From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id B779EE77188 for ; Wed, 8 Jan 2025 13:43:28 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4C7406B0089; Wed, 8 Jan 2025 08:43:28 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 477946B008C; Wed, 8 Jan 2025 08:43:28 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 33F3D6B0093; Wed, 8 Jan 2025 08:43:28 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 173E66B0089 for ; Wed, 8 Jan 2025 08:43:28 -0500 (EST) Received: from smtpin25.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id B2C571208D9 for ; Wed, 8 Jan 2025 13:43:27 +0000 (UTC) X-FDA: 82984401654.25.7EF13A6 Received: from mail-wm1-f54.google.com (mail-wm1-f54.google.com [209.85.128.54]) by imf08.hostedemail.com (Postfix) with ESMTP id A9AED160016 for ; Wed, 8 Jan 2025 13:43:25 +0000 (UTC) Authentication-Results: imf08.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=jrcFPqfW; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf08.hostedemail.com: domain of aliceryhl@google.com designates 209.85.128.54 as permitted sender) smtp.mailfrom=aliceryhl@google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1736343805; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=tznlIY/v/B3KThqHdNNHUqCVB6IaAAPORUKIrN8htHI=; b=j4Je1ekGru+rIZuVYiCNiEYbDwp9/ihyeW4FYTHf5SS5zNdHs0OhNeGZe0YviVDEG98lCe 6uVqvuWcw9Ljvhr10T3j67pNNo6mtJHnYWcuIShvWUUxX/ITbU1iC91VmAqIsuCEgkbPS4 CS1DOAwB1FbizkMl3A8oLPRUGSdv8B8= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1736343805; a=rsa-sha256; cv=none; b=3Q7ph/0PqKToV6A4veMYLMhM260htM46t7v50Ka5ZDa1z1u4QhcAG1O2dVuo+A1Aw0PvY4 HUD9RK8PeplhnjlIrnr4yMtyJXlPYw08HHvCRmytnSjrIG+46UNhi51eX0+/qzUsNDrKlM MWDdD5H4XZZM6oOZICe9anxXPbVFNL4= ARC-Authentication-Results: i=1; imf08.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=jrcFPqfW; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf08.hostedemail.com: domain of aliceryhl@google.com designates 209.85.128.54 as permitted sender) smtp.mailfrom=aliceryhl@google.com Received: by mail-wm1-f54.google.com with SMTP id 5b1f17b1804b1-436345cc17bso121620905e9.0 for ; Wed, 08 Jan 2025 05:43:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1736343804; x=1736948604; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=tznlIY/v/B3KThqHdNNHUqCVB6IaAAPORUKIrN8htHI=; b=jrcFPqfWBqchTkqPESCA46TozfsHxv8UJ7aqkZjXTRevu8snfy1OjqhuA1SmkTr2Ju gcL3WSKroTOOZb0bPsLHTEIMgCJK4klxs80r2vk99FQh/oPOGfz0jgrGZlxFRHoJXZoI 7ixAtuyXMMZyun8exczLAnmsqW8wkEdsuESps//awn+vvJNKqs/xb2TUcEtgaPfaQcp5 RBxqslhVnnHesSSYG3IAD+65pAH19u8MbypNLDHQKxngkFXMmcr9275OdHpTIF/4t9gv m3+Z9XAQWOyF8Ft8/K+PeW+vppgZ4iqMuyHjIpcWCxCn9Kvc6Bvjkhy+Og5j/VU5UwG0 CWIA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1736343804; x=1736948604; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=tznlIY/v/B3KThqHdNNHUqCVB6IaAAPORUKIrN8htHI=; b=NX58+Rwk3+vsErYytgUb4BGqZp82kEKhlhAF5tlgBeAdQWQsbMdrmfZ7RW/uuRCfIE skySO9OLbSFYkHCt5JU8zRd+1MBPZrJmhZIihZim4INRkdENxajn3aGvPu/Ti/h2WfV6 8D0FfwRoeOup93diXYOYKZISzGMpbhQ6qP/G0QHGJtWuW9LiuaztzX0TbBJ1+C9d/Sjj RUQvl8fTJGp945pWsYgpjzBd/WCQ0mzwLlNaaNIZRZI+RYvvMNDIhtpPcb2sdBMulEQW B7YWlLz2d62vPiZXwtSevn4O+iUM7OC3EgysazTXcOAkCGLqpBi8tVj4skuRGSQcOZd2 CteA== X-Forwarded-Encrypted: i=1; AJvYcCWKmWppDGrY2wuK7Mm4OHeTkCjBnHfTXKh+0V78FTEoiDnOxD2GeAgLcK7b7253YeABkXmU1tRm7g==@kvack.org X-Gm-Message-State: AOJu0YwewTi1JlhAs2g/yx/mv39SVlEKxe1CHlF+YZ8Kou3Z552h+FTK 61Njk/cY5KFFAwQzCmFfZP0kkqACo5Vcq6f+tWZSElLjU09E4VgedFv39PbTEauWLai9Hu0GvtL +rOB9M36IQ9lF9deeMuv0s6GwOHotksgNiht9 X-Gm-Gg: ASbGncvos4jSmvLZlvv0y7KwF0nmhcov9zQDz3J2pWTbQmqu0WLALSb7eprKXz/+xu3 9DjznxTCmsW0TidAgJYp51O4nVLc9PVvyCVMy2ScVmEUNOpe3bXdPKqntUmOE1mKv8ipY X-Google-Smtp-Source: AGHT+IGAsjbWnFNMQPdPSCsi6oL/yyMWiMCKFSAuIc0ub8BYYWjEbfX/As20LsQnPzV2X96hki3nIlev9cf2DYZTom0= X-Received: by 2002:a05:6000:4712:b0:385:dd10:215d with SMTP id ffacd0b85a97d-38a8733a2e6mr2267560f8f.44.1736343804146; Wed, 08 Jan 2025 05:43:24 -0800 (PST) MIME-Version: 1.0 References: <20250107184804.4074147-1-isaacmanjarres@google.com> <20250107184804.4074147-3-isaacmanjarres@google.com> In-Reply-To: <20250107184804.4074147-3-isaacmanjarres@google.com> From: Alice Ryhl Date: Wed, 8 Jan 2025 14:43:12 +0100 X-Gm-Features: AbW1kvYAqbPqSmh9l_t727siL9e4gc7p1_ZPM04lh4AaFlTT4vStNrVtq2xBPd4 Message-ID: Subject: Re: [PATCH v2 2/2] mm/memfd: Use strncpy_from_user() to read memfd name To: "Isaac J. Manjarres" Cc: lorenzo.stoakes@oracle.com, Andrew Morton , kaleshsingh@google.com, jstultz@google.com, surenb@google.com, kernel-team@android.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Stat-Signature: yrbu4dqcf538szjjpmo8ixytypu1y6d3 X-Rspamd-Queue-Id: A9AED160016 X-Rspam-User: X-Rspamd-Server: rspam01 X-HE-Tag: 1736343805-120144 X-HE-Meta: U2FsdGVkX1+YzbN2N0rm3yrHCc5WYc/aH0oGCAesgtXFvz8oO9S3alKwIO5ePikoZizttQ78j34fUjHVVTvFXx0vsYAbk4iyNuvX3JD9e4oJO5LNy5v6l4bqz9vpJrVK+fLn1TQLY2v64hPYuhtKE8Hq6dvgwpOjXpLIidak+/hTSXVxmli7+ntYNB7YOJDgWlvepdaN3wIGHtkKIdDdfHPivSs1NsMJRczyDxmk+fEn4pf1MhV4fuY29inN8J4UpKbVwhUlGGp3IbSOBhsNWwqOREkFIecVhRvpofxzAJVfJGbXOgZ0I08g91F6ftQprEu1wfFfXiB8eUCGF/dcidjdsrTMnSgXgouGx2mTsk2xSHG/uq97aUZtPtqKQEStHkb2RPJ60Ha68o/A6qo49N5mqoWx2FH9//nQGRH9zH7hLhFZ/5dAJCByTWLxrD3eepxLV6r2nd4Lq9WgVvDogi7p0r/l0S4MhtRfpsX2gYLZl4uiBM75nLHVmQ2ZUtSLW/BuCIDCYwshASyzju16pDVW2aSacrniapmJ5hmoRQqWpokDunobESiWqt244oSXfqkfxcxkCD8qRMYUg+zQ8n4ZV3/IpSWMLm7+fOzshGqvy2LbzrRc3sQGRNVajFkSSF8ldbajRPoI+UwiBCm12+ctcgdIYh2RI/BEzF5TxV1xVFQVAvEWKftkqX1phat08qsRZjakwk7QSRD1CH7DL6ZLZvwMXtRkr2MBK0acuY/Nv+WsU7yYJpvEmQ+Nqnhsudk8CaOjYdRNxIDOIJ2pyDgJRK4+PVq9PGBIDXo0fPwhwQqnkDuePDN2xUkrxIvtuPgMdTIvg9GKYLHuiRYL+n2ivXwDXKygBNFbOOYASwz8OHfb2RYJMyX6v8AQzFb24TJZ9u3iR5Cpo1QLkUA5+jkU3iFUubqPV7/cdJwf2g8nTbtJeGkzaFWoUN+JyaqEcgQX5fNsY9vEEd/pjLR ckgAZ0Jr +XDveUVheUfNPx2kkYkDiEyxZNoQAZGa5CUGnaToGo7jdH+JAFHSkT/fhfZ+uEpPJyBeJ6my8E3ODFXysjo2Kf6WVkE/Ld2P4P1SfFHbCrqazPaLGzLLbWw0SaBwTy6bF6G9uWnEmGkFCx9pV7lacz/7NZsWMBbFzEjcaPn5YkBRC06LyEcSl9ZNPYZPFewpb8aLWmnccthF5WhZyW8vq3gTPXp74v1OIOwnkw7Hbcp1qoC8UYVfuPXVwLaycZvEQ4ivCqwa9JoRF02/H6ndd+uMEUgB1jM33CwenJ+mMz58/CoY= X-Bogosity: Unsure, tests=bogofilter, spamicity=0.454592, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Tue, Jan 7, 2025 at 7:48=E2=80=AFPM Isaac J. Manjarres wrote: > > The existing logic uses strnlen_user() to calculate the length of the > memfd name from userspace and then copies the string into a buffer using > copy_from_user(). This is error-prone, as the string length > could have changed between the time when it was calculated and when the > string was copied. The existing logic handles this by ensuring that the > last byte in the buffer is the terminating zero. > > This handling is contrived and can better be handled by using > strncpy_from_user(), which gets the length of the string and copies > it in one shot. Therefore, simplify the logic for copying the memfd > name by using strncpy_from_user(). > > No functional change. > > Signed-off-by: Isaac J. Manjarres Looks okay to me. One nit below, but: Reviewed-by: Alice Ryhl > + /* length does not include terminating zero */ > + len =3D strncpy_from_user(name + MFD_NAME_PREFIX_LEN, uname, MFD_= NAME_MAX_LEN + 1); Can we have this comment say "returned length" instead of just "length"? Or just remove the comment. Initially I thought you were talking about the last argument, and I was confused as that does include the nul-terminator. Alice