From: Christian Borntraeger <borntraeger@de.ibm.com>
To: Markus Elfring <Markus.Elfring@web.de>,
linux-s390@vger.kernel.org, Joe Perches <joe@perches.com>,
Harald Freudenberger <freude@linux.ibm.com>,
Heiko Carstens <heiko.carstens@de.ibm.com>,
Ingo Franzki <ifranzki@linux.ibm.com>,
Vasily Gorbik <gor@linux.ibm.com>
Cc: LKML <linux-kernel@vger.kernel.org>, kernel-janitors@vger.kernel.org
Subject: Re: [PATCH v2] s390/pkey: Use memdup_user() rather than duplicating its implementation
Date: Thu, 7 Nov 2019 13:44:11 +0100 [thread overview]
Message-ID: <833d7d5e-6ede-6bdd-a2cc-2da7f0b03908@de.ibm.com> (raw)
In-Reply-To: <deb7893f-3cfe-18fc-3feb-b26b290bf3c6@web.de>
On 07.11.19 11:06, Markus Elfring wrote:
> From: Markus Elfring <elfring@users.sourceforge.net>
> Date: Thu, 7 Nov 2019 10:40:18 +0100
>
> Reuse existing functionality from memdup_user() instead of keeping
> duplicate source code.
>
> Generated by: scripts/coccinelle/api/memdup_user.cocci
>
> Delete local variables which became unnecessary with this refactoring
> in two function implementations.
>
> Fixes: f2bbc96e7cfad3891b7bf9bd3e566b9b7ab4553d ("s390/pkey: add CCA AES cipher key support")
With that patch description, the Fixes tag is wrong...but (see below)
> Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
> ---
>
> v2:
> Further changes were requested by Joe Perches.
> https://lore.kernel.org/r/6137855bb4170c438c7436cbdb7dfd21639a8855.camel@perches.com/
>
> * The proposed usage of two conditional operators was replaced by
> an other code structure.
>
> * A sanity check was adjusted for the function “_copy_apqns_from_user”.
>
>
> drivers/s390/crypto/pkey_api.c | 26 ++++----------------------
> 1 file changed, 4 insertions(+), 22 deletions(-)
>
> diff --git a/drivers/s390/crypto/pkey_api.c b/drivers/s390/crypto/pkey_api.c
> index 9de3d46b3253..ac99fd97569d 100644
> --- a/drivers/s390/crypto/pkey_api.c
> +++ b/drivers/s390/crypto/pkey_api.c
> @@ -715,36 +715,18 @@ static int pkey_apqns4keytype(enum pkey_key_type ktype,
>
> static void *_copy_key_from_user(void __user *ukey, size_t keylen)
> {
> - void *kkey;
> -
> if (!ukey || keylen < MINKEYBLOBSIZE || keylen > KEYBLOBBUFSIZE)
> return ERR_PTR(-EINVAL);
> - kkey = kmalloc(keylen, GFP_KERNEL);
> - if (!kkey)
> - return ERR_PTR(-ENOMEM);
> - if (copy_from_user(kkey, ukey, keylen)) {
> - kfree(kkey);
> - return ERR_PTR(-EFAULT);
> - }
>
> - return kkey;
> + return memdup_user(ukey, keylen);
This part looks good
> }
>
> static void *_copy_apqns_from_user(void __user *uapqns, size_t nr_apqns)
> {
This part below is not an equivalent replacement. In fact you are fixing a bug here...
> - void *kapqns = NULL;
> - size_t nbytes;
> -
> - if (uapqns && nr_apqns > 0) {
> - nbytes = nr_apqns * sizeof(struct pkey_apqn);
> - kapqns = kmalloc(nbytes, GFP_KERNEL);
> - if (!kapqns)
> - return ERR_PTR(-ENOMEM);
> - if (copy_from_user(kapqns, uapqns, nbytes))
.... here we would need to kfree kapqns, but we do not. So this is
a memory leak. Isnt it?
So indeed this is fixing something. But please rework your the patch
description accordingly.
> - return ERR_PTR(-EFAULT);
> - }
> + if (!uapqns || nr_apqns <= 0)
> + return NULL;
>
> - return kapqns;
> + return memdup_user(uapqns, nr_apqns * sizeof(struct pkey_apqn));
> }
>
> static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd,
> --
> 2.24.0
>
next prev parent reply other threads:[~2019-11-07 12:45 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-06 10:22 [PATCH] s390/pkey: Use memdup_user() rather than duplicating its implementation Markus Elfring
2019-11-06 10:38 ` Joe Perches
2019-11-06 13:00 ` Markus Elfring
2019-11-06 17:29 ` Joe Perches
2019-11-06 18:55 ` Markus Elfring
2019-11-06 19:01 ` Joe Perches
2019-11-06 19:18 ` Markus Elfring
2019-11-06 13:00 ` Markus Elfring
2019-11-06 18:30 ` Christian Borntraeger
2019-11-07 6:48 ` Dan Carpenter
2019-11-07 8:07 ` Christian Borntraeger
2019-11-07 10:06 ` [PATCH v2] " Markus Elfring
2019-11-07 12:44 ` Christian Borntraeger [this message]
2019-11-07 13:45 ` Markus Elfring
2019-11-07 13:54 ` Christian Borntraeger
2019-11-07 14:27 ` Markus Elfring
2019-11-08 11:32 ` Christian Borntraeger
2019-11-08 17:14 ` [PATCH v3] " Markus Elfring
2019-11-11 7:54 ` Christian Borntraeger
2019-11-11 8:11 ` [v3] " Markus Elfring
2019-11-11 8:27 ` Christian Borntraeger
2019-11-11 8:42 ` Markus Elfring
2019-11-11 8:56 ` Christian Borntraeger
2019-11-11 9:06 ` Markus Elfring
2019-11-11 9:08 ` Christian Borntraeger
2019-11-11 9:17 ` Markus Elfring
2019-11-11 9:18 ` Christian Borntraeger
2019-11-11 9:26 ` Markus Elfring
2019-11-11 14:45 ` [PATCH v4] s390/pkey: Fix memory leak in error case by using memdup_user() rather than open coding Markus Elfring
2019-11-11 16:40 ` Christian Borntraeger
2019-11-13 17:09 ` [v4] " Markus Elfring
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=833d7d5e-6ede-6bdd-a2cc-2da7f0b03908@de.ibm.com \
--to=borntraeger@de.ibm.com \
--cc=Markus.Elfring@web.de \
--cc=freude@linux.ibm.com \
--cc=gor@linux.ibm.com \
--cc=heiko.carstens@de.ibm.com \
--cc=ifranzki@linux.ibm.com \
--cc=joe@perches.com \
--cc=kernel-janitors@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).