, Size: 4648 bytes --]

On May 29, 2020, at 5:12 PM, Joe Perches <joe@perches.com> wrote:
> 
> Change the maximum allowed line length to 100 from 80.

What is the benefit/motivation for changing this?  The vast majority
of files are wrapped at 80 columns, and if some files start being
wrapped at 100 columns they will either display poorly on 80-column
terminals, or a lot of dead space will show in 100-column terminals.

> Miscellanea:
> 
> o to avoid unnecessary whitespace changes in files,
>  checkpatch will no longer emit a warning about line length
>  when scanning files unless --strict is also used
> o Add a bit to coding-style about alignment to open parenthesis
> 
> Signed-off-by: Joe Perches <joe@perches.com>
> ---
> Documentation/process/coding-style.rst | 25 ++++++++++++++++---------
> scripts/checkpatch.pl                  | 14 +++++++++-----
> 2 files changed, 25 insertions(+), 14 deletions(-)
> 
> diff --git a/Documentation/process/coding-style.rst b/Documentation/process/coding-style.rst
> index acb2f1b36350..55b148e9c6b8 100644
> --- a/Documentation/process/coding-style.rst
> +++ b/Documentation/process/coding-style.rst
> @@ -84,15 +84,22 @@ Get a decent editor and don't leave whitespace at the end of lines.
> Coding style is all about readability and maintainability using commonly
> available tools.
> 
> -The limit on the length of lines is 80 columns and this is a strongly
> -preferred limit.
> -
> -Statements longer than 80 columns will be broken into sensible chunks, unless
> -exceeding 80 columns significantly increases readability and does not hide
> -information. Descendants are always substantially shorter than the parent and
> -are placed substantially to the right. The same applies to function headers
> -with a long argument list. However, never break user-visible strings such as
> -printk messages, because that breaks the ability to grep for them.
> +The preferred limit on the length of a single line is 80 columns.
> +
> +Statements longer than 80 columns should be broken into sensible chunks,
> +unless exceeding 80 columns significantly increases readability and does
> +not hide information.
> +
> +Statements may be up to 100 columns when appropriate.
> +
> +Descendants are always substantially shorter than the parent and are
> +are placed substantially to the right.  A very commonly used style
> +is to align descendants to a function open parenthesis.
> +
> +These same rules are applied to function headers with a long argument list.
> +
> +However, never break user-visible strings such as printk messages because
> +that breaks the ability to grep for them.
> 
> 
> 3) Placing Braces and Spaces
> diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
> index dd750241958b..5f00df2c3f59 100755
> --- a/scripts/checkpatch.pl
> +++ b/scripts/checkpatch.pl
> @@ -53,7 +53,7 @@ my %ignore_type = ();
> my @ignore = ();
> my $help = 0;
> my $configuration_file = ".checkpatch.conf";
> -my $max_line_length = 80;
> +my $max_line_length = 100;
> my $ignore_perl_version = 0;
> my $minimum_perl_version = 5.10.0;
> my $min_conf_desc_length = 4;
> @@ -99,9 +99,11 @@ Options:
>   --types TYPE(,TYPE2...)    show only these comma separated message types
>   --ignore TYPE(,TYPE2...)   ignore various comma separated message types
>   --show-types               show the specific message type in the output
> -  --max-line-length=n        set the maximum line length, if exceeded, warn
> +  --max-line-length=n        set the maximum line length, (default $max_line_length)
> +                             if exceeded, warn on patches
> +                             requires --strict for use with --file
>   --min-conf-desc-length=n   set the min description length, if shorter, warn
> -  --tab-size=n               set the number of spaces for tab (default 8)
> +  --tab-size=n               set the number of spaces for tab (default $tabsize)
>   --root=PATH                PATH to the kernel tree root
>   --no-summary               suppress the per-file summary
>   --mailback                 only produce a report in case of warnings/errors
> @@ -3282,8 +3284,10 @@ sub process {
> 
> 			if ($msg_type ne "" &&
> 			    (show_type("LONG_LINE") || show_type($msg_type))) {
> -				WARN($msg_type,
> -				     "line over $max_line_length characters\n" . $herecurr);
> +				my $msg_level = \&WARN;
> +				$msg_level = \&CHK if ($file);
> +				&{$msg_level}($msg_type,
> +					      "line length of $length exceeds $max_line_length columns\n" . $herecurr);
> 			}
> 		}
> 
> 


