[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAK8P3a1VkAjZyWbJEUBFsuH2096cVbXZsYX-KpZDwvvVUE3G5w@mail.gmail.com>
Date: Fri, 10 Feb 2017 12:00:03 +0100
From: Arnd Bergmann <arnd@...db.de>
To: David Laight <David.Laight@...lab.com>
Cc: Johannes Thumshirn <jthumshirn@...e.de>,
Scott Bauer <scott.bauer@...el.com>,
"linux-nvme@...ts.infradead.org" <linux-nvme@...ts.infradead.org>,
"axboe@...com" <axboe@...com>,
"keith.busch@...el.com" <keith.busch@...el.com>,
"jonathan.derrick@...el.com" <jonathan.derrick@...el.com>,
"hch@...radead.org" <hch@...radead.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-block@...r.kernel.org" <linux-block@...r.kernel.org>
Subject: Re: [PATCH V3 2/2] Move stack parameters for sed_ioctl to prevent
oversized stack with CONFIG_KASAN
On Fri, Feb 10, 2017 at 11:28 AM, David Laight <David.Laight@...lab.com> wrote:
>>
>> > - if (copy_from_user(&session, arg, sizeof(session)))
>> > - return -EFAULT;
>> > - return opal_erase_locking_range(dev, &session);
>> > + ioctl_ptr = kzalloc(cmd_size, GFP_KERNEL);
>> > + if (!ioctl_ptr)
>> > + return -ENOMEM;
>> > + if (copy_from_user(ioctl_ptr, arg, cmd_size)) {
>> > + ret = -EFAULT;
>> > + goto out;
>> > }
>>
>> Can't we use memdup_user() instead of kzalloc() + copy_from_user()?
>
> You either want the copy_from_user() or the memzero() not both.
>
> ISTM there could be two 'library' functions, maybe:
> void *get_ioctl_buf(unsigned int cmd, long arg)
> to malloc the buffer, memzero/copy_from_user, returns -EFAULT if copy fails.
> int put_ioctl_buf(int rval, unsigned int cmd, const void *buf)
> does copy_to_user() if rval >= 0 and IOR_READ, then frees buf.
> return value is rval unless the copyout fails.
All the ioctls commands in this driver are IOW, and no data is passed back
to user space, so there is no need for the memzero(): we can either copy
the data from user space or we fail.
Arnd
Powered by blists - more mailing lists