Re: [PATCH v2] prctl: Add PR_GET_AUXV to copy auxv to userspace

[Josh Triplett]

On Wed, Apr 05, 2023 at 09:24:36AM +0900, Josh Triplett wrote:
> On Tue, Apr 04, 2023 at 12:43:55PM -0700, Andrew Morton wrote:
> > On Tue, 4 Apr 2023 21:31:48 +0900 Josh Triplett <josh@xxxxxxxxxxxxxxxx> wrote:
> > > --- a/kernel/sys.c
> > > +++ b/kernel/sys.c
> > > @@ -2377,6 +2377,16 @@ static inline int prctl_get_mdwe(unsigned long arg2, unsigned long arg3,
> > >  		PR_MDWE_REFUSE_EXEC_GAIN : 0;
> > >  }
> > >  
> > > +static int prctl_get_auxv(void __user *addr, unsigned long len)
> > > +{
> > > +	struct mm_struct *mm = current->mm;
> > > +	unsigned long size = min_t(unsigned long, sizeof(mm->saved_auxv), len);
> > > +
> > > +	if (size && copy_to_user(addr, mm->saved_auxv, size))
> > > +		return -EFAULT;
> > > +	return sizeof(mm->saved_auxv);
> > > +}
> > 
> > The type choices are unpleasing.  Maybe make `len' a size_t and make
> > the function return a size_t?  That way prctl_get_auxv() will be much
> > nicer, but the caller less so.
> 
> It'd have to be an ssize_t return to support returning -EFAULT. Also,
> sadly, size_t would still look just as bad, because
> `sizeof(mm->saved_auxv)` doesn't have type size_t (at least according to
> the error from the type-safe min macro). So this would still need a cast
> or a `min_t`.
> 
> But I'm happy to change the argument to size_t and the return value to
> ssize_t, if you'd prefer. Will send v3 with that changed.

That said, *all* the other helper functions here seem to return int...