Cheers, Andreas






[-- Attachment #2: Message signed with OpenPGP --]
[-- Type: application/pgp-signature, Size: 873 bytes --]

^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: [PATCH] checkpatch/coding-style: Allow 100 column lines
  2020-05-30 22:14           ` Andreas Dilger
@ 2020-05-30 23:15             ` Joe Perches
  0 siblings, 0 replies; 47+ messages in thread
From: Joe Perches @ 2020-05-30 23:15 UTC (permalink / raw)
  To: Andreas Dilger
  Cc: Linus Torvalds, David Laight, Casey Schaufler, David Howells,
	Christoph Hellwig, Al Viro, Ian Kent, Linux Kernel Mailing List,
	linux-fsdevel, LSM List, NetFilter

On Sat, 2020-05-30 at 16:14 -0600, Andreas Dilger wrote:
> On May 29, 2020, at 5:12 PM, Joe Perches <joe@perches.com> wrote:
> > Change the maximum allowed line length to 100 from 80.
> 
> What is the benefit/motivation for changing this?  The vast majority
> of files are wrapped at 80 columns, and if some files start being
> wrapped at 100 columns they will either display poorly on 80-column
> terminals, or a lot of dead space will show in 100-column terminals.

YA Linus bleat in this thread.
I don't much care one way or any other.

https://lore.kernel.org/lkml/CAHk-=wj3iGQqjpvc+gf6+C29Jo4COj6OQQFzdY0h5qvYKTdCow@mail.gmail.com/

and

https://lore.kernel.org/lkml/CAHk-=wjR0H3+2ba0UUWwoYzYBH0GX9yTf5dj2MZyo0xvyzvJnA@mail.gmail.com/



^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: Re: [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write
  2020-05-29 12:32     ` Christoph Hellwig
@ 2020-05-31 23:59       ` Logan Gunthorpe
  0 siblings, 0 replies; 47+ messages in thread
From: Logan Gunthorpe @ 2020-05-31 23:59 UTC (permalink / raw)
  To: Christoph Hellwig, Linus Torvalds
  Cc: Al Viro, Ian Kent, David Howells, Linux Kernel Mailing List,
	linux-fsdevel, LSM List, NetFilter



On 2020-05-29 6:32 a.m., Christoph Hellwig wrote:
> On Thu, May 28, 2020 at 11:43:13AM -0700, Linus Torvalds wrote:
>> On Wed, May 27, 2020 at 10:41 PM Christoph Hellwig <hch@lst.de> wrote:
>>>
>>> -ssize_t __kernel_write(struct file *file, const void *buf, size_t count, loff_t *pos)
>>> +ssize_t __kernel_write(struct file *file, const void *buf, size_t count,
>>> +               loff_t *pos)
>>
>> Please don't do these kinds of pointless whitespace changes.
>>
>> If you have an actual 80x25 vt100 sitting in a corner, it's not really
>> conducive to kernel development any more.
> 
> I have real 80x25 xterms, as that allows me to comfortably fit 4 of
> them onto my latop screen.

I second this. Doing work on a compact laptop is a legitimate use case
and we can't all lug around big monitors with our laptops. I also find
more terminals on a screen to be more productive.

I'd also like to make the point that I never thought the width limit was
all that related to the hardware. It's been widely accepted for ages
that it's easier to read narrower blocks of text (try reading a book on
a landscape tablet: it's very difficult and causes eye strain). This is
why newspapers and magazines have always laid out their text in columns
and professional websites limit the width of their content. They have
the hardware to write much longer lines but chose not to for
readability. (Sadly, the *one* news source that I respect that doesn't
do this is LWN and I have to resort to reader view in Firefox to make it
readable.)

