From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 441CDE77188 for ; Wed, 8 Jan 2025 18:43:21 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B6FCD6B0085; Wed, 8 Jan 2025 13:43:20 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id B20026B0088; Wed, 8 Jan 2025 13:43:20 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9E8436B0089; Wed, 8 Jan 2025 13:43:20 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 7EBA36B0085 for ; Wed, 8 Jan 2025 13:43:20 -0500 (EST) Received: from smtpin29.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 28AE544C8E for ; Wed, 8 Jan 2025 18:43:20 +0000 (UTC) X-FDA: 82985157360.29.A1BF1CE Received: from mail-pl1-f171.google.com (mail-pl1-f171.google.com [209.85.214.171]) by imf28.hostedemail.com (Postfix) with ESMTP id 2A1B4C0010 for ; Wed, 8 Jan 2025 18:43:17 +0000 (UTC) Authentication-Results: imf28.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=DB5P9kT1; spf=pass (imf28.hostedemail.com: domain of isaacmanjarres@google.com designates 209.85.214.171 as permitted sender) smtp.mailfrom=isaacmanjarres@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1736361798; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=kXyCyPBOES+MEmnZ1MIuXOR61pDXzNXOigqF+2AH1Jw=; b=X+V3myVgEVppaC3TfVDxcmFEUyE99CUq54ynPTsekNkBcHh3y7vZYxAUy3W5UkEB3qfP8h 55A1xoTSC4k3aWJnmhoBTZfa0usC6zkq71vIP8K0TuL1E1u7sjsic1Mh6kTDeR9yldc1Wb /QMohKlRDovHOmjX2gFLdQ5z8oeYhmo= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1736361798; a=rsa-sha256; cv=none; b=MDOb+ctejRZf2jkZSmuR2bcpQVfEBh+oVCiCEOf9A9FdtuEcqGsy72Z+2biEWPK/AamBkL 4VD+wf2b3BWX/KWPohUxrqKzuHLm9IyF3DFaqpo5wEASg8K7ahX73Ea29ZEkPDOVTnZxOw nMoV240gjZjz660eM7m67sK98bpnix4= ARC-Authentication-Results: i=1; imf28.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=DB5P9kT1; spf=pass (imf28.hostedemail.com: domain of isaacmanjarres@google.com designates 209.85.214.171 as permitted sender) smtp.mailfrom=isaacmanjarres@google.com; dmarc=pass (policy=reject) header.from=google.com Received: by mail-pl1-f171.google.com with SMTP id d9443c01a7336-21625b4f978so9965ad.0 for ; Wed, 08 Jan 2025 10:43:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1736361797; x=1736966597; darn=kvack.org; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date:from:to :cc:subject:date:message-id:reply-to; bh=kXyCyPBOES+MEmnZ1MIuXOR61pDXzNXOigqF+2AH1Jw=; b=DB5P9kT1Poe+Y8lFoUVTzn4RUWfQSXL2cdgHtxlYmGmfPHDCw8mXfMe3/DNhbkzKKu 2cE/NBpTbWKBhJaUgyRhqolfaZxwc9pfUirzAm6WQcZi2pZUFDOkTNEaDZOrZB/byj5C MGrV3E06MNypKZqrnoCdiz6hWZESz7yzFjqd8Zl3lWoH+B5fJSnjR1fousnXdzzPGBxX EGAugfkydWIRDRGaAsWxb7cnInrC3F3VnYQaoaaQPv8oVAuMUPiuTzg3aMfthnvdvgEI 