From patchwork Fri Jan 10 16:58:59 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Isaac J. Manjarres" X-Patchwork-Id: 13935156 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id DA665E77188 for ; Fri, 10 Jan 2025 16:59:15 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 717958D0007; Fri, 10 Jan 2025 11:59:15 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 6C8C38D0003; Fri, 10 Jan 2025 11:59:15 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 592058D0007; Fri, 10 Jan 2025 11:59:15 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 3053D8D0003 for ; Fri, 10 Jan 2025 11:59:15 -0500 (EST) Received: from smtpin26.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id D7B6644E81 for ; Fri, 10 Jan 2025 16:59:14 +0000 (UTC) X-FDA: 82992152628.26.8F4A57A Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) by imf08.hostedemail.com (Postfix) with ESMTP id 1AF5F160019 for ; Fri, 10 Jan 2025 16:59:12 +0000 (UTC) Authentication-Results: imf08.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=YqTzvsQL; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf08.hostedemail.com: domain of 331GBZw4KCMoy8qqs2q3zq77u8w44w1u.s421y3AD-220Bqs0.47w@flex--isaacmanjarres.bounces.google.com designates 209.85.216.74 as permitted sender) smtp.mailfrom=331GBZw4KCMoy8qqs2q3zq77u8w44w1u.s421y3AD-220Bqs0.47w@flex--isaacmanjarres.bounces.google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1736528353; a=rsa-sha256; cv=none; b=6X4EfYlrYytE7HpPeFEv/TMT4yrrp8xW4FNj2TDepAHnBIPcK3VfDVj3yuC9Io9idLZyOK SZih8mGXqAlmCooZWpMBTXLYfHHFky9v543t2sQFTHGysWHZp/qPI/kd4ND9TJ73Z19qeS q+CUNpPmTDcOxnyTNJRSc5kCdH+ALiw= ARC-Authentication-Results: i=1; imf08.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=YqTzvsQL; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf08.hostedemail.com: domain of 331GBZw4KCMoy8qqs2q3zq77u8w44w1u.s421y3AD-220Bqs0.47w@flex--isaacmanjarres.bounces.google.com designates 209.85.216.74 as permitted sender) smtp.mailfrom=331GBZw4KCMoy8qqs2q3zq77u8w44w1u.s421y3AD-220Bqs0.47w@flex--isaacmanjarres.bounces.google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1736528353; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=zKt1DPL8dLAaFtUnRUzSqTKiJk4PTPPAGd+NFYdeSwg=; b=2QKBWwwGKDKnSr0mGao9yzfKH+yt3uxVDsD85C0PjsTBjbAEJrRCsKctZGqWm9Jla2qa2Z u6a5seSgY17CQb1mdP+mzICsZUQTEZ49+wzr6kgxvHo628PV9m3Ut+NmsXbVCgwRII0i4T Gj81SabfOeaU/Os6aRlfpaa19rzBL5g= Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-2ef9204f898so4091483a91.2 for ; Fri, 10 Jan 2025 08:59:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1736528352; x=1737133152; darn=kvack.