From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0F922E77199 for ; Wed, 8 Jan 2025 18:58:17 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 844666B007B; Wed, 8 Jan 2025 13:58:17 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 7F2C16B0083; Wed, 8 Jan 2025 13:58:17 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 6464E6B0085; Wed, 8 Jan 2025 13:58:17 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 438036B007B for ; Wed, 8 Jan 2025 13:58:17 -0500 (EST) Received: from smtpin16.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id DE5D61C87D9 for ; Wed, 8 Jan 2025 18:58:16 +0000 (UTC) X-FDA: 82985194992.16.F238CA4 Received: from mx0b-00069f02.pphosted.com (mx0b-00069f02.pphosted.com [205.220.177.32]) by imf09.hostedemail.com (Postfix) with ESMTP id 6F86C14000F for ; Wed, 8 Jan 2025 18:58:13 +0000 (UTC) Authentication-Results: imf09.hostedemail.com; dkim=pass header.d=oracle.com header.s=corp-2023-11-20 header.b=Ov1h0eyG; dkim=pass header.d=oracle.onmicrosoft.com header.s=selector2-oracle-onmicrosoft-com header.b=eqKWDzUI; dmarc=pass (policy=reject) header.from=oracle.com; arc=pass ("microsoft.com:s=arcselector10001:i=1"); spf=pass (imf09.hostedemail.com: domain of lorenzo.stoakes@oracle.com designates 205.220.177.32 as permitted sender) smtp.mailfrom=lorenzo.stoakes@oracle.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1736362693; a=rsa-sha256; cv=pass; b=h43xi/20X6JEepX02GnI2hG1bQDjMLIL3xf7yvzsitu5tpO+/hUpFCS+MXzDNMeXG/6Aov mAtwMMnS3fmF5B9IbK1QmD8Kxno+esnw2GTYFA6R6fe6TpxG0zwMT5Xon6jT6Vwb+K8Gvy c3fqfZ/ZNk3QrabpXuC/3mBN9Kqg2ig= ARC-Authentication-Results: i=2; imf09.hostedemail.com; dkim=pass header.d=oracle.com header.s=corp-2023-11-20 header.b=Ov1h0eyG; dkim=pass header.d=oracle.onmicrosoft.com header.s=selector2-oracle-onmicrosoft-com header.b=eqKWDzUI; dmarc=pass (policy=reject) header.from=oracle.com; arc=pass ("microsoft.com:s=arcselector10001:i=1"); spf=pass (imf09.hostedemail.com: domain of lorenzo.stoakes@oracle.com designates 205.220.177.32 as permitted sender) smtp.mailfrom=lorenzo.stoakes@oracle.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1736362693; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=ucBdoIjlVBdL6Tow+PhHGxL/cJqbsYNAL4CIrdTV5Mw=; b=InLpgKnMf5eaxLHRN0TiRziR2/7TGlHDoAQ5DueKdn6jyqZB+wKqqrRqCWzNDAq4aTNmWU iPqTGjeT1sYCkFfWgyH0ptz37MWoub1fC15g7fyAoyCdwimzWkAw04VB7gwYVc+R+gYwN4 v+WkWU6ytGslN46hA9ZuswzmM31+LxY= Received: from pps.filterd (m0333520.