From patchwork Tue Jan 7 18:48:01 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Isaac Manjarres X-Patchwork-Id: 13929509 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id CB06FE77197 for ; Tue, 7 Jan 2025 18:48:17 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 47E0F6B0083; Tue, 7 Jan 2025 13:48:17 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 3E1BA6B0089; Tue, 7 Jan 2025 13:48:17 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 20AB46B008A; Tue, 7 Jan 2025 13:48:17 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id F11E56B0083 for ; Tue, 7 Jan 2025 13:48:16 -0500 (EST) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 8439CAFF85 for ; Tue, 7 Jan 2025 18:48:16 +0000 (UTC) X-FDA: 82981540992.19.F58DA9F Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com [209.85.214.202]) by imf28.hostedemail.com (Postfix) with ESMTP id B309DC000E for ; Tue, 7 Jan 2025 18:48:14 +0000 (UTC) Authentication-Results: imf28.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=Cse7asJL; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf28.hostedemail.com: domain of 37XZ9Zw4KCBQ2Cuuw6u73uBByC08805y.w86527EH-664Fuw4.8B0@flex--isaacmanjarres.bounces.google.com designates 209.85.214.202 as permitted sender) smtp.mailfrom=37XZ9Zw4KCBQ2Cuuw6u73uBByC08805y.w86527EH-664Fuw4.8B0@flex--isaacmanjarres.bounces.google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1736275694; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=rk8gGRBUBzYGA/wGbzmWKmNsJkZ0zUQC1Vm7cFkzsUg=; b=B1Q7ZIPLuBQ+HZf5JPB/QbcnoiijV96GjiC2k4GPvNUFyFeOfspOLIJJgVN9RPQJBab+tk 26cK2Y4bOPppwHO1uwuHJZ60pV+prWBqFUQ5QWcFKYihFDzn1zEEOYn0aVnsXMu/31HL/E TyjvayRX4vImm1eyk7gCMVx620dKkM4= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1736275694; a=rsa-sha256; cv=none; b=tH7LZXlhtVzKWtULY4ZR6J8kk8BO6f17Vh9jDuIhPubiinCIBZbnoD1XnNbmkhHLZfItRc XgBTjg/l2kYIFGdBK6Q9/dfO/JdmR69XdIpyxL7Np/KjFrsMMFEim+iWiXyaMCwU2RT8fj G+veml7Pb/zs5ZdigOY3mhtZ6ficKKI= ARC-Authentication-Results: i=1; imf28.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=Cse7asJL; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf28.hostedemail.com: domain of 37XZ9Zw4KCBQ2Cuuw6u73uBByC08805y.w86527EH-664Fuw4.8B0@flex--isaacmanjarres.bounces.google.com designates 209.85.214.202 as permitted sender) smtp.mailfrom=37XZ9Zw4KCBQ2Cuuw6u73uBByC08805y.w86527EH-664Fuw4.8B0@flex--isaacmanjarres.bounces.google.com Received: by mail-pl1-f202.google.com with SMTP id d9443c01a7336-21648ddd461so286592785ad.0 for ; Tue, 07 Jan 2025 10:48:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1736275693; x=1736880493; darn=kvack.