lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sat, 13 May 2017 20:56:59 +0100
From:   Al Viro <viro@...IV.linux.org.uk>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        "linux-arch@...r.kernel.org" <linux-arch@...r.kernel.org>
Subject: Re: [git pull] uaccess-related bits of vfs.git

On Sat, May 13, 2017 at 12:00:10PM -0700, Linus Torvalds wrote:
> > We should probably even consider looking at __get_user/__put_user().
> > Few of them are actually performance-critical.
> 
> Look at that date. It's over two years ago. In the intervening two
> years, how many of those conversions have happened?
> 
> Here's a hint: it's a very very round number.

FWIW, just this cycle (this one I remembered off-hand, there might be
more):

commit edb88cef0570914375d461107759cf0d6d677ed5
Author: Arnd Bergmann <arnd@...db.de>
Date:   Sat Apr 22 00:02:31 2017 +0200

    scsi: pmcraid: use normal copy_from_user
    
    As pointed out by Al Viro for my previous series, the driver has no need
    to call access_ok() and __copy_from_user()/__copy_to_user(). Changing
    it to regular copy_from_user()/copy_to_user() simplifies the code without
    any real downsides, making it less error-prone at best.
    
    This patch by itself also addresses the warning about the access_ok()
    macro on MIPS, but both fixes improve the code, so ideally we apply
    them both.
    
    Signed-off-by: Arnd Bergmann <arnd@...db.de>
    Reviewed-by: Christoph Hellwig <hch@....de>
    Signed-off-by: Martin K. Petersen <martin.petersen@...cle.com>

Powered by blists - more mailing lists