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 508IMtoO000478; Wed, 8 Jan 2025 18:58:10 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=cc :content-type:date:from:in-reply-to:message-id:mime-version :references:subject:to; s=corp-2023-11-20; bh=ucBdoIjlVBdL6Tow+P hHGxL/cJqbsYNAL4CIrdTV5Mw=; b=Ov1h0eyGlvpGV+8PuSnNQcb5aEiVevEqNV B22e5k4HBQkbZ9wljL54v9enjP15RbQmGOtleWFzrIoV3ON5j1Y09+H/j3XHSJja DHuloES1A/ZQWr8IDCLbimEdYTXOyoLsCaQWrCq9hdBudYEUniwEC/xqgGmmqAH5 JVh1srwam25xnELWq+LszARAg27HEfQrCMkT0z9nW9JYuNBnqoeKmEqJJRf57f/V +8vLDDNnYrUo4WbwFQ5xsPZgYrpqQV9zGe4kpNrCvTasq4r9riu5jI+4X802bFa8 mBirzUgKk0GEMKm23ThEGS4dNxake5Fn3KXWIVZvLXaMjm9lHKhQ== Received: from phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (phxpaimrmta03.appoci.oracle.com [138.1.37.129]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 43xw1bybrd-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 08 Jan 2025 18:58:10 +0000 (GMT) Received: from pps.filterd (phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com [127.0.0.1]) by phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (8.18.1.2/8.18.1.2) with ESMTP id 508InPmD022708; Wed, 8 Jan 2025 18:58:09 GMT Received: from nam02-bn1-obe.outbound.protection.outlook.com (mail-bn1nam02lp2040.outbound.protection.outlook.com [104.47.51.40]) by phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (PPS) with ESMTPS id 43xuea4g1u-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 08 Jan 2025 18:58:09 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=b0JGaleycvmIhjel38yDTBm/J87IYnU7UumpyJWHMnwW+FdVzC/eEYFeLC3SdyVpbTkiehpo/3v4zGtDHQi2hgV8Ue3WECkrGwy6u83oQarPdEb/NNCizO/wZJXZM1g8TFKfeQWkG/elBU512zzv4rT+xCZK+Ly0Z+//X1b19oUKu/fop9y/HtXtPBbUPEYCGLTrQO2jSGdMEG5qPvKqvWTkaATAgNejRjWDHJfD/NFqABpQnh2TRRXMKXGsnWna6kYDrP6xZ3O/vaqbBqm3gfCMvJtjKSQBUw9EPPxl2LDOdvRYFbIRRybHiOYg7EliJy223Apf0YTbDCG1v+0UuQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ucBdoIjlVBdL6Tow+PhHGxL/cJqbsYNAL4CIrdTV5Mw=; b=cDqWgdFuOpVQ2Y8KWfyA8sVNW1MJj8lfz2AhIEdeBG30UFbW6kEJUkGMUbSUOGBCc4Lf2tn9TatVhlptI2waYTLFucK/x/MDqyRWV0EXPWHkZ/fhNlxH1hZMcAbeUAspldPxMCK8R58JRZpTYA1Z+BrxjzUkZsaa549Lxy//wWewMo6ESaAJdt0/sMIe7wY6rIx+JdGbT5InPsZkso/GNwnd91xWU5999FbkcjS/BekmzE7lZKqlnOFznNqT/ddV/M+uyXlTs909gGz+ty5jutIcGv1TyXWSn2slXmDtR1cCAxGy0eCtPYfmycw9ITjjcoTJ/5eqJAYSE8jXhBftzg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oracle.com; dmarc=pass action=none header.from=oracle.com; dkim=pass header.d=oracle.