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=zKt1DPL8dLAaFtUnRUzSqTKiJk4PTPPAGd+NFYdeSwg=; b=YqTzvsQLFe/hjC95OLAo8sBa2wWQ5e4Kqhsn7lVxVYSoRs1NGCE0xcx7fw6fVNmsHI kdSO+JbNX2UpZRUI7ICvdlhXFBJ/XWq56GZJZJIZ7uSTyBGQufXoTTgnxYuyajKDB4TO S/nAY9PxGsMwyZxl/uX+KcDanE06u/WBb21ZVhM1384qOvk4yHr9nXWqoP1YE0Gaq/IK SdanKhzHGDUbyAbmMpJNqxgG4te3Q32ez54J6qfAzEN0spjdD/NYkzhDzYj71PsN4qNH BiilJHOjcgZe6uiIbixKIC7dLvR+PJeLVpTgrP2XZ7jvW0mVUbUVOr+IgMZ5rWJxB+y1 NS1w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1736528352; x=1737133152; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=zKt1DPL8dLAaFtUnRUzSqTKiJk4PTPPAGd+NFYdeSwg=; b=Xo1eSUIC8W1impALjAKdt2uEVAgJGKfBF4L+YOAphomzOs9fTEZ9BYyiBvcLe+kj7K //AchW3Yavww20r4K4SAx0FXrSgFOXtj6FC2gF5SRu6YlwGj3DPXKyO/NbARCsLjosyz m/RlbC6t5o1dsU/3LvYntgXJIfOEDdnkCuorsRevNlD506zhrek/6dar4FsyHzBNPPw9 xyd3X354MqVdK2NWcKgGJDkevVCdfVlPWzkX0uAdNY8YKju7TLzoOSg7K9LtgzgHNENu TEWG7N116f0cYA3m/k3bDxhMwQQr0YmN4iu1e31hHsveRYw/wtFe0OrF/wZmKJlMJFG4 IDXg== X-Forwarded-Encrypted: i=1; AJvYcCXf/JyI5mXbldnwxgMyF5IhuE0d+jcnngLu4RTsEVJJjdaoXMgCKn5bCeQtvWBhsNKpRjOegNF5MA==@kvack.org X-Gm-Message-State: AOJu0Yy2DCRJYfNVhEWCJrz3wt8RMYWzYM09vnSploNgRjXGF7Z7YtRg oEjYypKJA8A1EcsZxf1EqloRJt7gV99lp4FynJuTRihGPOllPRcDC62w0EofdzM9sGamOL8tdxm P+QU0kzCKIVXS6A8v+gdvoEYhmx13lhQrwg== X-Google-Smtp-Source: AGHT+IH4zNEHH+SxAVpiiIGRgV/DdPoVtFRvZbNB2Vrw97PKwLA6EhCRn54go/tXkZHsIwhEFHnKyvwRUhcE1SM0KdlLzw== X-Received: from pjbqi14.prod.google.com ([2002:a17:90b:274e:b0:2ef:d283:5089]) (user=isaacmanjarres job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:33d2:b0:2f1:4715:5987 with SMTP id 98e67ed59e1d1-2f548f32f7fmr17624178a91.9.1736528351924; Fri, 10 Jan 2025 08:59:11 -0800 (PST) Date: Fri, 10 Jan 2025 08:58:59 -0800 In-Reply-To: <20250110165904.3437374-1-isaacmanjarres@google.com> Mime-Version: 1.0 References: <20250110165904.3437374-1-isaacmanjarres@google.com> X-Mailer: git-send-email 2.47.1.613.gc27f4b7a9f-goog Message-ID: <20250110165904.3437374-2-isaacmanjarres@google.com> Subject: [PATCH v4 1/2] mm/memfd: Refactor and cleanup the logic in memfd_create() From: "Isaac J. Manjarres" To: lorenzo.stoakes@oracle.com, Andrew Morton Cc: kaleshsingh@google.com, jstultz@google.com, aliceryhl@google.com, surenb@google.com, "Isaac J. Manjarres" , kernel-team@android.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: 1AF5F160019 X-Stat-Signature: awq8pkxdkoku35i1wasn9prazpw4mt41 X-Rspam-User: X-HE-Tag: 1736528352-129555 X-HE-Meta: