From: Arnd Bergmann <arnd@arndb.de>
To: "H. Peter Anvin" <hpa@zytor.com>
Cc: "H.J. Lu" <hjl.tools@gmail.com>,
Valdis.Kletnieks@vt.edu,
Linus Torvalds <torvalds@linux-foundation.org>,
Christoph Hellwig <hch@infradead.org>,
LKML <linux-kernel@vger.kernel.org>, Ingo Molnar <mingo@elte.hu>,
Thomas Gleixner <tglx@linutronix.de>,
Richard Kuo <rkuo@codeaurora.org>,
Mark Salter <msalter@redhat.com>, Jonas Bonn <jonas@southpole.se>,
Tobias Klauser <tklauser@distanz.ch>
Subject: Re: RFD: x32 ABI system call numbers
Date: Mon, 05 Sep 2011 22:27:37 +0200 [thread overview]
Message-ID: <2596745.EN1Uy6S4kH@wuerfel> (raw)
In-Reply-To: <4E652A36.1070101@zytor.com>
On Monday 05 September 2011 12:59:50 H. Peter Anvin wrote:
> On 09/05/2011 12:54 PM, H.J. Lu wrote:
> >
> > Since readv/writev/preadv/pwritev have const struct iovec *iov, I
> > have to copy the whole array. compat_sys seems more efficient.
> >
>
> compat_sys for these do exactly what we want, right?
Quoting from compat_rw_copy_check_uvector():
if (nr_segs > fast_segs) {
ret = -ENOMEM;
iov = kmalloc(nr_segs*sizeof(struct iovec), GFP_KERNEL);
if (iov == NULL)
goto out;
}
*ret_pointer = iov;
/*
* Single unix specification:
* We should -EINVAL if an element length is not >= 0 and fitting an
* ssize_t.
*
* In Linux, the total length is limited to MAX_RW_COUNT, there is
* no overflow possibility.
*/
tot_len = 0;
ret = -EINVAL;
for (seg = 0; seg < nr_segs; seg++) {
compat_uptr_t buf;
compat_ssize_t len;
if (__get_user(len, &uvector->iov_len) ||
__get_user(buf, &uvector->iov_base)) {
ret = -EFAULT;
goto out;
}
if (len < 0) /* size_t not fitting in compat_ssize_t .. */
goto out;
if (!access_ok(vrfy_dir(type), compat_ptr(buf), len)) {
ret = -EFAULT;
goto out;
}
if (len > MAX_RW_COUNT - tot_len)
len = MAX_RW_COUNT - tot_len;
tot_len += len;
iov->iov_base = compat_ptr(buf);
iov->iov_len = (compat_size_t) len;
uvector++;
iov++;
}
compared to native rw_copy_check_uvector():
if (copy_from_user(iov, uvector, nr_segs*sizeof(*uvector))) {
ret = -EFAULT;
goto out;
}
/*
* According to the Single Unix Specification we should return EINVAL
* if an element length is < 0 when cast to ssize_t or if the
* total length would overflow the ssize_t return value of the
* system call.
*
* Linux caps all read/write calls to MAX_RW_COUNT, and avoids the
* overflow case.
*/
ret = 0;
for (seg = 0; seg < nr_segs; seg++) {
void __user *buf = iov[seg].iov_base;
ssize_t len = (ssize_t)iov[seg].iov_len;
/* see if we we're about to use an invalid len or if
* it's about to overflow ssize_t */
if (len < 0) {
ret = -EINVAL;
goto out;
}
if (unlikely(!access_ok(vrfy_dir(type), buf, len))) {
ret = -EFAULT;
goto out;
}
if (len > MAX_RW_COUNT - ret) {
len = MAX_RW_COUNT - ret;
iov[seg].iov_len = len;
}
ret += len;
}
This is better than I thought for the compat version. The only overhead
is in reading the array in word chunks as opposed to a single memcpu for
the native case. This should barely be noticeably within the other stuff
done in the same function. So you are both right, the compat case is good.
I was assuming that this would do something worse, like an extra copy
of the data back to userspace.
