David Laight
2020-May-14 09:51 UTC
[Ocfs2-devel] [PATCH 32/33] sctp: add sctp_sock_get_primary_addr
From: Marcelo Ricardo Leitner> Sent: 13 May 2020 19:03 > > On Wed, May 13, 2020 at 08:26:47AM +0200, Christoph Hellwig wrote: > > Add a helper to directly get the SCTP_PRIMARY_ADDR sockopt from kernel > > space without going through a fake uaccess. > > Same comment as on the other dlm/sctp patch.Wouldn't it be best to write sctp_[gs]etsockotp() that use a kernel buffer and then implement the user-space calls using a wrapper that does the copies to an on-stack (or malloced if big) buffer. That will also simplify the code be removing all the copies and -EFAULT returns. Only the size checks will be needed and the code can assume the buffer is at least the size of the on-stack buffer. Our SCTP code uses SO_REUSADDR, SCTP_EVENTS, SCTP_NODELAY, SCTP_STATUS, SCTP_INITMSG, IPV6_ONLY, SCTP_SOCKOPT_BINDX_ADD and SO_LINGER. David - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)
David Laight
2020-May-14 12:30 UTC
[Ocfs2-devel] [PATCH 32/33] sctp: add sctp_sock_get_primary_addr
From: David Laight> Sent: 14 May 2020 10:51 > From: Marcelo Ricardo Leitner > > Sent: 13 May 2020 19:03 > > > > On Wed, May 13, 2020 at 08:26:47AM +0200, Christoph Hellwig wrote: > > > Add a helper to directly get the SCTP_PRIMARY_ADDR sockopt from kernel > > > space without going through a fake uaccess. > > > > Same comment as on the other dlm/sctp patch. > > Wouldn't it be best to write sctp_[gs]etsockotp() that > use a kernel buffer and then implement the user-space > calls using a wrapper that does the copies to an on-stack > (or malloced if big) buffer.Actually looking at __sys_setsockopt() it calls BPF_CGROUP_RUN_PROG_SETSOCKOPT() which (by the look of it) can copy the user buffer into malloc()ed memory and cause set_fs(KERNEL_DS) be called. The only way to get rid of that set_fs() is to always have the buffer in kernel memory when the underlying setsockopt() code is called. The comment above __sys_[sg]etsockopt() about not knowing the length is just wrong. It probably applied to getsockopt() in the dim and distant past before it was made read-update. David - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)