Furthermore, I find enforcing a line length limit on newer coders is one
of the easiest ways to improve the readability of their code. Without
it, I've seen developers generate lines of code that don't even fit in
the full width of a standard monitor. Putting in a little extra effort
to try to be clear in a shorter line (or adding more lines) usually pays
off in spades for readability. Or, it at least gets them to start
thinking about readability as an important concern. 90% of the time it
is better to refactor code that doesn't fit comfortably within the line
length limit than it is to violate it.

I personally set my terminal size to 80 chars because I believe it helps
the readability of the code I write. It has nothing to do with the width
of my monitor or the amount of characters I could theoretically fit
across my screen.

Logan

^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: clean up kernel_{read,write} & friends v2
  2020-05-29 19:19       ` Linus Torvalds
  2020-05-29 22:02         ` Casey Schaufler
  2020-05-29 23:12         ` [PATCH] checkpatch/coding-style: Allow 100 column lines Joe Perches
@ 2020-06-05  6:36         ` Philippe Mathieu-Daudé
  2020-06-05 15:00           ` Nicolas Pitre
  2 siblings, 1 reply; 47+ messages in thread
From: Philippe Mathieu-Daudé @ 2020-06-05  6:36 UTC (permalink / raw)
  To: Linus Torvalds, David Laight
  Cc: Casey Schaufler, David Howells, Christoph Hellwig, Al Viro,
	Ian Kent, Linux Kernel Mailing List, linux-fsdevel, LSM List,
	NetFilter, Nicolas Pitre, Joe Perches

Hi Linus,

On 5/29/20 9:19 PM, Linus Torvalds wrote:
> On Fri, May 29, 2020 at 6:08 AM David Laight <David.Laight@aculab.com> wrote:
>>
>> A wide monitor is for looking at lots of files.
> 
> Not necessarily.
> 
> Excessive line breaks are BAD. They cause real and every-day problems.
> 
> They cause problems for things like "grep" both in the patterns and in
> the output, since grep (and a lot of other very basic unix utilities)
> is fundamentally line-based.
> 
> So the fact is, many of us have long long since skipped the whole
> "80-column terminal" model, for the same reason that we have many more
> lines than 25 lines visible at a time.
> 
> And honestly, I don't want to see patches that make the kernel reading
> experience worse for me and likely for the vast majority of people,
> based on the argument that some odd people have small terminal
> windows.
> 
> If you or Christoph have 80 character lines, you'll get possibly ugly
> wrapped output. Tough. That's _your_ choice. Your hardware limitations
> shouldn't be a pain for the rest of us.

Unfortunately refreshable braille displays have that "hardware
limitations". 80 cells displays are very expensive.
Visual impairments is rarely a "choice".
Relaxing the 80-char limit make it harder for blind developers
to contribute.

