linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Linus Torvalds <torvalds@linux-foundation.org>
To: David Laight <David.Laight@aculab.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>,
	Guenter Roeck <linux@roeck-us.net>,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
	linux-fsdevel <linux-fsdevel@vger.kernel.org>
Subject: Re: [PATCH] Convert filldir[64]() from __put_user() to unsafe_put_user()
Date: Mon, 7 Oct 2019 11:11:09 -0700	[thread overview]
Message-ID: <CAHk-=wjF2fkhuN8N-MnTwvzNig83XdQK50nir8oieF7jV6Om=A@mail.gmail.com> (raw)
In-Reply-To: <c58c2a8a5366409abd4169d10a58196a@AcuMS.aculab.com>

On Mon, Oct 7, 2019 at 8:40 AM David Laight <David.Laight@aculab.com> wrote:
>
> You don't really want an extra access_ok() for every 'word' of a copy.

Yes you do.

> Some copies have to be done a word at a time.

Completely immaterial. If you can't see the access_ok() close to the
__get/put_user(), you have a bug.

Plus the access_ok() is cheap. The real cost is the STAC/CLAC.

So stop with the access_ok() "optimizations". They are broken garbage.

Really.

I've been very close to just removing __get_user/__put_user several
times, exactly because people do completely the wrong thing with them
- not speeding code up, but making it unsafe and buggy.

The new "user_access_begin/end()" model is much better, but it also
has actual STATIC checking that there are no function calls etc inside
th4e region, so it forces you to do the loop properly and tightly, and
not the incorrect "I checked the range somewhere else, now I'm doing
an unsafe copy".

And it actually speeds things up, unlike the access_ok() games.

               Linus

  reply	other threads:[~2019-10-07 18:11 UTC|newest]

Thread overview: 75+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-10-06 22:20 [PATCH] Convert filldir[64]() from __put_user() to unsafe_put_user() Guenter Roeck
2019-10-06 23:06 ` Linus Torvalds
2019-10-06 23:35   ` Linus Torvalds
2019-10-07  0:04     ` Guenter Roeck
2019-10-07  1:17       ` Linus Torvalds
2019-10-07  1:24         ` Al Viro
2019-10-07  2:06           ` Linus Torvalds
2019-10-07  2:50             ` Al Viro
2019-10-07  3:11               ` Linus Torvalds
2019-10-07 15:40                 ` David Laight
2019-10-07 18:11                   ` Linus Torvalds [this message]
2019-10-08  9:58                     ` David Laight
2019-10-07 17:34                 ` Al Viro
2019-10-07 18:13                   ` Linus Torvalds
2019-10-07 18:22                     ` Al Viro
2019-10-07 18:26                 ` Linus Torvalds
2019-10-07 18:36                   ` Tony Luck
2019-10-07 19:08                     ` Linus Torvalds
2019-10-07 19:49                       ` Tony Luck
2019-10-07 20:04                         ` Linus Torvalds
2019-10-08  3:29                   ` Al Viro
2019-10-08  4:09                     ` Linus Torvalds
2019-10-08  4:14                       ` Linus Torvalds
2019-10-08  5:02                         ` Al Viro
2019-10-08  4:24                       ` Linus Torvalds
2019-10-10 19:55                         ` Al Viro
2019-10-10 22:12                           ` Linus Torvalds
2019-10-11  0:11                             ` Al Viro
2019-10-11  0:31                               ` Linus Torvalds
2019-10-13 18:13                                 ` Al Viro
2019-10-13 18:43                                   ` Linus Torvalds
2019-10-13 19:10                                     ` Al Viro
2019-10-13 19:22                                       ` Linus Torvalds
2019-10-13 19:59                                         ` Al Viro
2019-10-13 20:20                                           ` Linus Torvalds
2019-10-15  3:46                                             ` Michael Ellerman
2019-10-15 18:08                                           ` Al Viro
2019-10-15 19:00                                             ` Linus Torvalds
2019-10-15 19:40                                               ` Al Viro
2019-10-15 20:18                                                 ` Al Viro
2019-10-16 12:12                                             ` [RFC] change of calling conventions for arch_futex_atomic_op_inuser() Al Viro
2019-10-16 12:24                                               ` Thomas Gleixner
2019-10-16 20:25                                         ` [PATCH] Convert filldir[64]() from __put_user() to unsafe_put_user() Al Viro
2019-10-17 19:36                                           ` [RFC][PATCHES] drivers/scsi/sg.c uaccess cleanups/fixes Al Viro
2019-10-17 19:39                                             ` [RFC PATCH 1/8] sg_ioctl(): fix copyout handling Al Viro
2019-10-17 19:39                                               ` [RFC PATCH 2/8] sg_new_write(): replace access_ok() + __copy_from_user() with copy_from_user() Al Viro
2019-10-17 19:39                                               ` [RFC PATCH 3/8] sg_write(): __get_user() can fail Al Viro
2019-10-17 19:39                                               ` [RFC PATCH 4/8] sg_read(): simplify reading ->pack_id of userland sg_io_hdr_t Al Viro
2019-10-17 19:39                                               ` [RFC PATCH 5/8] sg_new_write(): don't bother with access_ok Al Viro
2019-10-17 19:39                                               ` [RFC PATCH 6/8] sg_read(): get rid of access_ok()/__copy_..._user() Al Viro
2019-10-17 19:39                                               ` [RFC PATCH 7/8] sg_write(): get rid of access_ok()/__copy_from_user()/__get_user() Al Viro
2019-10-17 19:39                                               ` [RFC PATCH 8/8] SG_IO: get rid of access_ok() Al Viro
2019-10-17 21:44                                             ` [RFC][PATCHES] drivers/scsi/sg.c uaccess cleanups/fixes Douglas Gilbert
2019-11-05  4:54                                             ` Martin K. Petersen
2019-11-05  5:25                                               ` Al Viro
2019-11-06  4:29                                                 ` Martin K. Petersen
2019-10-18  0:27                                           ` [RFC] csum_and_copy_from_user() semantics Al Viro
2019-10-25 14:01                                       ` [PATCH] Convert filldir[64]() from __put_user() to unsafe_put_user() Thomas Gleixner
2019-10-08  4:57                       ` Al Viro
2019-10-08 13:14                         ` Greg KH
2019-10-08 15:29                           ` Al Viro
2019-10-08 15:38                             ` Greg KH
2019-10-08 17:06                               ` Al Viro
2019-10-08 19:58                   ` Al Viro
2019-10-08 20:16                     ` Al Viro
2019-10-08 20:34                     ` Al Viro
2019-10-07  2:30         ` Guenter Roeck
2019-10-07  3:12           ` Linus Torvalds
2019-10-07  0:23   ` Guenter Roeck
2019-10-07  4:04 ` Max Filippov
2019-10-07 12:16   ` Guenter Roeck
2019-10-07 19:21 ` Linus Torvalds
2019-10-07 20:29   ` Guenter Roeck
2019-10-07 23:27   ` Guenter Roeck
2019-10-08  6:28     ` Geert Uytterhoeven

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAHk-=wjF2fkhuN8N-MnTwvzNig83XdQK50nir8oieF7jV6Om=A@mail.gmail.com' \
    --to=torvalds@linux-foundation.org \
    --cc=David.Laight@aculab.com \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux@roeck-us.net \
    --cc=viro@zeniv.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).