U2FsdGVkX187oMcwa3ot5PMiBE4LhMiFJEZzj0jR9c9wD33852L8cC4Ucr+pmHweWBsSWHTUG3sEYZG9GrlE0aEx3YZZf2P/VlnIXWC33JRsZwc2UzJ0DQSHPNFS5xZa9RA/QrYb1LJoB3eIrCGACwaJCWBrt+W4Sn0+PLCx/5JnRIMMegocfvc1H8XQFQQeY5aMTIDIEEhiyBKd2Icu7QCduvm8K7MKUINvQWU7iJZH7wVjumHibriZZ/uyqpw9GeZr3GMQsXlovZYYKO+Is+gInvfi6N81FB9+JpEDJYPMrUV3x5stDCQRzm2zgpZUEIrw/Lb6hJ1LBtLVav+ul8RQvjyoG3BJqshiCnZeHqDPyog95e2Nhi7s+7ud1YgL8A9hXL/dssj35j3w9ZstMhHM1h2qvZb0PX+AVGfFcnZ32D8ChM0Rwqn3FxSmNos0sRaeIyz+m9Fa9P/GMEXY5HG0Nduma+LcZexdLuVOQL6FnNBKoH9R46oI7WVz/sbTX+jVYWvAeiveD4mO52ThO0/6FGSS5ABgItJa2C8bf99CKxL/q+Qc+SgVKAKifN6SHb8QEH7q03ytB4zqBon7k/VlZxcbSDTP7gSrkAmBkNAIJjCPC7GbtCumDcsb6mfFyOvIIJ5s+O3t+4IzGvrz5ftn59Dm/RddyAYLlDz6A3DPA03uzYorryoWO581bEA1ndaMDIboJsjdzr0ViSZCQefHVtEC1xkFe+N3xNuboQg3CI+vPEopCaqGNeN71tQpBX6qOCeHOha+hidf7zABkDnwz6YZKge7YvBGZfUVL/8A7VGJEV4nvk1GLWuWV1W1bqnIHgILTd8nyuRP6YbOBxnmC5ypfI09CUfbaAfcyAfcwEwUvFqhFvnOFQVWvcKJz3RC1xCs/1L6rgjsG5hksQDRcg/QXE16JTEbv0BmJYc8ufitgteKRCFRBst43KQ2E9DVxYoiaWKbYqivgM1 Uj3Hd/mv tZHcCKZdOr5zX7UsMQBN4lppUc3QVkjxLdgHe5sU7/e5ECaWXMECVIhpGMY49/CINzKv3y1slIEDYLmpzhQk+66MnTva0nrlD42/JlpWYy90WRjMEypbINnchPjKJyw889yAMZ4LhdrGD+lZeypHBvoFtL8O6QH05tA7CTvT+XJJn6CWZRNraPyd3EmCXU9f9ctGbFnaOCrg0lVjX1ey+kF/PF07NpdTd81R9gyH8SinXmQlv44vleiaPJ04HgewpUuEkYUp5cDI11aOiHRlAsztdy8TFwzZVw1cwHjOaZmfLSt1RgLApz9+99LU3mcQahChboPINzp+HbxOHaqaNFA3qn12OsIcNG7XHjgBCZISZ+Ysjkp9w2FXdjs4Ix/XrytxSco8T/W8+D5NcnmIbCtNUuSXnnlIJhVPIz28oVvzvrx5qiDezfc3AYlwAGr6EzlEs3LtAYKebm1+5/3NjZOyps/JlYWdjgrOuB5fSM8kmClroCiAFxliPNlDsnH7bQf7RcnUFMkGHq0UfMugTXjHz4kpaPTqYtWwCHjfY0f5fp2Wb6ZJGcC8HI1lGBckQfoyhdTYKHWKZvfpoj1aI5vRVO6tYImnHP53Vs1C8J0OFV1vnGqNCubcLhEmeruzI7tfg3ybOlvLz+xXHp+5nLGIgiA3HaxesYpK87uCJAQsJLAo= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: memfd_create() is a pretty busy function that could be easier to read if some of the logic was split out into helper functions. Therefore, split the flags sanitization, name allocation, and file structure allocation into their own helper functions. No functional change. Reviewed-by: Alice Ryhl Reviewed-by: Lorenzo Stoakes Signed-off-by: Isaac J. Manjarres --- mm/memfd.c | 81 ++++++++++++++++++++++++++++++++++++++---------------- 1 file changed, 58 insertions(+), 23 deletions(-) diff --git a/mm/memfd.c b/mm/memfd.c index 5f5a23c9051d..04d9e2a23df8 100644 --- a/mm/memfd.c +++ b/mm/memfd.c @@ -369,15 +369,9 @@ int memfd_check_seals_mmap(struct file *file, unsigned long *vm_flags_ptr) return err; } -SYSCALL_DEFINE2(memfd_create, - const char __user *, uname, - unsigned int, flags) +static int sanitize_flags(unsigned int *flags_ptr) { - unsigned int *file_seals; - struct file *file; - int fd, error; - char *name; - long len; + unsigned int flags = *flags_ptr; if (!