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.onmicrosoft.com; s=selector2-oracle-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ucBdoIjlVBdL6Tow+PhHGxL/cJqbsYNAL4CIrdTV5Mw=; b=eqKWDzUIP+uhsMg5h8hxdQA+YlAsLhCNmAKVBmCvq0TBA4jo6mLxPmVZQy0yB8Z+4k89tbZ9sDWyNKmaK+HV/LOjEjhNY0BJ4B+VEqCn197gfC85nhJNiTmvicb6BEOgOJ3fQdo+jxlIS22RKWr7YhseZq0mn3o5Va3wslonMMU= Received: from BYAPR10MB3366.namprd10.prod.outlook.com (2603:10b6:a03:14f::25) by SJ0PR10MB5804.namprd10.prod.outlook.com (2603:10b6:a03:428::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8314.16; Wed, 8 Jan 2025 18:58:03 +0000 Received: from BYAPR10MB3366.namprd10.prod.outlook.com ([fe80::baf2:dff1:d471:1c9]) by BYAPR10MB3366.namprd10.prod.outlook.com ([fe80::baf2:dff1:d471:1c9%4]) with mapi id 15.20.8335.010; Wed, 8 Jan 2025 18:58:03 +0000 Date: Wed, 8 Jan 2025 18:58:00 +0000 From: Lorenzo Stoakes To: "Isaac J. Manjarres" Cc: Andrew Morton , kaleshsingh@google.com, jstultz@google.com, aliceryhl@google.com, surenb@google.com, kernel-team@android.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v2 2/2] mm/memfd: Use strncpy_from_user() to read memfd name Message-ID: <4291d9f0-4483-40e5-a54b-d006eb52c8cb@lucifer.local> References: <20250107184804.4074147-1-isaacmanjarres@google.com> <20250107184804.4074147-3-isaacmanjarres@google.com> Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20250107184804.4074147-3-isaacmanjarres@google.com> X-ClientProxiedBy: LNXP265CA0080.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:76::20) To BYAPR10MB3366.namprd10.prod.outlook.com (2603:10b6:a03:14f::25) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BYAPR10MB3366:EE_|SJ0PR10MB5804:EE_ X-MS-Office365-Filtering-Correlation-Id: a951a4b0-9e16-4fff-0411-08dd301660f6 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|376014|366016|7053199007; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?C0fUxrbdeWwE6kYi5HacuMPWb667SG5q0qT6V/1sMDlOQuR/ffp2/LVaaPYT?= =?us-ascii?Q?U5nePtwrlBV4n9ijM0Vqg437Pi5jRMKmhBrQYH4JTOWnBUchr8nOC6FKM5po?= =?us-ascii?Q?7JN3Wnou5Ug21XrFzjz3tUSUAefErX1vjkrFaKJ76g/PRWPW/Eueb+gsUJrO?= =?us-ascii?Q?oCg7F52tpZxjEP8IVm7/ddieJx9GlOEcLCxLa4xGsl63Z9xggC2OTZVLzrDn?= =?us-ascii?Q?bK8RmYPoW9c9rLlf8+2LKcF61atKaoAd6aWlKBVo316W04CWNvvGzRmgscD9?= =?us-ascii?Q?ubxRKO4aXHaDl87HXK2ySSywP2FTqNTcTZzFdzK0TILIzIn5k7YaiQdSJhLv?= =?us-ascii?Q?85tGwKez8EBVP3jG7rCJG6VkgOaeBGn0Ref0iofMZT+rK2IZJ9vS4QbYzhOu?= =?us-ascii?Q?50qZ3lvdongZcw+l5QFR2dieYh6rDXyK7apkwRyfya47IC/C5RywyStx7CFX?= =?us-ascii?Q?MTybFyanZqGZy4q3E0DRgB6rE3rtBlsqV70Pq5JPG7/CDNPXivfsP06XcF+9?= =?us-ascii?Q?ffrrGVbVPJ7JSasq/YFnA9JnTPA4VhwfvJprs5pKBuDlstz8+4b1Mftlt5gg?= =?us-ascii?Q?bDtJfv14nodh+j0A6G8YjtlT6/i2ZfDxgohnffA8JNnJOb4R28Zs/EDP3LJj?