> Longer lines are fundamentally useful. My monitor is not only a lot
> wider than it is tall, my fonts are universally narrower than they are
> tall. Long lines are natural.
> 
> When I tile my terminal windows on my display, I can have 6 terminals
> visible at one time, and that's because I have them three wide. And I
> could still fit 80% of a fourth one side-by-side.
> 
> And guess what? That's with my default "100x50" terminal window (go to
> your gnome terminal settings, you'll find that the 80x25 thing is just
> an initial default that you can change), not with some 80x25 one. And
> that's with a font that has anti-aliasing and isn't some pixelated
> mess.
> 
> And most of my terminals actually end up being dragged wider and
> taller than that. I checked, and my main one is 142x76 characters
> right now, because it turns out that wider (and taller) terminals are
> useful not just for source code.
> 
> Have you looked at "ps ax" output lately? Or used "top"? Or done "git
> diff --stat" or any number of things where it turns out that 80x25 is
> really really limiting, and is simply NO LONGER RELEVANT to most of
> us.
> 
> So no. I do not care about somebody with a 80x25 terminal window
> getting line wrapping.
> 
> For exactly the same reason I find it completely irrelevant if
> somebody says that their kernel compile takes 10 hours because they
> are doing kernel development on a Raspberry PI with 4GB of RAM.
> 
> People with restrictive hardware shouldn't make it more inconvenient
> for people who have better resources. Yes, we'll accommodate things to
> within reasonable limits. But no, 80-column terminals in 2020 isn't
> "reasonable" any more as far as I'm concerned. People commonly used
> 132-column terminals even back in the 80's, for chrissake, don't try
> to make 80 columns some immovable standard.
> 
> If you choose to use a 80-column terminal, you can live with the line
> wrapping. It's just that simple.
> 
> And longer lines are simply useful. Part of that is that we aren't
> programming in the 80's any more, and our source code is fundamentally
> wider as a result.
> 
> Yes, local iteration variables are still called 'i', because more
> context just isn't helpful for some anonymous counter. Being concise
> is still a good thing, and overly verbose names are not inherently
> better.
> 
> But still - it's entirely reasonable to have variable names that are
> 10-15 characters and it makes the code more legible. Writing things
> out instead of using abbreviations etc.
> 
> And yes, we do use wide tabs, because that makes indentation something
> you can visually see in the structure at a glance and on a
> whole-function basis, rather than something you have to try to
> visually "line up" things for or count spaces.
> 
> So we have lots of fairly fundamental issues that fairly easily make
> for longer lines in many circumstances.
> 
> And yes, we do line breaks at some point. But there really isn't any
> reason to make that point be 80 columns any more.
> 
>                   Linus

Regards,

Phil.

^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: clean up kernel_{read,write} & friends v2
  2020-06-05  6:36         ` clean up kernel_{read,write} & friends v2 Philippe Mathieu-Daudé
@ 2020-06-05 15:00           ` Nicolas Pitre
  0 siblings, 0 replies; 47+ messages in thread
From: Nicolas Pitre @ 2020-06-05 15:00 UTC (permalink / raw)
  To: Philippe Mathieu-Daudé
  Cc: Linus Torvalds, David Laight, Casey Schaufler, David Howells,
	Christoph Hellwig, Al Viro, Ian Kent, Linux Kernel Mailing List,
	linux-fsdevel, LSM List, NetFilter, Joe Perches


[-- Attachment #1: Type: text/plain, Size: 1052 bytes --]

On Fri, 5 Jun 2020, Philippe Mathieu-Daudé wrote:

> Unfortunately refreshable braille displays have that "hardware
> limitations". 80 cells displays are very expensive.
> Visual impairments is rarely a "choice".
> Relaxing the 80-char limit make it harder for blind developers
> to contribute.

Well, not really.

It is true that 80-cells displays are awfully expensive. IMHO they are 
also unwieldy due to their size: they are hardly portable, and they 
require your hands to move twice as far which may sometimes impair 
reading efficiency. So I never liked them.

My braille display has 40 cells only. So even with a 80-cells limit I 
always had to pan the display to see the whole line anyway.

My text console is set to 160x128. The trick here is to have the number 
of columns be a multiple of the braille display's width to avoid dead 
areas when panning to the right.

So if you ask me, I'm not against relaxing the 80 columns limit for 
code. What really matters to me is that I can stay clear of any GUI.


Nicolas

^ permalink raw reply	[flat|nested] 47+ messages in thread

* [PATCH 02/14] autofs: switch to kernel_write
  2020-06-24 16:13 clean up kernel_{read,write} & friends v5 Christoph Hellwig
@ 2020-06-24 16:13 ` Christoph Hellwig
  0 siblings, 0 replies; 47+ messages in thread
From: Christoph Hellwig @ 2020-06-24 16:13 UTC (permalink / raw)
  To: Al Viro
  Cc: Linus Torvalds, Ian Kent, David Howells, linux-kernel,
	linux-fsdevel, linux-security-module, netfilter-devel