(flags & MFD_HUGETLB)) { if (flags & ~(unsigned int)MFD_ALL_FLAGS) @@ -393,20 +387,25 @@ SYSCALL_DEFINE2(memfd_create, if ((flags & MFD_EXEC) && (flags & MFD_NOEXEC_SEAL)) return -EINVAL; - error = check_sysctl_memfd_noexec(&flags); - if (error < 0) - return error; + return check_sysctl_memfd_noexec(flags_ptr); +} + +static char *alloc_name(const char __user *uname) +{ + int error; + char *name; + long len; /* length includes terminating zero */ len = strnlen_user(uname, MFD_NAME_MAX_LEN + 1); if (len <= 0) - return -EFAULT; + return ERR_PTR(-EFAULT); if (len > MFD_NAME_MAX_LEN + 1) - return -EINVAL; + return ERR_PTR(-EINVAL); name = kmalloc(len + MFD_NAME_PREFIX_LEN, GFP_KERNEL); if (!name) - return -ENOMEM; + return ERR_PTR(-ENOMEM); strcpy(name, MFD_NAME_PREFIX); if (copy_from_user(&name[MFD_NAME_PREFIX_LEN], uname, len)) { @@ -420,23 +419,28 @@ SYSCALL_DEFINE2(memfd_create, goto err_name; } - fd = get_unused_fd_flags((flags & MFD_CLOEXEC) ? O_CLOEXEC : 0); - if (fd < 0) { - error = fd; - goto err_name; - } + return name; + +err_name: + kfree(name); + return ERR_PTR(error); +} + +static struct file *alloc_file(const char *name, unsigned int flags) +{ + unsigned int *file_seals; + struct file *file; if (flags & MFD_HUGETLB) { file = hugetlb_file_setup(name, 0, VM_NORESERVE, HUGETLB_ANONHUGE_INODE, (flags >> MFD_HUGE_SHIFT) & MFD_HUGE_MASK); - } else + } else { file = shmem_file_setup(name, 0, VM_NORESERVE); - if (IS_ERR(file)) { - error = PTR_ERR(file); - goto err_fd; } + if (IS_ERR(file)) + return file; file->f_mode |= FMODE_LSEEK | FMODE_PREAD | FMODE_PWRITE; file->f_flags |= O_LARGEFILE; @@ -456,6 +460,37 @@ SYSCALL_DEFINE2(memfd_create, *file_seals &= ~F_SEAL_SEAL; } + return file; +} + +SYSCALL_DEFINE2(memfd_create, + const char __user *, uname, + unsigned int, flags) +{ + struct file *file; + int fd, error; + char *name; + + error = sanitize_flags(&flags); + if (error < 0) + return error; + + name = alloc_name(uname); + if (IS_ERR(name)) + return PTR_ERR(name); + + fd = get_unused_fd_flags((flags & MFD_CLOEXEC) ? O_CLOEXEC : 0); + if (fd < 0) { + error = fd; + goto err_name; + } + + file = alloc_file(name, flags); + if (IS_ERR(file)) { + error = PTR_ERR(file); + goto err_fd; + } + fd_install(fd, file); kfree(name); return fd; From patchwork Fri Jan 10 16:59:00 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Isaac J. Manjarres" X-Patchwork-Id: 13935157 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9F186E7719C for ; Fri, 10 Jan 2025 16:59:20 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 321818D0008; Fri, 10 Jan 2025 11:59:20 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 2D0AD8D0003; Fri, 10 Jan 2025 11:59:20 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 1718F8D0008; Fri, 10 Jan 2025 11:59:20 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id E1ABA8D0003 for ; Fri, 10 Jan 2025 11:59:19 -0500 (EST) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 9C8EF120C0E for ; Fri, 10 Jan 2025 16:59:19 +0000 (UTC) X-FDA: 82992152838.19.72E808E Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) by imf01.hostedemail.com (Postfix) with ESMTP id 9DC2340016 for ; Fri, 10 Jan 2025 16:59:17 +0000 (UTC) Authentication-Results: imf01.