Re: [PATCH] x86/asm: add __user on copy_user_handle_tail() pointers
From: Borislav Petkov
Date: Thu Mar 28 2019 - 12:09:10 EST
On Thu, Mar 28, 2019 at 08:48:33AM -0700, Linus Torvalds wrote:
> Well, it does that because the x86 version of copy_user_generic() can
> work in either direction, so it works when either the source or
> destination (or both) are user pointers, but they don't _have_ to be.
>
> So the "userness" of a pointer in that context is a bit ambiguous, and
> so we've picked the pointers to be just plain "void *".
Yeah, I had a suspicion the reasoning would be something along those
lines but couldn't find any threads discussing this quickly.
> That said, arguably we should have gone the other way and just made
> them both "__user" pointers, and do the cast the other way around.
>
> But there's no absolutely right answer here, and nobody should ever
> use copy_user_generic() directly (ie it is very much meant to be only
> used as a internal helper for the cases that get the pointer
> annotations right).
>
> I do think Ben's patch is probably the right thing to do.
>
> And we could do the same thing to copy_user_generic(), but that would
> require switching the casts around in the callers, so may not be worth
> the noise.
Ok, Ben can you please add Linus' reasoning for this to the commit
message so that it is clear why it is done this way and we can find it
with git archeology?
Thx.
--
Regards/Gruss,
Boris.
Good mailing practices for 400: avoid top-posting and trim the reply.