While pipes don't really need sb_writers projection, __kernel_write is an
interface better kept private, and the additional rw_verify_area does not
hurt here.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Acked-by: Ian Kent <raven@themaw.net>
---
 fs/autofs/waitq.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/autofs/waitq.c b/fs/autofs/waitq.c
index b04c528b19d342..74c886f7c51cbe 100644
--- a/fs/autofs/waitq.c
+++ b/fs/autofs/waitq.c
@@ -53,7 +53,7 @@ static int autofs_write(struct autofs_sb_info *sbi,
 
 	mutex_lock(&sbi->pipe_mutex);
 	while (bytes) {
-		wr = __kernel_write(file, data, bytes, &file->f_pos);
+		wr = kernel_write(file, data, bytes, &file->f_pos);
 		if (wr <= 0)
 			break;
 		data += wr;
-- 
2.26.2


^ permalink raw reply	[flat|nested] 47+ messages in thread

* Re: [PATCH 02/14] autofs: switch to kernel_write
  2020-05-13  6:56 ` [PATCH 02/14] autofs: switch to kernel_write Christoph Hellwig
@ 2020-05-14  8:25   ` Ian Kent
  0 siblings, 0 replies; 47+ messages in thread
From: Ian Kent @ 2020-05-14  8:25 UTC (permalink / raw)
  To: Christoph Hellwig, Al Viro
  Cc: David Howells, linux-kernel, linux-fsdevel,
	linux-security-module, netfilter-devel

On Wed, 2020-05-13 at 08:56 +0200, Christoph Hellwig wrote:
> While pipes don't really need sb_writers projection, __kernel_write
> is an
> interface better kept private, and the additional rw_verify_area does
> not
> hurt here.
> 
> Signed-off-by: Christoph Hellwig <hch@lst.de>

Right, should be fine AFAICS.
Acked-by: Ian Kent <raven@themaw.net>

> ---
>  fs/autofs/waitq.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/fs/autofs/waitq.c b/fs/autofs/waitq.c
> index b04c528b19d34..74c886f7c51cb 100644
> --- a/fs/autofs/waitq.c
> +++ b/fs/autofs/waitq.c
> @@ -53,7 +53,7 @@ static int autofs_write(struct autofs_sb_info *sbi,
>  
>  	mutex_lock(&sbi->pipe_mutex);
>  	while (bytes) {
> -		wr = __kernel_write(file, data, bytes, &file->f_pos);
> +		wr = kernel_write(file, data, bytes, &file->f_pos);
>  		if (wr <= 0)
>  			break;
>  		data += wr;


^ permalink raw reply	[flat|nested] 47+ messages in thread

* [PATCH 02/14] autofs: switch to kernel_write
  2020-05-13  6:56 clean up kernel_{read,write} & friends v2 Christoph Hellwig
@ 2020-05-13  6:56 ` Christoph Hellwig
  2020-05-14  8:25   ` Ian Kent
  0 siblings, 1 reply; 47+ messages in thread
From: Christoph Hellwig @ 2020-05-13  6:56 UTC (permalink / raw)
  To: Al Viro
  Cc: Ian Kent, David Howells, linux-kernel, linux-fsdevel,
	linux-security-module, netfilter-devel

While pipes don't really need sb_writers projection, __kernel_write is an
interface better kept private, and the additional rw_verify_area does not
hurt here.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 fs/autofs/waitq.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/autofs/waitq.c b/fs/autofs/waitq.c
index b04c528b19d34..74c886f7c51cb 100644
--- a/fs/autofs/waitq.c
+++ b/fs/autofs/waitq.c
@@ -53,7 +53,7 @@ static int autofs_write(struct autofs_sb_info *sbi,
 
 	mutex_lock(&sbi->pipe_mutex);
 	while (bytes) {
-		wr = __kernel_write(file, data, bytes, &file->f_pos);
+		wr = kernel_write(file, data, bytes, &file->f_pos);
 		if (wr <= 0)
 			break;
 		data += wr;
-- 
2.26.2


