Re: [RFC PATCH 2/4] uaccess: Add non-pagefault user-space read functions

From: Linus Torvalds
Date: Mon Feb 25 2019 - 12:01:23 EST


On Mon, Feb 25, 2019 at 7:06 AM Peter Zijlstra <peterz@xxxxxxxxxxxxx> wrote:
>
> Would something like so work for people?

Looks reasonable to me.

> Why not keep it simple:
>
> mm_segment_t old_fs = get_fs();
>
> set_fs(USER_DS);
> ret = __strncpy...();
> set_fs(old_fd);
>
> return ret;

So none of this code looks sane. First odd, there's no real reason to
use __get_user(). The thing should never be used. It does the whole
stac/clac for every byte.

In the copy_from_user() case, I suggested re-doing it as one common
routine without the set_fs() dance for the "already there" case to
simplify error handling. Here it doesn't do that.

But honestly, I think for the strncpy case, we could just do

long strncpy_from_unsafe_user(char *dst, const void __user *src, long count)
{
long ret;
mm_segment_t old_fs = get_fs();

set_fs(USER_DS);
pagefault_disable();
ret = strncpy_from_user(dst, src, count);
pagefault_enable();
set_fs(old_fs);
return ret;
}

and be done with it. Efficient and simple.

Note: the above will *only* work for actual user addresses, because
strncpy_from_user() does that proper range check.

Linus