Re: [PATCH v2 1/6] uaccess: Add copy_from_user_nul helper

Next message: Dave Hansen: "Re: [PATCH] [v5] Documentation: Provide guidelines for tool-generated content"
Previous message: Uladzislau Rezki: "Re: [PATCH] cpuhp: Expedite synchronize_rcu during CPU hotplug operations"
In reply to: Yury Norov: "Re: [PATCH v2 1/6] uaccess: Add copy_from_user_nul helper"
Next in thread: Fushuai Wang: "[PATCH v2 2/6] x86/tlb: Use copy_from_user_nul() instead of copy_from_user()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Yury Norov

Date: Tue Jan 13 2026 - 13:18:01 EST

On Tue, Jan 13, 2026 at 01:00:25PM -0500, Yury Norov wrote:
> On Mon, Jan 12, 2026 at 03:30:34PM +0800, Fushuai Wang wrote:
> > From: Fushuai Wang <wangfushuai@xxxxxxxxx>
> >
> > Many places call copy_from_user() to copy a buffer from user space,
> > and then manually add a NULL terminator to the destination buffer,
> > e.g.:
>
> 6 is not many
>
> >
> > if (copy_from_user(dest, src, len))
> > return -EFAULT;
> > dest[len] = '\0';
> >
> > This is repetitive and error-prone. Add a copy_from_user_nul() helper to
> > simplify such patterns. It copied n bytes from user space to kernel space,
> > and NUL-terminates the destination buffer.
> >
> > Signed-off-by: Fushuai Wang <wangfushuai@xxxxxxxxx>
>
> I checked the cases you've found, and all them clearly abuse
> copy_from_user(). For example, #2 in tlbflush_write_file():
>
> if (copy_from_user(buf, user_buf, len))
> return -EFAULT;
>
> buf[len] = '\0';
> if (kstrtoint(buf, 0, &ceiling))
> return -EINVAL;
>
> should be:
>
> len = strncpy_from_user(buf, user_buf, len);
> if (len < 0)
> return len;
>
> ret = kstrtoint(buf, 0, &ceiling);
> if (ret)
> return ret;
>
> See, if you use the right API, you don't need this weird
> copy_from_user_nul(). Also notice how nice the original version hides
> possible ERANGE in kstrtoint().

Huh, we actually already have kstrtoint_from_user, so this should be a
one-liner.