^ permalink raw reply	[flat|nested] 47+ messages in thread

end of thread, back to index

Thread overview: 47+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-05-28  5:40 clean up kernel_{read,write} & friends v2 Christoph Hellwig
2020-05-28  5:40 ` [PATCH 01/14] cachefiles: switch to kernel_write Christoph Hellwig
2020-05-28  5:40 ` [PATCH 02/14] autofs: " Christoph Hellwig
2020-05-28  5:40 ` [PATCH 03/14] bpfilter: " Christoph Hellwig
2020-05-28  5:40 ` [PATCH 04/14] fs: unexport __kernel_write Christoph Hellwig
2020-05-28  5:40 ` [PATCH 05/14] fs: check FMODE_WRITE in __kernel_write Christoph Hellwig
2020-05-28  5:40 ` [PATCH 06/14] fs: remove the call_{read,write}_iter functions Christoph Hellwig
2020-05-28 18:56   ` Al Viro
2020-05-29  5:51     ` Christoph Hellwig
2020-05-28  5:40 ` [PATCH 07/14] fs: implement kernel_write using __kernel_write Christoph Hellwig
2020-05-28  5:40 ` [PATCH 08/14] fs: remove __vfs_write Christoph Hellwig
2020-05-28  5:40 ` [PATCH 09/14] fs: don't change the address limit for ->write_iter in __kernel_write Christoph Hellwig
2020-05-28 18:43   ` Linus Torvalds
2020-05-29 12:32     ` Christoph Hellwig
2020-05-31 23:59       ` Logan Gunthorpe
2020-05-28 19:00   ` Al Viro
2020-05-29  5:57     ` Christoph Hellwig
2020-05-29 13:37       ` Christoph Hellwig
2020-05-28  5:40 ` [PATCH 10/14] fs: add a __kernel_read helper Christoph Hellwig
2020-05-28  5:40 ` [PATCH 11/14] integrity/ima: switch to using __kernel_read Christoph Hellwig
2020-05-28  5:40 ` [PATCH 12/14] fs: implement kernel_read " Christoph Hellwig
2020-05-28  5:40 ` [PATCH 13/14] fs: remove __vfs_read Christoph Hellwig
2020-05-28  5:40 ` [PATCH 14/14] fs: don't change the address limit for ->read_iter in __kernel_read Christoph Hellwig
2020-05-28 19:03   ` Al Viro
2020-05-28 18:51 ` clean up kernel_{read,write} & friends v2 Linus Torvalds
2020-05-28 18:57   ` Sedat Dilek
2020-05-28 19:22   ` Joe Perches
2020-05-28 19:33     ` Al Viro
2020-05-28 19:44       ` Matthew Wilcox
2020-05-28 20:06         ` Al Viro
2020-05-28 20:14           ` Deucher, Alexander
2020-05-28 20:18         ` Joe Perches
2020-05-28 20:29       ` Dave Airlie
2020-05-28 21:03     ` Joe Perches
2020-05-28 20:17 ` David Howells
2020-05-28 21:20   ` Casey Schaufler
2020-05-29 13:08     ` David Laight
2020-05-29 19:19       ` Linus Torvalds
2020-05-29 22:02         ` Casey Schaufler
2020-05-29 23:12         ` [PATCH] checkpatch/coding-style: Allow 100 column lines Joe Perches
2020-05-30 22:14           ` Andreas Dilger
2020-05-30 23:15             ` Joe Perches
2020-06-05  6:36         ` clean up kernel_{read,write} & friends v2 Philippe Mathieu-Daudé
2020-06-05 15:00           ` Nicolas Pitre
  -- strict thread matches above, loose matches on Subject: below --
2020-06-24 16:13 clean up kernel_{read,write} & friends v5 Christoph Hellwig
2020-06-24 16:13 ` [PATCH 02/14] autofs: switch to kernel_write Christoph Hellwig
2020-05-13  6:56 clean up kernel_{read,write} & friends v2 Christoph Hellwig
2020-05-13  6:56 ` [PATCH 02/14] autofs: switch to kernel_write Christoph Hellwig
2020-05-14  8:25   ` Ian Kent

Linux-Security-Module Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-security-module/0 linux-security-module/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-security-module linux-security-module/ https://lore.kernel.org/linux-security-module \
		linux-security-module@vger.kernel.org
	public-inbox-index linux-security-module

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-security-module


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git