* Using memcpy instead of copy_to_user. xprtrdma code.
@ 2022-01-25 18:03 Aleksey Senin
2022-01-25 22:21 ` David Laight
0 siblings, 1 reply; 3+ messages in thread
From: Aleksey Senin @ 2022-01-25 18:03 UTC (permalink / raw)
To: linux-kernel
This specific patch - - implements using memcpy instead of
copy_to_user. Why is it considered to be safe in this specific case?
All readings about how to copy data are mentioning to use
copy_to_user/copy_from_user. Why use direct copy here? What prevents
the kernel from failure if the page is not present or doesn't have
required access rights?
@@ -103,8 +102,8 @@ static int read_reset_stat(struct ctl_table
*table, int write,
len -= *ppos;
if (len > *lenp)
len = *lenp;
- if (len && copy_to_user(buffer, str_buf, len))
- return -EFAULT;
+ if (len)
+ memcpy(buffer, str_buf, len);
Reference to the specific patch in the services of commits:
https://lkml.org/lkml/2020/4/17/60
Commit itself:
32927393dc1ccd60fb2bdc05b9e8e88753761469
^ permalink raw reply [flat|nested] 3+ messages in thread
* RE: Using memcpy instead of copy_to_user. xprtrdma code.
2022-01-25 18:03 Using memcpy instead of copy_to_user. xprtrdma code Aleksey Senin
@ 2022-01-25 22:21 ` David Laight
2022-01-25 23:56 ` Aleksey Senin
0 siblings, 1 reply; 3+ messages in thread
From: David Laight @ 2022-01-25 22:21 UTC (permalink / raw)
To: 'Aleksey Senin', linux-kernel
From: Aleksey Senin <aleksey-linux-kernel@senin.name>
> Sent: 25 January 2022 18:04
>
> This specific patch - - implements using memcpy instead of
> copy_to_user. Why is it considered to be safe in this specific case?
> All readings about how to copy data are mentioning to use
> copy_to_user/copy_from_user. Why use direct copy here? What prevents
> the kernel from failure if the page is not present or doesn't have
> required access rights?
>
> @@ -103,8 +102,8 @@ static int read_reset_stat(struct ctl_table
> *table, int write,
> len -= *ppos;
> if (len > *lenp)
> len = *lenp;
> - if (len && copy_to_user(buffer, str_buf, len))
> - return -EFAULT;
> + if (len)
> + memcpy(buffer, str_buf, len);
>
> Reference to the specific patch in the services of commits:
> https://lkml.org/lkml/2020/4/17/60
Read the commit message.
>
> Commit itself:
> 32927393dc1ccd60fb2bdc05b9e8e88753761469
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Using memcpy instead of copy_to_user. xprtrdma code.
2022-01-25 22:21 ` David Laight
@ 2022-01-25 23:56 ` Aleksey Senin
0 siblings, 0 replies; 3+ messages in thread
From: Aleksey Senin @ 2022-01-25 23:56 UTC (permalink / raw)
To: David Laight; +Cc: linux-kernel
Hi,
It seems clue is in new proc_sys_call_handler code that allocates the
kernel buffer first, calls to particular function and than copying
obtained buffer to user space using copy_to_user. Right?
On Tue, Jan 25, 2022 at 4:21 PM David Laight <David.Laight@aculab.com> wrote:
>
> From: Aleksey Senin <aleksey-linux-kernel@senin.name>
> > Sent: 25 January 2022 18:04
> >
> > This specific patch - - implements using memcpy instead of
> > copy_to_user. Why is it considered to be safe in this specific case?
> > All readings about how to copy data are mentioning to use
> > copy_to_user/copy_from_user. Why use direct copy here? What prevents
> > the kernel from failure if the page is not present or doesn't have
> > required access rights?
> >
> > @@ -103,8 +102,8 @@ static int read_reset_stat(struct ctl_table
> > *table, int write,
> > len -= *ppos;
> > if (len > *lenp)
> > len = *lenp;
> > - if (len && copy_to_user(buffer, str_buf, len))
> > - return -EFAULT;
> > + if (len)
> > + memcpy(buffer, str_buf, len);
> >
> > Reference to the specific patch in the services of commits:
> > https://lkml.org/lkml/2020/4/17/60
>
> Read the commit message.
>
> >
> > Commit itself:
> > 32927393dc1ccd60fb2bdc05b9e8e88753761469
>
> -
> Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
> Registration No: 1397386 (Wales)
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-01-25 23:57 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-01-25 18:03 Using memcpy instead of copy_to_user. xprtrdma code Aleksey Senin
2022-01-25 22:21 ` David Laight
2022-01-25 23:56 ` Aleksey Senin
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).