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=rk8gGRBUBzYGA/wGbzmWKmNsJkZ0zUQC1Vm7cFkzsUg=; b=Cse7asJL/JSFDgr+jyukzMFYqFSYUZYzL4vbBSvIH7R63idUllYc7Bb+mZb3FS08h0 ndEdgncz35EjOeMegqrLM5SQSP9wmCNZ75AKOXqbH03qE4DvJvDaB4fkG8SDi+LPQl5M 3QOs5+ggWD5QUYJT5eOABRivePa4AQu0+qdP7TnkcWXBwzWafXTekfGtKy8FMk9fOm/Y 9Nfjs9mo/Ua6jUbiZ5LOzLjgyNNlrgmdH2u2Tl6Zmqv1Iab+3D0qh1WMm56AyMODHDSJ W8lWHxs922+lNTh1B2dwBM1mvtM0n2H4+eHZRjPcwAoR9ZAkD3IuVDbbC6KcWup9VzaK zlCw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1736275693; x=1736880493; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=rk8gGRBUBzYGA/wGbzmWKmNsJkZ0zUQC1Vm7cFkzsUg=; b=IzfgW6gKl6YmBMbe+ImJIhVD3dMPkG/n3+O7Tm5jAXhu2qNDmMdUcXGRseyzsIWLmt EB7qGfBSjaFTCM5Les00+k8gW+MJArVoet8Hvxo/8Arzn/mfibnlpKIIzHPtz5EnFv3+ UfcYjO41yb6+ACKmtQ0vazGMemTbXm3VFd8l2KyvA1Fq8aNDtHHXGLsrs4NUSp+k5h0+ kOCi83+nX1pV+n0/bmYwIMh4qhMXsI90rrulpXqMWyQJPZdSxFcvOuYY+ApUdsO2a/21 zlVWM3GTLAFIpiln2hIG+CINENeVUPTdHh+JYE6d/2ErgFb49ThO3LgCQhe2UCMK/l+5 aKIQ== X-Forwarded-Encrypted: i=1; AJvYcCWtz2WapXh8M6ZfwnaunDAkt0MLBwmH5sHztj6s8vMe+7Tpc+OqcngNFk1fUgXFHkCcGr7s5AOCXg==@kvack.org X-Gm-Message-State: AOJu0Yz6v/+xLpuUUrat+656tsbBQ2yvxkNnLkObIYEw539+jOiT1Wxp qpTxLZvs0WhTBfqcRnQl7oSEpeo2Y5TXEi/itW74gJ335b3Bu69gj3ue1z2AkpFLBlweI3HKunS O38ElqTKq6veug0eAd1dPlztd5+UIzssdfA== X-Google-Smtp-Source: AGHT+IFdAzLXbO2JkFr6H9h5q7HlYAi/wupYUCRA9P6KEwg4AV1/VAJRWO1ih6khzEfbAr8w3y0I1JH1Peh32phJwTXDJQ== X-Received: from pfxa5.prod.google.com ([2002:a05:6a00:1d05:b0:724:e19a:dfd1]) (user=isaacmanjarres job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a21:8cc4:b0:1e2:5c9:65e0 with SMTP id adf61e73a8af0-1e88d2ec106mr351161637.32.1736275693607; Tue, 07 Jan 2025 10:48:13 -0800 (PST) Date: Tue, 7 Jan 2025 10:48:01 -0800 In-Reply-To: <20250107184804.4074147-1-isaacmanjarres@google.com> Mime-Version: 1.0 References: <20250107184804.4074147-1-isaacmanjarres@google.com> X-Mailer: git-send-email 2.47.1.613.gc27f4b7a9f-goog Message-ID: <20250107184804.4074147-2-isaacmanjarres@google.com> Subject: [PATCH v2 1/2] mm/memfd: Refactor and cleanup the logic in memfd_create() From: "Isaac J. Manjarres" To: lorenzo.stoakes@oracle.com, Andrew Morton Cc: kaleshsingh@google.com, jstultz@google.com, aliceryhl@google.com, surenb@google.com, "Isaac J. Manjarres" , kernel-team@android.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org X-Stat-Signature: om7mpttb6yj76hdncectr5h4dnscpmot X-Rspamd-Queue-Id: B309DC000E X-Rspam-User: X-Rspamd-Server: rspam01 X-HE-Tag: 1736275694-572638 X-HE-Meta: U2FsdGVkX18K4ZKaHbkQZtoUayp6K2UZEUVAMZQSmOL6VZrWzI/uCb2fQm2eRGnA3um0vUU/+lGYPjTZ/iajMCZjU4e0g1IlQ6KCC/dCrJzcNJ7z3/euac4HQB5ojFod5qDxA3Apm4xk1ToJPky4Joxfe2D+dmsErKzIF5ZNAAEAgX7TIWJSTffg3sLuIHjg+60MF+ssYHc0nqNLO8ilStSIIciZ7XpbaLJ93V0gSHqEL0yXE61lmwE/oOsAEqz/3VWcsZekxcoWf0ykAjIhycTa7KkgurqtWlZueRYhP40XGPd3uqJ8HA98BgEzI4wM+cMSFKrC083Bi/n7dm+KSuP5hjPHu3MGX5I0eW3QBuBXc9MQKkunUc9qul3DnKgikNhNGEKiGqdorIxmHqgojUXIDEpit7gjTxEmWr7/YXyAD4wQCRNjzs2pbL5bZZ6DStkUUpbECQXHZJcHz4/szgMbXajy+yoFFG3R6QIfmKn8si69THJ9DIMic0VwO1VlvRkwizl1/a9wEx2y2wphJCxRvTcao+7Mz8einJ8PtAXLB61A5wm9eLsWE0Mvw5RuVREUcyaJKqaPGLBBZPeVo5LGGzc/IMKVJ2o3tHSLmbzbfHxT0dWU9kY61CTITCHl6mlrKsuCkfoFo2rToJgB+c3cXD3qnavq064PeeyiKxSoMP9NfYukpiEYOvtd0/qqQPQ/nk3rsIEpj9lGzKt67XrGGuajsKfMBqrDaXMvM/mb1D5VbBytAxMFBvIxBWfzsL+lEqJqJ+8IXx5vW3z4XI3/1HLSfEMO8dIBFyAIMlmmiYP1S78Hw4INSOiWM+WOMnz2YurIGLi424nvynbsNEkEmttMR7vHXL+zijD3MJuWFIJxvc6wOIqzgMNgvQUld8M1Ac/vKekBGWYkFVD/8oqO+AtyC+0/AmuXo4paJCMYHHhKMJ8F6DLXcWDZ6E6AR5YNy5f/LOHvbQ1hY1X 9kzHkQ+C O+dHoDpr/CLxfCtOQ9Tb39tGbkyoR9hqAWLVEatcXwcAXpb3iHHOMBnkQnf2gmV63HPbeYZe6cPlcnzXQT9k2Cqa2LzdXrNAtBzp0cxOF7xjEfGS0VCtumR+Gh3WNC0yLsNlc0Ysyj99bva++c50itos1JFNKaHC5FHsgMRhb3XXS4+m3DsHoZ/fo0cvHGhMa7HTe+VMDnREZ6JHQTcFJH+1RPPXVkQ0kE26y7hD6GLpZdpnnKNAxRvNVbqisECPilEyEXGEkI3TlJAYogA2VfYdvCAUGdVOvlDLBsMaFjNk+QyMe2laG2amLMWkVLFvN0SErTQXUNGUmwYsmKOG9V1sJnHe3ATtVOmp+0sq1M4NvoWG4p2tJpIB8CacXBMyITBMw6hRgx7l9BN5r3K/U+dEiFHhdNYQi/8O70sYOugBrxP1phrplZLAxJ76cNdFnabCtj7nrZbnj2tNB7yr/9FvZtcQchXM6b4+bZnp6F0N014xUXPY/Rmwcdj6z9Zp5VcRrdSAr5jxulh9jtffPIvjFLkKorkkWtY99D03/LAkyrSD8Y2Besrhz/cIbjjBgGKw6JfOTzR/jaNOSSCNhveC5U+KAttmm5TnYjY/wggVbtIgKzekjM8syouiJCgnpZx8uHtNHCLLoPaSOns1SsvjNsQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.011821, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: memfd_create() is a pretty busy function that could be easier to read if some of the logic was split out into helper functions. Therefore, split the flags check, name creation, and file creation into their own helper functions, and create the file structure before creating the memfd. This allows for simplifying the error handling path in memfd_create(). No functional change. Signed-off-by: Isaac J. Manjarres --- mm/memfd.c | 87 +++++++++++++++++++++++++++++++++++------------------- 1 file changed, 56 insertions(+), 31 deletions(-) diff --git a/mm/memfd.c b/mm/memfd.c index 5f5a23c9051d..a9430090bb20 100644 --- a/mm/memfd.c +++ b/mm/memfd.c @@ -369,16 +369,8 @@ int memfd_check_seals_mmap(struct file *file, unsigned long *vm_flags_ptr) return err; } -SYSCALL_DEFINE2(memfd_create, - const char __user *, uname, - unsigned int, flags) +static int memfd_validate_flags(unsigned int flags) { - unsigned int *file_seals; - struct file *file; - int fd, error; - char *name; - long len; - if (!