| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 5 Sep 2023 17:16:01 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Mateusz Guzik <mjguzik@...il.com>
Cc: Ingo Molnar <mingo@...nel.org>, linux-kernel@...r.kernel.org,
linux-arch@...r.kernel.org, bp@...en8.de
Subject: Re: [PATCH v2] x86: bring back rep movsq for user access on CPUs
without ERMS
On Tue, 5 Sept 2023 at 13:41, Mateusz Guzik <mjguzik@...il.com> wrote:
>
> @@ -312,7 +314,15 @@ int vfs_fstatat(int dfd, const char __user *filename,
> struct filename *name;
>
> name = getname_flags(filename,
> getname_statx_lookup_flags(statx_flags), NULL);
> - ret = vfs_statx(dfd, name, statx_flags, stat, STATX_BASIC_STATS);
> + /*
> + * Hack: ugliness below damage controls glibc which reimplemented fstat
> + * on top of newfstatat(fd, "", buf, AT_EMPTY_PATH). We still pay for
> + * kmalloc and user access, but elide lockref.
> + */
> + if (name->name[0] == '\0' && flags == AT_EMPTY_PATH && dfd >= 0)
> + ret = vfs_fstat(dfd, stat);
> + else
> + ret = vfs_statx(dfd, name, statx_flags, stat,
> STATX_BASIC_STATS);
> putname(name);
I actually think I might prefer the earlier hacky thing, because it
avoids the whole nasty pathname allocation thing (ie the __getname()
dance in getname_flags(), and the addition of the pathname to the
audit records etc).
I suspect your "there are no real loads that combine AT_EMPTY_PATH
with a path" comment is true.
So if we have this short-circuit of the code, let's go all hog on it,
and avoid not just the RCU lookup (with lockref etc), but the pathname
allocation too.
Linus
Powered by blists - more mailing lists