= =?us-ascii?Q?87Lxw7/oOtfZsLxuHC5REYlDV0l5oKXPTjjR12U+MPkDw6zUxV//cxStdDrj?= =?us-ascii?Q?Nt1S+18AW96zeAfCWA2Fg+Q40jdvkiTI8ywkDwxM2a3mx46VB/0h41+6PdMB?= =?us-ascii?Q?2AcKC09rlR4ktqeKs8xAJlpz/EqqMnN4PqnihNjmtswF/IkCr2UNuSLUgiJl?= =?us-ascii?Q?9o9KFzJmbyDHfdD6x8/qb/FaXxzB24fh61CBekq/1sMt1sy2G64L577Ek5Eo?= =?us-ascii?Q?lYHmupDcxXx6xG/ehgCM2Rf3GflE70kGwW1wD0SUeZgyT487lu3jaNqViiJa?= =?us-ascii?Q?h//kp2RKXBbQDYN7bvJYFLYlBCRHBDq9j/Q7yF+UaDGZAcLvUQ79P6PdzXz3?= =?us-ascii?Q?z/mycBOAUIdGg3GxobaL+KvXIC8SK39g0xlXfyzB3KdrsvpwJ/L1obp5pWMC?= =?us-ascii?Q?dhu5mDYY0/eS6Q8/LC21obBURAyHdYnANTOnsrrCDViQHyZO5bblI6+I3IIT?= =?us-ascii?Q?LF+4SL/PifIRg/3yq6Hs7rtScPAuOw6Y24kZSinc3UUDsw77KGhMYlxDVdZT?= =?us-ascii?Q?MzpOSp9r2oTaIBVgwzrRrBJexv8zqfLkdqRsIRo7UN0My0PIB/BtlZBc72Hk?= =?us-ascii?Q?pb4k9BK9RRppxYGNuNcb1zFGbHuMj8UshN8t/P1TzP7y8zcH3Ifaz11XICqm?= =?us-ascii?Q?ma1CC24mxSYqLeIJxirf8UrTrhyQn/H7iy5jH6op4wCSqaaBa0pI4ZkDjjvI?= =?us-ascii?Q?lvlKAvrSkzEy75twAj6lK4QLb5Az?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BYAPR10MB3366.namprd10.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(376014)(366016)(7053199007);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?ipxQLKKuzWDjL6lbL1O3+Cw0vi3a74ikl9yRQfsV1l8VqpN5XNW0+umDL/XK?= =?us-ascii?Q?s4Mo7hjHefn/lLyvaYEJPwpzcRSVnGzMJfTzzopafxCOAW9A8dBoDTb2XZfh?= =?us-ascii?Q?T65KEviagEUGGs9O3EpL9W1yrtd7QeUbxD6UyNb2wmWXG2Sr5beltF19sq2I?= =?us-ascii?Q?YL+281hADsfjLOoMyggEUwcPZCHWFT969Cb3W5rhT7wXMOwxshKoEPAXd7wG?= =?us-ascii?Q?aphwr4Y90qOZHasozgJ3Yb6s62Hi+Dd0du6YpCUj1fFPDp/dKoAe4GhAElEi?= =?us-ascii?Q?tyJp/T43SkV0bOFqpxcUKTfo/iLB7+J9cFYX9mf8oLVvcO2hUo5PgMToi8DT?= =?us-ascii?Q?Nim/Xq1Vj/SvrGaVxZFy61AZTv8qiQDaTyAKPkUCp0n6PMkBieBJMuKaOvuq?= =?us-ascii?Q?0dXgLte59iORq8Yv5N/IkfnOyQcQ3ijR8D0dTcBMl4ZUm0TJsJd0MlDvoj9n?= =?us-ascii?Q?ly48QUMrgRMDqZzoF5z/qZdIzBky9RInoyWoCRs1ZHyLS9RsxRp2ngVW5EjC?= =?us-ascii?Q?YN7qa05baW4IFV6ODkRtpkH2/3SHZYk5Xq5TZyNnDAK90uHRDOjw/1uyMvQM?= =?us-ascii?Q?XaoXAxeMNIlhiJWGIRXnepKa4DKNLOebqAqmdkALk/LqB8YcFeqXNjExxXuD?= =?us-ascii?Q?fTsJcIfzZgErqh585RUkvHizJiASNP59uxy6Rssvi9aShQ0ONxkvq7qgFIbr?= =?us-ascii?Q?tLDbU91BvHgYPMRBWtaxcAI3itnXl5Qm2x/mEBfC9H9vL5qmd0JhtNmmVDVA?= =?us-ascii?Q?ZT6yLdgZfWY/e97v/kC9bx9+CnttWAaA4moeYn6Lqz0GFx2+lJuUFfyRLjwz?= =?us-ascii?Q?5gsdn2Nkz8AgpQ2S6BaehLRPTe8i0KPugNmgtTGoBaHHTB8NZHtcpKpcjU3S?= =?us-ascii?Q?GnurxoBiObVuuh1kp6krOrl7r7dzWzVY9kRDP9z7l68RZCH6W8LkWe4aC/pa?= =?us-ascii?Q?UmysR9wOYrtyeQ3rcDcxQ47ArA/rMWQJqfvm3a5oEbnVrv82aAuAIfSb2JYf?= =?us-ascii?Q?9zFbhxTiojlxvKedsk5pEbKPFDMIzPmVJ5WlewOdI2a3JVcjhfv4b8jusZ91?