Arnd
next prev parent reply other threads:[~2011-09-05 20:29 UTC|newest]
Thread overview: 94+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-08-26 23:00 RFD: x32 ABI system call numbers H. Peter Anvin
2011-08-26 23:13 ` Linus Torvalds
2011-08-26 23:39 ` H. Peter Anvin
2011-08-27 0:36 ` Linus Torvalds
2011-08-27 0:43 ` Linus Torvalds
2011-08-27 0:53 ` H. Peter Anvin
2011-08-27 1:18 ` Linus Torvalds
2011-08-27 1:35 ` H. Peter Anvin
2011-08-27 1:45 ` Linus Torvalds
2011-08-27 1:12 ` H. Peter Anvin
2011-08-27 1:42 ` Linus Torvalds
2011-08-29 19:01 ` Geert Uytterhoeven
2011-08-29 19:03 ` H. Peter Anvin
2011-08-30 1:17 ` Ted Ts'o
2011-08-30 1:48 ` Linus Torvalds
2011-08-30 2:16 ` Kyle Moffett
2011-08-30 4:45 ` H. Peter Anvin
2011-08-30 7:06 ` Geert Uytterhoeven
2011-08-30 12:18 ` Arnd Bergmann
2011-08-30 7:09 ` Andi Kleen
2011-08-30 9:56 ` Alan Cox
2011-08-30 7:00 ` Geert Uytterhoeven
2011-09-20 18:37 ` Jan Engelhardt
2011-09-06 20:40 ` Florian Weimer
2011-08-27 0:57 ` H. Peter Anvin
2011-08-27 4:40 ` Christoph Hellwig
2011-08-29 15:04 ` Arnd Bergmann
2011-08-29 18:31 ` H. Peter Anvin
2011-08-30 12:09 ` Arnd Bergmann
2011-08-30 16:35 ` H. Peter Anvin
2011-08-31 16:14 ` Arnd Bergmann
2011-08-31 16:25 ` H. Peter Anvin
2011-08-31 16:39 ` Arnd Bergmann
2011-08-31 16:48 ` Linus Torvalds
2011-08-31 19:18 ` Arnd Bergmann
2011-08-31 19:44 ` H. Peter Anvin
2011-08-31 19:54 ` Alan Cox
2011-08-31 20:02 ` H. Peter Anvin
2011-08-31 20:55 ` Arnd Bergmann
2011-08-31 20:58 ` H. Peter Anvin
2011-08-31 19:49 ` Geert Uytterhoeven
2011-08-31 16:46 ` Linus Torvalds
2011-08-31 17:05 ` H.J. Lu
2011-09-03 2:56 ` H.J. Lu
2011-09-03 3:04 ` Linus Torvalds
2011-09-03 4:02 ` H.J. Lu
2011-09-03 4:29 ` H. Peter Anvin
2011-09-03 4:44 ` H.J. Lu
2011-09-03 5:16 ` H. Peter Anvin
2011-09-03 14:11 ` H.J. Lu
2011-09-03 5:29 ` H. Peter Anvin
2011-09-03 8:41 ` Arnd Bergmann
2011-09-03 14:04 ` Valdis.Kletnieks
2011-09-03 16:40 ` H. Peter Anvin
2011-09-03 17:16 ` Valdis.Kletnieks
2011-09-03 17:22 ` H.J. Lu
2011-09-03 17:28 ` H. Peter Anvin
2011-09-03 17:27 ` H. Peter Anvin
2011-09-04 13:51 ` Valdis.Kletnieks
2011-09-04 15:17 ` Arnd Bergmann
2011-09-04 17:08 ` Linus Torvalds
2011-09-04 18:40 ` H.J. Lu
2011-09-04 19:06 ` Arnd Bergmann
2011-09-04 19:31 ` H.J. Lu
2011-09-04 21:13 ` Arnd Bergmann
2011-09-04 21:25 ` H.J. Lu
2011-09-04 21:41 ` Arnd Bergmann
2011-09-04 22:13 ` H.J. Lu
2011-09-05 7:48 ` Arnd Bergmann
2011-09-05 15:11 ` H.J. Lu
2011-09-05 17:21 ` Arnd Bergmann
2011-09-05 19:34 ` H.J. Lu
2011-09-05 19:54 ` H.J. Lu
2011-09-05 19:59 ` H. Peter Anvin
2011-09-05 20:27 ` Arnd Bergmann [this message]
2011-09-09 21:02 ` H.J. Lu
2011-09-04 20:11 ` H. Peter Anvin
2011-09-04 19:31 ` richard -rw- weinberger
2011-09-04 19:32 ` H.J. Lu
2011-09-03 14:15 ` H.J. Lu
2011-08-31 17:09 ` H. Peter Anvin
2011-08-31 17:19 ` Linus Torvalds
2011-08-31 17:38 ` H. Peter Anvin
2011-09-01 11:35 ` Arnd Bergmann
2011-10-01 19:38 ` Jonas Bonn
2012-02-08 21:36 ` 64-bit time on 32-bit systems H. Peter Anvin
2011-09-01 13:30 ` RFD: x32 ABI system call numbers Avi Kivity
2011-09-01 14:13 ` H. Peter Anvin
2011-09-02 0:49 ` Pedro Alves
2011-09-02 1:51 ` H. Peter Anvin
2011-09-02 8:02 ` Arnd Bergmann
2011-09-02 8:42 ` Pedro Alves
2011-09-01 6:08 ` Jonas Bonn
2011-09-02 6:17 ` Andy Lutomirski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2596745.EN1Uy6S4kH@wuerfel \
--to=arnd@arndb.de \
--cc=Valdis.Kletnieks@vt.edu \
--cc=hch@infradead.org \
--cc=hjl.tools@gmail.com \
--cc=hpa@zytor.com \
--cc=jonas@southpole.se \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=msalter@redhat.com \
--cc=rkuo@codeaurora.org \
--cc=tglx@linutronix.de \
--cc=tklauser@distanz.ch \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).