[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <6de12195ec3244b99e6026b4b46e5be2@AcuMS.aculab.com>
Date: Wed, 17 Jun 2020 15:35:20 +0000
From: David Laight <David.Laight@...LAB.COM>
To: 'Kees Cook' <keescook@...omium.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
CC: Sargun Dhillon <sargun@...gun.me>,
Christian Brauner <christian@...uner.io>,
"David S. Miller" <davem@...emloft.net>,
"Christoph Hellwig" <hch@....de>, Tycho Andersen <tycho@...ho.ws>,
Jakub Kicinski <kuba@...nel.org>,
Alexander Viro <viro@...iv.linux.org.uk>,
Aleksa Sarai <cyphar@...har.com>,
Matt Denton <mpdenton@...gle.com>,
Jann Horn <jannh@...gle.com>, Chris Palmer <palmer@...gle.com>,
Robert Sesek <rsesek@...gle.com>,
Giuseppe Scrivano <gscrivan@...hat.com>,
"Greg Kroah-Hartman" <gregkh@...uxfoundation.org>,
Andy Lutomirski <luto@...capital.net>,
Will Drewry <wad@...omium.org>, Shuah Khan <shuah@...nel.org>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"containers@...ts.linux-foundation.org"
<containers@...ts.linux-foundation.org>,
"linux-api@...r.kernel.org" <linux-api@...r.kernel.org>,
"linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>,
"linux-kselftest@...r.kernel.org" <linux-kselftest@...r.kernel.org>
Subject: RE: [PATCH v4 03/11] fs: Add fd_install_received() wrapper for
__fd_install_received()
From: Kees Cook
> Sent: 16 June 2020 04:25
>
> For both pidfd and seccomp, the __user pointer is not used. Update
> __fd_install_received() to make writing to ufd optional. (ufd
> itself cannot checked for NULL because this changes the SCM_RIGHTS
> interface behavior.) In these cases, the new fd needs to be returned
> on success. Update the existing callers to handle it. Add new wrapper
> fd_install_received() for pidfd and seccomp that does not use the ufd
> argument.
...>
> static inline int fd_install_received_user(struct file *file, int __user *ufd,
> unsigned int o_flags)
> {
> - return __fd_install_received(file, ufd, o_flags);
> + return __fd_install_received(file, true, ufd, o_flags);
> +}
Can you get rid of the 'return user' parameter by adding
if (!ufd) return -EFAULT;
to the above wrapper, then checking for NULL in the function?
Or does that do the wrong horrid things in the fail path?
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
Powered by blists - more mailing lists