9QqaHs+kdwnC2VpkpdXRioRagimxGEVFXSMMgZO3LDu99xwFaP6PYUVPA2p3sPGxpVZq 0j1w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1736361797; x=1736966597; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=kXyCyPBOES+MEmnZ1MIuXOR61pDXzNXOigqF+2AH1Jw=; b=Upsbnjb4mI/7hV8FsLRk09pA4WTDPw64ChVUL8rNIr0s2Au8GgIQ0LA5YbV/tskR0t +o15EkBfjtAbbcmYTRDJmFgI0u6BWrASqALZdPBYINcHOg5xq7aDgPY2stIwHABXSh5M jiBO47nuHVLlvBQnY2pAluIuuXFlcKAM2rfy/lXq26DqDGM+UlI5pCEzCf4SdHwy0Cus afYHJgzjKVJago0dxoaJFkIne1dnDZQiRV+v8/cOLR0B6KjQpdlGCxbGIok2PI4TOEMR z8452Jqle9BExbnw9lnO3WBgxv+TxRU3Thyyj5liOfmrp+G8tYnng7QlEwiccfh2lEUv hA1g== X-Forwarded-Encrypted: i=1; AJvYcCXCxD54t1Hwzax642G5mVGENVM4BiWbsrcJ+nH9ce1vhpRjPypV6fNOo4/KzfJIwf0YGn+SFrkhTw==@kvack.org X-Gm-Message-State: AOJu0YwilXgSu7BopXjpM1moMjNPT6HbCg2v92UV6MsWMVEHxH6AxXlV EyUltZAg+naMF6mJY7qhw03MLBoN+uxZWroqtDLiRKiTnL55oIcmveRgTDciLw== X-Gm-Gg: ASbGncvTZTKcsgtTmrRKKqvZyArUpiFp/mc7ivF48g8EG7XLPZBXwZJjBa3297epWIX qCuyTp/o8wIAs1MAoOEiJPgr6pdSGsh9nyQkXf3RrpWHPxWXHmNcGI8IFY1VijrmOMcxIlD7rog 4Co5KVuRcmc3bkH0g4LB7n/1uT+amzpyF3Bd7bQo2BbR6lUcXrgwuSAB/a2W33EWBvvhLNG0/Jj 57ShN4i8xW4cP/hSXRwHASKWBxPWJQIY/oWmmpOMqfBHfR18ZlJ0JWQ1g== X-Google-Smtp-Source: AGHT+IEzodxXuJv8Ky7a9cVJO1HV7Z61fTYQPMZodCgj22Ovyfsljxhw+73JLpdWNJ1yEqEhRiwjMg== X-Received: by 2002:a17:903:2487:b0:215:8723:42d1 with SMTP id d9443c01a7336-21a8ed27aaamr18255ad.10.1736361796721; Wed, 08 Jan 2025 10:43:16 -0800 (PST) Received: from google.com ([2620:15c:2d:3:e514:4b22:2740:5ec1]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72aad815842sm35624060b3a.7.2025.01.08.10.43.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 08 Jan 2025 10:43:16 -0800 (PST) Date: Wed, 8 Jan 2025 10:43:12 -0800 From: Isaac Manjarres To: Alice Ryhl Cc: lorenzo.stoakes@oracle.com, Andrew Morton , kaleshsingh@google.com, jstultz@google.com, surenb@google.com, kernel-team@android.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v2 2/2] mm/memfd: Use strncpy_from_user() to read memfd name Message-ID: References: <20250107184804.4074147-1-isaacmanjarres@google.com> <20250107184804.4074147-3-isaacmanjarres@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Rspamd-Server: rspam10 X-Rspamd-Queue-Id: 2A1B4C0010 X-Stat-Signature: twspcjzibuhathrkfuitb7piowdjap8o X-Rspam-User: X-HE-Tag: 1736361797-956684 X-HE-Meta: U2FsdGVkX1+XhJKNj6YWWDCOxq/wtdhPlcdy2/RaDhTXza6wndN5nIQsYdrTIQF8THr2R8CWafjl9Tms77EXb8uU7bfTqt4bi7NkJbyjAgEWWPEUQgTlToGGLTa38hUAeNrxDW9SPp7t3SDUClHxylXPLp507ElLDZ+KN5cScGVYfbdujz3YKWb0Nu8X1Jot2QQHmxyXITsBs7Fy1tHU8HN7Z96YnR5lCTu2LRiCyTb3RIMbZEfjeB9BFViLXn6lypm4qaAL+2i8Z4f3psg6A7tgIwrc+IKcFbsCWFZisZJRPs96YqlX1pFkaIvfNsnY0iOGg3nChrHz2LDGyD4iicfFU2o5khRWsOqPY0B4Hh+V8Yrl+Dtj8HG2Fn48gsSlKOsD2Xgmglm93tr4cLlmIRrzryvrMy9FSladPU6TLBb+aJ5ShFnRT3p9JrsZB+mvFXtkBN9hwLTBG+9lydlaowZMbTRofFpxV563Jash24sfgZz1pAigYbgXXqFr6X9bp4Bia4E5Kd7F6cX3oOOMav1LQYDnPMYjdAOsKkUODjcnBDxba8RMzK6H/F8tK3r7mDr/O0cbRZpa0uT7EZM+p4sjh2e1IJbI8afqBDhj8/nytzIBjGJwQLxtAJVqP8sUHM33qaplMQ28NCCExO09nZpSzkiG4H8KCdyp7v7YaVUxleQCpaqFtlEEbC2e0kGypX6O/QqvC3VvetZaxWHWN7bQlimOEBDOprmU1+unAOcoQ7jZ84uAKXLHcYRkYQtgSpR8Y/GLHQ1IyZjkzRLA21xNL5jlwmO7TNWrBle3dsFl/tyw0IW4+ELrTo1vB/QkgDzlM95eS8vQe1L3Uol4mMdJCSQx9xv9l0KEiL83af3DeMmg+YU7/MSQHaWmN3kgixgEcPgZClYmdyx0Whmvup+WsU46d1WXrca60LAnHZSfX402gTn/hoFHnojQGx+QJO7fjqFepfPfEAU4Pdk yIo6/PwC UW4eY+4DhDpEKDf+8cbvO5rmQsUIK2cXJrNKwKtsoxt2gA3GdcpfaPjrRCdbzE/7multD0O/i8pE+gtQm6VL+1pQ9bw6dpJ/rqq8RrsqGhZGXbqLoAi8Ym1m1du6XOR75y9CKzF7zUyQbZt5Vq9d3bKxV1yQyowaQEXR4jEyP0NrFlYlOP9cidNLa0vy9+1LCDyjFtZud4mub5pCaoQBXvLL3VRCnLwvVq9NSGVqaE/4mIoVyG8VLdwweOeCONUzw0/YV3c/VNiefzhGjFIK0Mx3TajtSrD0byYf5UYZUgJdCHozUu5yDHtvDOYPS5EyIr1AqMhyzWb/ChAMlHu/454/aHKvOxe25XUVLP/78odz//6IChtldGchvdDQZtad+PfoudZJvuurSG8raUFruFhJVhjFDkzq+Szu80Ve5EKfhdhuSpmReOW8Skldy02UB6jAPB3WCu5OcxWTyeeOlcrUNSQ== X-Bogosity: Unsure, tests=bogofilter, spamicity=0.476073, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Wed, Jan 08, 2025 at 02:43:12PM +0100, Alice Ryhl wrote: > On Tue, Jan 7, 2025 at 7:48 PM Isaac J. Manjarres > wrote: > > > > The existing logic uses strnlen_user() to calculate the length of the > > memfd name from userspace and then copies the string into a buffer using > > copy_from_user(). This is error-prone, as the string length > > could have changed between the time when it was calculated and when the > > string was copied. The existing logic handles this by ensuring that the > > last byte in the buffer is the terminating zero. > > > > This handling is contrived and can better be handled by using > > strncpy_from_user(), which gets the length of the string and copies > > it in one shot. Therefore, simplify the logic for copying the memfd > > name by using strncpy_from_user(). > > > > No functional change. > > > > Signed-off-by: Isaac J. Manjarres > > Looks okay to me. One nit below, but: > > Reviewed-by: Alice Ryhl > > > + /* length does not include terminating zero */ > > + len = strncpy_from_user(name + MFD_NAME_PREFIX_LEN, uname, MFD_NAME_MAX_LEN + 1); > > Can we have this comment say "returned length" instead of just > "length"? Or just remove the comment. Initially I thought you were > talking about the last argument, and I was confused as that does > include the nul-terminator. > > Alice Yes, I will update it to say returned length and add your "Reviewed-by" tag. Thanks for this! --Isaac