[PATCH next 1/3] iov: Remove access_ok() from import_iovec()

From: David Laight
Date: Fri Mar 21 2025 - 18:46:28 EST

Next message: David Laight: "[PATCH next 3/3] iov: Optimise __import_iovec_ubuf()"
Previous message: David Laight: "[PATCH next 0/3] iov: Optimise user copies"
In reply to: David Laight: "[PATCH next 0/3] iov: Optimise user copies"
Next in thread: David Laight: "[PATCH next 3/3] iov: Optimise __import_iovec_ubuf()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

There is no point checking the validity of the user address when reading
the iovec[] from usespace.
It is checked again before the user copy itself.
Added in 09fc68dc66f75 (iov_iter: saner checks on copyin/copyout)

Signed-off-by: David Laight <david.laight.linux@xxxxxxxxx>
---
lib/iov_iter.c | 9 ---------
1 file changed, 9 deletions(-)

diff --git a/lib/iov_iter.c b/lib/iov_iter.c
index 65f550cb5081..623ec43e049a 100644
--- a/lib/iov_iter.c
+++ b/lib/iov_iter.c
@@ -1471,13 +1471,6 @@ ssize_t __import_iovec(int type, const struct iovec __user *uvec,
for (seg = 0; seg < nr_segs; seg++) {
ssize_t len = (ssize_t)iov[seg].iov_len;

- if (!access_ok(iov[seg].iov_base, len)) {
- if (iov != *iovp)
- kfree(iov);
- *iovp = NULL;
- return -EFAULT;
- }
-
if (len > MAX_RW_COUNT - total_len) {
len = MAX_RW_COUNT - total_len;
iov[seg].iov_len = len;
@@ -1528,8 +1521,6 @@ int import_ubuf(int rw, void __user *buf, size_t len, struct iov_iter *i)
{
if (len > MAX_RW_COUNT)
len = MAX_RW_COUNT;
- if (unlikely(!access_ok(buf, len)))
- return -EFAULT;

iov_iter_ubuf(i, rw, buf, len);
return 0;
--
2.39.5

Next message: David Laight: "[PATCH next 3/3] iov: Optimise __import_iovec_ubuf()"
Previous message: David Laight: "[PATCH next 0/3] iov: Optimise user copies"
In reply to: David Laight: "[PATCH next 0/3] iov: Optimise user copies"
Next in thread: David Laight: "[PATCH next 3/3] iov: Optimise __import_iovec_ubuf()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]