(flags & MFD_HUGETLB)) { if (flags & ~(unsigned int)MFD_ALL_FLAGS) return -EINVAL; @@ -393,20 +385,25 @@ SYSCALL_DEFINE2(memfd_create, if ((flags & MFD_EXEC) && (flags & MFD_NOEXEC_SEAL)) return -EINVAL; - error = check_sysctl_memfd_noexec(&flags); - if (error < 0) - return error; + return check_sysctl_memfd_noexec(&flags); +} + +static char *memfd_create_name(const char __user *uname) +{ + int error; + char *name; + long len; /* length includes terminating zero */ len = strnlen_user(uname, MFD_NAME_MAX_LEN + 1); if (len <= 0) - return -EFAULT; + return ERR_PTR(-EFAULT); if (len > MFD_NAME_MAX_LEN + 1) - return -EINVAL; + return ERR_PTR(-EINVAL); name = kmalloc(len + MFD_NAME_PREFIX_LEN, GFP_KERNEL); if (!name) - return -ENOMEM; + return ERR_PTR(-ENOMEM); strcpy(name, MFD_NAME_PREFIX); if (copy_from_user(&name[MFD_NAME_PREFIX_LEN], uname, len)) { @@ -420,11 +417,22 @@ SYSCALL_DEFINE2(memfd_create, goto err_name; } - fd = get_unused_fd_flags((flags & MFD_CLOEXEC) ? O_CLOEXEC : 0); - if (fd < 0) { - error = fd; - goto err_name; - } + return name; + +err_name: + kfree(name); + return ERR_PTR(error); +} + +static struct file *memfd_file_create(const char *name, unsigned int flags) +{ + unsigned int *file_seals; + struct file *file; + int error; + + error = memfd_validate_flags(flags); + if (error < 0) + return ERR_PTR(error); if (flags & MFD_HUGETLB) { file = hugetlb_file_setup(name, 0, VM_NORESERVE, @@ -433,10 +441,8 @@ SYSCALL_DEFINE2(memfd_create, MFD_HUGE_MASK); } else file = shmem_file_setup(name, 0, VM_NORESERVE); - if (IS_ERR(file)) { - error = PTR_ERR(file); - goto err_fd; - } + if (IS_ERR(file)) + return file; file->f_mode |= FMODE_LSEEK | FMODE_PREAD | FMODE_PWRITE; file->f_flags |= O_LARGEFILE; @@ -456,13 +462,32 @@ SYSCALL_DEFINE2(memfd_create, *file_seals &= ~F_SEAL_SEAL; } - fd_install(fd, file); - kfree(name); - return fd; + return file; +} -err_fd: - put_unused_fd(fd); -err_name: +SYSCALL_DEFINE2(memfd_create, + const char __user *, uname, + unsigned int, flags) +{ + struct file *file; + int fd; + char *name; + + name = memfd_create_name(uname); + if (IS_ERR(name)) + return PTR_ERR(name); + + file = memfd_file_create(name, flags); + /* name is not needed beyond this point. */ kfree(name); - return error; + if (IS_ERR(file)) + return PTR_ERR(file); + + fd = get_unused_fd_flags((flags & MFD_CLOEXEC) ? O_CLOEXEC : 0); + if (fd >= 0) + fd_install(fd, file); + else + fput(file); + + return fd; } From patchwork Tue Jan 7 18:48:02 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Isaac Manjarres X-Patchwork-Id: 13929510 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C7765E77197 for ; Tue, 7 Jan 2025 18:48:21 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4F6C36B00A1; Tue, 7 Jan 2025 13:48:21 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 47B606B00A2; Tue, 7 Jan 2025 13:48:21 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 2D0356B00A4; Tue, 7 Jan 2025 13:48:21 