= =?us-ascii?Q?tGNKtCuEntFXdR/woXInEEnUXttbs5BMjX+FIvufQv/xjhpPAMfV6rAxO2Du?= =?us-ascii?Q?tFVSPrsyFC0XTDdZxz9eYyK1u8oPeDFO77NWI24W6hfUGKWD8QxF7Gv6dyEx?= =?us-ascii?Q?eBp1IgTOX3xvgqABiyqq10rFWBKqzZ5lXOu0zFYXauhU15g8cLyxcX04dDD3?= =?us-ascii?Q?BcR5xu2qfPOBqUTs3zVAq1AP03NukdbFAZT6SrKpmJsbKR2A4FFtayT2+KxD?= =?us-ascii?Q?qfN4fYe2rSNRRcp+xAxHQN5G6cddmLIYRJSHteMHoPdx0dkS4U0qQ3xLzdrx?= =?us-ascii?Q?oFkZjf2q+lOi9Ees9yjCdqEeMLNG+VPN4CDJ+rOpMB3mBEO1GSkG5YcKmz8f?= =?us-ascii?Q?RvBJNIFJA4dja9vPcSEw5oFNueIQ+zl2fR8AWT3ONKBgSp+J23fjdZxm/1vk?= =?us-ascii?Q?t4AYq1zzX98cXCl69ZDDQrFGLUTAslKUMP29EgAhRetwwsoijzErAhrQbDDR?= =?us-ascii?Q?9pJADHr0Sm+z2S0XrNbta476U7vgj2dN52YeQDS8ws0hTR/vS7Bfjh9ta6CM?= =?us-ascii?Q?WQ=3D=3D?= X-MS-Exchange-AntiSpam-ExternalHop-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-ExternalHop-MessageData-0: kepsg5V3zEFnVqP6FP1DP2TszTZlj6WnPd5vBnhSXFK3wQGFu3zz4OPrDXJVANCwR4EflwXDbRRqYJnfi/0SaOYLpGyD6jm/HIT9uIgAq8Sh3WSHruq35iW0cxoz7PSAmcEQuNQV1fdC4gg+jQzKM/GJfKoHyJM0XAKSBFBZ76wcsfY/I6VOr99k+pRWdUISevLVOezB8LpgfrwehnG9+cL+LipnT/nkQFsU6fkjGkfhFDD9t+ZjXVSGPBJ5WcXz3A6tZ3X52crtnPDbhQOBeLd7z2+YkjaaIUPe1peNQSFEBYRtvg4qPkpg96RXwSHnlRQyFWlakw81o1sd2BblZBwAnKwPZHW0Gvq3ojk1WCD0GmjeJUE5lXDdVKgl+JQEsZAPsOqYU6+ppT6okh2aZS1aBIvEmYApMtrCjDNADMJ4Ruwdi4jjbqZMMDQTCmbfTUzzqeR4aiC0gMvXFydYb8ZpNyRxoWBSOzCeQfrkGP/YpwOwDpVGYZSBbyknFPpvoY0vXU52f5/LeJl6pn0b0VqUvBQdZAau3mZckvTtRNiOxvzD9PECkGsGRHdWzAOhVOMUDB8XQSzEeVSGSyu3LsIoZLc1tIOs/A8hKujuNYw= X-OriginatorOrg: oracle.com X-MS-Exchange-CrossTenant-Network-Message-Id: a951a4b0-9e16-4fff-0411-08dd301660f6 X-MS-Exchange-CrossTenant-AuthSource: BYAPR10MB3366.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Jan 2025 18:58:03.2911 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 5P+EN5z8pXAEstpMrgT47w6l3CsemAUI/7IzKs951PvTj0LEnnKsS41nwfNaoq/oJEgVjmyCzTQJ7s1r0RVSytzTeYD5/DNZQhn+wXC4ewI= X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR10MB5804 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1057,Hydra:6.0.680,FMLib:17.12.68.34 definitions=2025-01-08_05,2025-01-08_01,2024-11-22_01 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 phishscore=0 bulkscore=0 malwarescore=0 mlxscore=0 adultscore=0 mlxlogscore=999 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2411120000 definitions=main-2501080155 X-Proofpoint-ORIG-GUID: fnmjZZkZRRXMyU4CifufgndKZc1hGt-C X-Proofpoint-GUID: fnmjZZkZRRXMyU4CifufgndKZc1hGt-C X-Stat-Signature: zuc96kugbny76ao5cckgs7gzm73wscz4 X-Rspam-User: X-Rspamd-Queue-Id: 6F86C14000F X-Rspamd-Server: rspam08 X-HE-Tag: 1736362693-631179 X-HE-Meta: U2FsdGVkX18zRBInDxW741wm33e9AKY3rXAJfJ5aS6KfdYDGpQGXwfYFLW3Qk8sYuDSN9bqdGqLWExHID4jKl/xLtdbcwzCWz6fIMb7F1Xe3TRbPjteLKPeAaAuW16ApRVe+U+YIKkeGlzcGnJKmAGJVlDqxdUpP/bolTPZyd6G9Q3LxUMdYEIHuCHRHL5FbBkkvzTgPb1DwzzEXfioIq617NBXq/7yFtwBftPV9Vi/FYnkXETIZCwiS5d4yxnMKrL91RzZ3mlttA9D/+zsdceduspB3qYl5RT+6g+LA5QOJ8XPW8DRbVF+oG5px6XpzCB1SBRyRIYpJtIHHvOhEgaUasR5rRMfjFRODvwkq/zv2M5PTd+2w+5kDSlh0ZudF9FwPz6DfAE9bsMv07JnFJbI4AnMF8GMmJt3y94sRTk1veN0v4QPl4ltFWPkJsJgsNhArpjFJq3rZqN20GKGuD6I/PuXkZ8AxMeq+WdcyCfht+/d6hYtHadf7yBAymleYTrhmzAWZnIj7O4gLJtWD/WUvWZIc6hC33xpZDK6AKoJAG5hj4NA8xoCzL8PdL5JxlxwD5DPbXvYMEK9AaU+B1WJtFCHolewkCJibPQ3tp3zS6PFWL/Pd8mXwzSYh/Er3ztA2e7YnpXIUB0gtrVNuAoBGR1rmorfq+zkK4NR+OAL+QUPBu9+8gY94N6tYDc4tUHE/L66skBpEKbwuB+YSOiPifWzclr5bTJlDFGEy+4o0nzNmg1xnMMp2iVv5Np+9ilYG63VFNZF11Gg16aHJ8V6MLcLNIVuOQnKpgVkbcspLxLNlb/AVkpAjPcZSblZCRXSuAII1KlzWLk9jYxG0IbYel70D5+g70D49MuSEU0060Vkn56vpJ0kTQgRbU5SGH4uVu+vC1iQ8XhouaeagqkfXZmWsCV4439TSpmQDtR25V/rd5F2wV2cYbs56EwDUw4x3NDENS8vLId1kwF1 7YU90/bB tZWvLBNaYro/eaySjuM3D3DKKYHY+sbnwq7FS3unPenTwoYNkT2qkv8Y7LRUq3y34GFkUPk/0ViBO6tK4ekaZPz64P3zgsB+P7B9RJSSHYAfZo+o8WijTRkQ2WL2MDPUILUbf3oXPqmg9d3z1kkuM8bgGPZbfEY3K9F/N1R7KVkPruMF1Xs9pxTfB/pB4pYXVMnDuRTSnR0vvdAoIP1wuIYXrB7+xK7zhKZV6mor2Yeahc+jZaWFXA5WTdrk6TN4QA58eYnxotUh/ZCdXTflZ30N5a1bTW+PwQ4ho8fRFxVm5/hbgO7TBNQuPM1CKSA/DJjxeoDa5CcIcT3PyPb+ZbMzhuQKM1Ubu2KS07gsgNi0OR+xKU8gb33R7jbtw7K+0eyXa/FUSnf4kSjulaMjPuqwiAxNn+loR6/u0garGZQuhIfzpG22Mj5Hc3Yg7frtDCJABGFKBBO5eYS4shSXYv+t0tEUp8a5OsLjKHLYGo6Oapi5x8mgU2/zwtIQuqMmXHLJSD4WGXHRxFrkNVdqJ6fElIvL2Z05tlQ1BH0h6ssMCdXTmXWdVQ/vY9YOzMaWyUNjeumORjRdVJlqLDDtq5JdUPyhFAuY2+sPOXwPljJSXXoU= X-Bogosity: Ham, tests=bogofilter, spamicity=0.042413, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Tue, Jan 07, 2025 at 10:48:02AM -0800, Isaac J. Manjarres wrote: > The existing logic uses strnlen_user() to calculate the length of the > memfd name from userspace and then copies the string into a buffer using > copy_from_user(). This is error-prone, as the string length > could have changed between the time when it was calculated and when the > string was copied. The existing logic handles this by ensuring that the > last byte in the buffer is the terminating zero. > > This handling is contrived and can better be handled by using > strncpy_from_user(), which gets the length of the string and copies > it in one shot. Therefore, simplify the logic for copying the memfd > name by using strncpy_from_user(). Thanks this is a good idea! > > No functional change. > > Signed-off-by: Isaac J. Manjarres > --- > mm/memfd.c | 20 ++++++-------------- > 1 file changed, 6 insertions(+), 14 deletions(-) > > diff --git a/mm/memfd.c b/mm/memfd.c > index a9430090bb20..babf6433cf7b 100644 > --- a/mm/memfd.c > +++ b/mm/memfd.c > @@ -394,26 +394,18 @@ static char *memfd_create_name(const char __user *uname) > char *name; > long len; > > - /* length includes terminating zero */ > - len = strnlen_user(uname, MFD_NAME_MAX_LEN + 1); > - if (len <= 0) > - return ERR_PTR(-EFAULT); > - if (len > MFD_NAME_MAX_LEN + 1) > - return ERR_PTR(-EINVAL); See below, but I think we should reinstate this. > - > - name = kmalloc(len + MFD_NAME_PREFIX_LEN, GFP_KERNEL); > + name = kmalloc(MFD_NAME_PREFIX_LEN + MFD_NAME_MAX_LEN + 1, GFP_KERNEL); This seems redundant as: #define MFD_NAME_MAX_LEN (NAME_MAX - MFD_NAME_PREFIX_LEN) So MFD_NAME_PREFIX_LEN + MFD_NAME_MAX_LEN + 1 == MFD_NAME_PREFIX_LEN + NAME_MAX - MFD_NAME_PREFIX_LEN + 1 == NAME_MAX + 1 So this should probably just be NAME_MAX + 1. > if (!name) > return ERR_PTR(-ENOMEM); > > strcpy(name, MFD_NAME_PREFIX); > - if (copy_from_user(&name[MFD_NAME_PREFIX_LEN], uname, len)) { > + /* length does not include terminating zero */ Thanks for commenting this! C-style strings are an abomination, so whether or not something includes the terminating nul(l) is always unclear. > + len = strncpy_from_user(name + MFD_NAME_PREFIX_LEN, uname, MFD_NAME_MAX_LEN + 1); This is sort of nitty, and actually optional honestly, but personally I really find it a lot clearer to do: &name[MFD_NAME_PREFIX_LEN] Here, rather than pointer arithmetic, as it then clearly shows the offset. > + if (len < 0) { > error = -EFAULT; I guess for the purposes of this being user-facing we should keep filtering the error but yuck. Not your fault though! > goto err_name; > - } > - > - /* terminating-zero may have changed after strnlen_user() returned */ > - if (name[len + MFD_NAME_PREFIX_LEN - 1]) { > - error = -EFAULT; > + } else if (len > MFD_NAME_MAX_LEN) { > + error = -EINVAL; I don't think this can ever happen? It just truncates, looking at the code for strncpy_from_user(). Since we previously returned an error in this instance we should probably reinstate the removed check for length of input string? I mean I guess equally the user _could_ change it midway through the copy and still get truncated, but as far as I'm concerned that'd be an incident of user insanity which they would naturally have to expect would lead to undesirable results, so that is fine. > goto err_name; > } > > -- > 2.47.1.613.gc27f4b7a9f-goog >