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 0965A6B00A1 for ; Tue, 7 Jan 2025 13:48:21 -0500 (EST) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id BBD88A0BE5 for ; Tue, 7 Jan 2025 18:48:20 +0000 (UTC) X-FDA: 82981541160.19.C04A765 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) by imf29.hostedemail.com (Postfix) with ESMTP id E3AB6120014 for ; Tue, 7 Jan 2025 18:48:18 +0000 (UTC) Authentication-Results: imf29.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=PcDPTjk1; spf=pass (imf29.hostedemail.com: domain of 38XZ9Zw4KCBg6Gyy0AyB7yFF2G4CC492.0CA96BIL-AA8Jy08.CF4@flex--isaacmanjarres.bounces.google.com designates 209.85.216.73 as permitted sender) smtp.mailfrom=38XZ9Zw4KCBg6Gyy0AyB7yFF2G4CC492.0CA96BIL-AA8Jy08.CF4@flex--isaacmanjarres.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1736275699; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=50lLEW9SKYc1xkD+PbF+LHJJKluSEdexAUkKUhuIKDk=; b=PLd11RnpYHOSYMcOUKjoFZMqw1HbnVYYDaHfoWuxB6J7lWnB4e5pnJxTYpDPiFGgy67Ur7 N4e63xdTgkLgF1BiUmEbhr/8CqOOD+KAOI/r0Qj2oNlpHGlCFJ6LvKPacbokpXzZjpbJDy vTDG5W9qxQj0Bsb0QTEU214gabJQ8kU= ARC-Authentication-Results: i=1; imf29.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=PcDPTjk1; spf=pass (imf29.hostedemail.com: domain of 38XZ9Zw4KCBg6Gyy0AyB7yFF2G4CC492.0CA96BIL-AA8Jy08.CF4@flex--isaacmanjarres.bounces.google.com designates 209.85.216.73 as permitted sender) smtp.mailfrom=38XZ9Zw4KCBg6Gyy0AyB7yFF2G4CC492.0CA96BIL-AA8Jy08.CF4@flex--isaacmanjarres.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1736275699; a=rsa-sha256; cv=none; b=siD4Bm3ynkTU6PAxfzkO2rmMRqzczJQQeLmFpBhjT7W0nt9DjX2tUrozpuP4c0pJpAeXgM snW35alhshFj80MqNCp+Pq7QFaABsgwu6kZv7wGSphjmbOZE5MWwiO1fBQgaH93wF6hqT7 oNNkpbPznRMRMrTT2aOOB9KpBRT5zGE= Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-2ef8c7ef51dso121140a91.1 for ; Tue, 07 Jan 2025 10:48:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1736275697; x=1736880497; darn=kvack.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=50lLEW9SKYc1xkD+PbF+LHJJKluSEdexAUkKUhuIKDk=; b=PcDPTjk1YNfWhGD67P8j2DfildM0+GQ7ZimAQ23mUk/QH1bsw0mi8KBrDsyySpBGJM Gbt3zNJ7F33ce1cbwX77qWMKPA4UH0TedCkbQKb1IHy9OcncaHhPwpWG+VAembpZcAbF 7x4Jdeo/NXWQmCikKSoITOq+poXECjz9TKbwJokI7VDSl4nCrf9/YruqQm09DEqQCz3o 9+ePUiDQYTFqDAuti1G9gzs6brkLiWLJ8QEkS2S4oJn5jOx+PSOfIwsKeLw2GeUFDFb2 sVIh37pXSNsD9zeVbO0N4DyrFcdJ8/UrGh3sQLkqGX2Fz6+FiyX/0yZv9Pudr79hw3UW 7fjg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1736275697; x=1736880497; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=50lLEW9SKYc1xkD+PbF+LHJJKluSEdexAUkKUhuIKDk=; b=UEu+1llaZ47wX9qUHcaChTPn6xej1Q/wECvIlLUB0iFc3ENG8F3AQdIZZetg8tUe8s B17Bn+LBrMGP/5xigBKq8d/ks3wH34+dQ/fwyGlr+LE5Dzl+5DpA7V/vB4YQ3XnsF/MK dtUXxf1GHSw7YwOdsJ9VFvnTi/UguRwj0xCpLABHPOpk10W4JthXDpqFdXtQAmfjZwJm Gye2AAKbCSESnarZfJmQun4GGR3rMEQosROzFFVXK+V8KHojmM5FRdoC8yrjfJ751LKj q6KF7A8Sgv+Ndfdjc7Lf42A36pk4qfRd39K4z8QBp4Gp4O+kD/z/Trwis7zqfiXle5Xc QvpQ== X-Forwarded-Encrypted: i=1; AJvYcCUn+RVdvXLJZ3f94UJK2kFh23nZ2lffcAQXFpz0JK6VJ8/+/HXRXeZ8fEolvtdSnEMQ9EM1izoreQ==@kvack.org X-Gm-Message-State: AOJu0YyGytEdk5UQ9LLmzyONW+iiII4bEY5OXrkvPTsSX2cMUvNax/wH O4LipLDHpKStMoibyC6VkXb4kZS+OXM9+lT2ZAaKrU7EYoH+wgK2mmyqExrAQPUW8CtY0VM4IRK 6w2KnvUih2jql4P9zU9Yg24gSruRsH/n0uQ== X-Google-Smtp-Source: AGHT+IGHSFoGgESZy9nn6zzNByx2COlM3Gms6uDyLSzyV2qnHkKsirasdpXYNca+u/B/CV52aTS2q18lsuiCDMLSkxsbsw== X-Received: from pjbsl16.prod.google.com ([2002:a17:90b:2e10:b0:2ef:82a8:7171]) (user=isaacmanjarres job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:5245:b0:2f2:a90e:74ef with SMTP id 98e67ed59e1d1-2f53cb837b7mr6272082a91.1.1736275697657; Tue, 07 Jan 2025 10:48:17 -0800 (PST) Date: Tue, 7 Jan 2025 10:48:02 -0800 In-Reply-To: <20250107184804.4074147-1-isaacmanjarres@google.com> Mime-Version: 1.0 References: <20250107184804.4074147-1-isaacmanjarres@google.com> X-Mailer: git-send-email 2.47.1.613.gc27f4b7a9f-goog Message-ID: <20250107184804.4074147-3-isaacmanjarres@google.com> Subject: [PATCH v2 2/2] mm/memfd: Use strncpy_from_user() to read memfd name From: "Isaac J. Manjarres" To: lorenzo.stoakes@oracle.com, Andrew Morton Cc: kaleshsingh@google.com, jstultz@google.com, aliceryhl@google.com, surenb@google.com, "Isaac J. Manjarres" , kernel-team@android.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org X-Rspamd-Queue-Id: E3AB6120014 X-Stat-Signature: 8ywuwedh58tijzcxf6zu4scr9ikhdxqq X-Rspam-User: X-Rspamd-Server: rspam11 X-HE-Tag: 1736275698-987968 X-HE-Meta: U2FsdGVkX18VYMMHCbrY+Ed1q6whJZr23j3Z4+SugNAbIDsU/qyi8HWr1B8htAplkfKyE7qfmTZ4l9cuE/byYyeY6qutcJVkRP6pGRHR79ifHhxj65rjnLXqk4+1S+Ep0mn6+up8h4httdPudBkrXstUMqqmORIEkMy36+icBLyj+nleJuf5c4qrT3yhRZEKggxR/5qGPnZMKid+Jpgtxhex0wTF1FrYhZZDhf0W3OlGsLF9VjF8JDM9jHD9tqN8Bb5aAHJT/wYed+6M9dkZEyZym9ii00wgRQEnLdzLHqDPS5oQWLhCzd7w1L5JMm2LvF3vYhYdCEdCZ9asel5v0qHRy2G7CVzG1cJoXFbK+5ZWE/7HGjDZ58p7o/oDrzeZm4GrLXGOQUxMGybMZ/gDkDLVZBuT1VIjz/4k8I0oAAbzkqxddhmxvRhV1GF3GlK32Um7/Y2RCGDvuj26Mhl00kfU5ZBLq4JtZDy1hyrb+wSw19jl2RvbTWe9Xh85dUztCvUQyvhc4ZLUbOOQSwGSPjPMc0jTT//4m9rWsXNJTcLY1chtnrhFs3oL/ALrLBGyr+91u5NvKVNEUHKg2J4uhijcvK2qThCDiMYciNiQ7bz1shB3+QT67cWb0aY/qAhyoxod+BEJfBE4ALeKI6FlwsgoFtjrAursvxMCSueAQ7hVfFR9FoEVd9xVCvEzq6OBeWhYVdmWHq0MmlyO8ginbiD3d9BvfW5DcJ3hC/QI5TpYTsEZ1+fk4euC6KWXIgyBZoHI81o9nXdptk/lwiDZfcoGFHkCUJahqpyDzZJ0PCf/CKYySCEiqm71Rmq4/nAtoDKUCEpt0tt1rGjMIyKYWwXyCXyxWh59Cv7DCPo8jLUxrCfE5KFMYDe5Kix+iQLJlg48E+3nsTNGnLY5OEmU6D+pYWfonqqV/w0OslCxbm7Bky8DEHfbDSzaazplxp7uPJ2cPlLlEh6PfrPkRfj mMfHK9MY isPOb7Qct2cs+NsoYFHK8pzxlPFTPQZKatrfK0tgPpZTAqn0Q3aiYWsVLML43o9nFAtiTEOPiJ+/7ZxqrLC2H4Cp4c799bIcETW6kTiAcS+bKsTdU+4qqWKVETkZ4VEvf2KBaFsYnmBNm/lttr3ZwV4Uak0dctNyKl47KctxUtNxr0pD/rqo/1dzh9mQUtZ8wzU/AtYB7zpgOup5gw+B/S77wb+RbSInKpu9qtBB44Wj+Zh3cMpLRAhJiBkzAxxSGLD1Vz2g5gmJn7h6wcdhosLRPLIGBLHeZ45ijrn5l6q7Ck/TW3epZD5HsnYpcI3O2WWU2tfmpHNdZ+uY2VyINPV0LL9QuLFGR6uBE9qzVY38mOh4/1HKdJ5uPFWzF7PSTIKFe5Q24D5bzMEzO4LUX31dWeiN2DAAw3/abZx7Q6swO4ES40cjGYb0D8RnbY7pyTT00/tRQ9QhBMwJc5+awC5jODaG+kgEWJDyAMGL7BbOr3UdfaNwEfUaB8FhPPeN/W4ners0epW29vZYlaFBvTs+63rBbxa3TBtDKlGjhzaFSIY5m6U40Q73CP3VOG2B6Z0sP9gEs+1PhiAhFTDcViQLkkyVzbWAuHdIPcBRnyupoOWBzGIZhHzAJ10395tvPJmbW+gaa1RMDR87cmtYRnTR8rKvtJWyMdBq+qUaZ0XZBE+1FIGE6YwkokQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.063852, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: The existing logic uses strnlen_user() to calculate the length of the memfd name from userspace and then copies the string into a buffer using copy_from_user(). This is error-prone, as the string length could have changed between the time when it was calculated and when the string was copied. The existing logic handles this by ensuring that the last byte in the buffer is the terminating zero. This handling is contrived and can better be handled by using strncpy_from_user(), which gets the length of the string and copies it in one shot. Therefore, simplify the logic for copying the memfd name by using strncpy_from_user(). No functional change. Signed-off-by: Isaac J. Manjarres Reviewed-by: Alice Ryhl --- mm/memfd.c | 20 ++++++-------------- 1 file changed, 6 insertions(+), 14 deletions(-) diff --git a/mm/memfd.c b/mm/memfd.c index a9430090bb20..babf6433cf7b 100644 --- a/mm/memfd.c +++ b/mm/memfd.c @@ -394,26 +394,18 @@ static char *memfd_create_name(const char __user *uname) char *name; long len; - /* length includes terminating zero */ - len = strnlen_user(uname, MFD_NAME_MAX_LEN + 1); - if (len <= 0) - return ERR_PTR(-EFAULT); - if (len > MFD_NAME_MAX_LEN + 1) - return ERR_PTR(-EINVAL); - - name = kmalloc(len + MFD_NAME_PREFIX_LEN, GFP_KERNEL); + name = kmalloc(MFD_NAME_PREFIX_LEN + MFD_NAME_MAX_LEN + 1, GFP_KERNEL); if (!name) return ERR_PTR(-ENOMEM); strcpy(name, MFD_NAME_PREFIX); - if (copy_from_user(&name[MFD_NAME_PREFIX_LEN], uname, len)) { + /* length does not include terminating zero */ + len = strncpy_from_user(name + MFD_NAME_PREFIX_LEN, uname, MFD_NAME_MAX_LEN + 1); + if (len < 0) { error = -EFAULT; goto err_name; - } - - /* terminating-zero may have changed after strnlen_user() returned */ - if (name[len + MFD_NAME_PREFIX_LEN - 1]) { - error = -EFAULT; + } else if (len > MFD_NAME_MAX_LEN) { + error = -EINVAL; goto err_name; }