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=PU5bIwuE; spf=pass (imf01.hostedemail.com: domain of 35FGBZw4KCM83Dvvx7v84vCCzD19916z.x97638FI-775Gvx5.9C1@flex--isaacmanjarres.bounces.google.com designates 209.85.214.201 as permitted sender) smtp.mailfrom=35FGBZw4KCM83Dvvx7v84vCCzD19916z.x97638FI-775Gvx5.9C1@flex--isaacmanjarres.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1736528357; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=87gYSmAhUUPTZ2ifTvHPh1Wmr1y1LndPZnyTULuvJAc=; b=t2f1yubb6+ESuOFAyJZ6GP2/vlyNRw69Kq6DI/P88zoEbtvjydzc5fHeZL3cf3BsH8sHAG m+133g+7S9r/K+Tzo2Pt2WOJYQLJY6DxAJg/Hd6iuW1PjWccNqHrH9MxjHUo+DmvdQxehq Qk65MMRHbVD8ll5oddNpsTxfTL1ekK8= ARC-Authentication-Results: i=1; imf01.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=PU5bIwuE; spf=pass (imf01.hostedemail.com: domain of 35FGBZw4KCM83Dvvx7v84vCCzD19916z.x97638FI-775Gvx5.9C1@flex--isaacmanjarres.bounces.google.com designates 209.85.214.201 as permitted sender) smtp.mailfrom=35FGBZw4KCM83Dvvx7v84vCCzD19916z.x97638FI-775Gvx5.9C1@flex--isaacmanjarres.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1736528357; a=rsa-sha256; cv=none; b=IFVrg5pQGG9d4oVezNHc4S7fPfsmhbUw4aXBOZsQh9C3znw8bfFtcuwXZ4wpsFowAfkeNa LIVIc5BQkFk2TBTDy5IkLdmvL3eVtZHXv9X28NEcruwp3QTZaweqOVFlj69fBJCYxdenPz LyhorA+nkkJFXoEy+BwHj4Y28qgjuJs= Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-2166a1a5cc4so38721145ad.3 for ; Fri, 10 Jan 2025 08:59:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1736528356; x=1737133156; darn=kvack.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=87gYSmAhUUPTZ2ifTvHPh1Wmr1y1LndPZnyTULuvJAc=; b=PU5bIwuEsAFgRzeKl2YUOXi17jOumBspQ7blN0sTngBQKHYr/g7kG5lIkiQTsgT2ui fe09e8+M2U8uCwHY3oX9Sl+VOaC06kHey1KVIDi2uGlUTcJARNKPoIvgJqUpLydSScVZ hZf+JmYcrQS3ti/xara+vOYyDxat2aobNVJbCTQOcJxEM008Jk+nXECxqi1wOOP3kd4L YfnH8Dp0GpwisAttPm/SVnb/rUkTHwP3iWIGs9VTBVge1Y2oNbqlyIKtLmsN/bFP/qrq FzaLS7KYnrFSv3NB17CkQpid0IuaJyWsiFp1KTxPrw1a4i0S5P2X/AJm3mVBTU9V9aBp cINg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1736528356; x=1737133156; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=87gYSmAhUUPTZ2ifTvHPh1Wmr1y1LndPZnyTULuvJAc=; b=DVFXDDcfryoCIywH/HonfxomtGXzYhO+lda7h+AwkbTGbRX/+ttaZJjZCYY1YGz9dH pO0K+s273Vtd8j2TnkL+OUoUZpoDKd4/0/7xOmOiyKyeYSTMrUxNZN9yyaQIQefKF1FO hM9llRgFeUmSKUFPKK9rQesNGNh1+09y2VhE5qhNU2GDKOTNdIWdMtAhmtpVQLNj0ZFs lbapxR6Nqbw2O+fiXQJlVvnwkevYDA/nkJ2wKBSpymQxLcFIqNQ3VJDLrzZzGPieOoLK E+YmMxvzrtBWALxc3JQa45ZsK9aTM3wlTtZLHaBxceRZi91z8emjrygxBIhHJ5J4BOJy FpGw== X-Forwarded-Encrypted: i=1; AJvYcCUIHDxSCl7kvld8qxIX6xpVX+PyQPj1pdMG9IVBqQF6OFEu2FWalMSWg98K7wMIjD7ImVu20HCEng==@kvack.org X-Gm-Message-State: AOJu0YzdD89f2kyYN9FZPsXn8P+A0Dy66p8Pbxtv03oGUPuUWj4RpKmz OFEJtlh5fpzrmyjk7jttJ7+MpPB/20vpZlpg6vS9qeCt4Yyit2fkFydx/cyIVrYqGc7ag2xj02j ElA0uF12Yafn0uKO0gtAtR0nszzZNpklNCw== X-Google-Smtp-Source: AGHT+IHzLLNeN5JPm4/Gav9dB+0dA4OcMygrQgaBF3oyd/JvFuN6fVLk8F8FJEZyPWDxzBEBj30BV0B4BtXylqXJ/BYgkQ== X-Received: from pfbjw26.prod.google.com ([2002:a05:6a00:929a:b0:72a:83ec:b170]) (user=isaacmanjarres job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a20:a10f:b0:1e1:a829:bfb6 with SMTP id adf61e73a8af0-1e88cf7f5bdmr19575187637.3.1736528356234; Fri, 10 Jan 2025 08:59:16 -0800 (PST) Date: Fri, 10 Jan 2025 08:59:00 -0800 In-Reply-To: <20250110165904.3437374-1-isaacmanjarres@google.com> Mime-Version: 1.0 References: <20250110165904.3437374-1-isaacmanjarres@google.com> X-Mailer: git-send-email 2.47.1.613.gc27f4b7a9f-goog Message-ID: <20250110165904.3437374-3-isaacmanjarres@google.com> Subject: [PATCH v4 2/2] mm/memfd: Use strncpy_from_user() to read memfd name From: "Isaac J. Manjarres" To: lorenzo.stoakes@oracle.com, Andrew Morton Cc: kaleshsingh@google.com, jstultz@google.com, aliceryhl@google.com, surenb@google.com, "Isaac J. Manjarres" , kernel-team@android.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org X-Rspamd-Queue-Id: 9DC2340016 X-Stat-Signature: owbb8ipfnq6ewon8c4y1e5ajw1c8dc6g X-Rspam-User: X-Rspamd-Server: rspam11 X-HE-Tag: 1736528357-210192 X-HE-Meta: U2FsdGVkX1+6dAAFTSNE0h2cnNYXE+bcZt8q6ZJkTWez/sVnmmNaQpgZcLAKzFh/3L/7a4pOq+sHTmOAkJ0Xn+8VartRI3ATgD+wrUH9U76wMMKlmhLUNwu9CzYVSRK7gLG+7kBkEN3zzqP5fJ+YDmEPOFmgyPyTmT5mmr6Fw/lTjY5Dz33eyg05hBsRfVGqr6eo4ZSaDmXzz18gab17h+/rYk730GsF/VgyFut+3fUuy6cw4OM1bBX6D4g4mx0U87eHuNtQZeXGpI85DOMvF3VRm37TniAtHIedDcG4o25pSGFCfFzh+2IvjeAgnr0I8EJmW1r1cBtCuQzUOU/ZkzXzyDCyQdFS7LLdyUakXWVB4o3QcnWxXh1H1YzpB6Wv46gPs2Xlvto2uVOzhFMUmR+EQ+rAdYBP7VW8J8Ducg3JwEFl9R9BMhj/OT0w3IAEyupIy458LKnLLzmtF8KJjQU5RPlkV6LJKXTsXphO4CzVRQnLOdXjMPlySxHEI94z02QlXy/5Zxbe8SsZJ1+UZ+MmRU0MFqJwDcnK5JpmPf8eB1Pp29YxCO7jUHr8k2S86clUY4ow51xr0MIRnRos6pwNaWxWnezbfFUlOnxSAMxTPJfzUZQszmEFbG7mCX+dzg8qOlrHrjAOCCin4hI5Sqbtu0qxHhcHh5b5VZHiAwtxm2d1IU9LUeOCRAT2Z7Oa4/uCXkIOIW+zxfQCnaCvbgQhzUdodcFMoK2liIsuS9sikOsGf2TG736TRPKGRcLrdeZAfHMn7n6eytC+6zCygBOqcxtamhexI6xugLWB+fYYf3ktCx/XwOMt2ckSWj8pr0nGBNJSleqDrF+Zg7eYS/7mTaTZDe5u8QYk/I/O02aSlRgWiHJCV/vSSbXO2F9j4WphkfiYixnDrrVbOLUwz5RCljfRyC0PUDqRcH49JffVIXtwCF6h1xN6qi/db8y0clIDyM4jcmYwzHG156m W4/hcGll dQJIPWondyqTdJpbb/Dn5Q7WL2rKXvrL2Th2boW+L9Uo+LcP9awgPtOJ6IVtlmOrT7VJbZSdP5uyXNpHWGFLZOjbPuTtwi//9tlRQB/ZZu9dnxsGY4Od9ozqPDEvnVV5QUfQ3WFtL+Zw5HQoxNlSgVe+PQ4YYygYtBT748+0NmJ9xPCNuw4gM2htVvp/uZVg7lGa1YzIOTryvGxPXx9UVADv6WR5iQMP/VgNs8fQ3v6EsPdtPtdIECk052p/SACTpZ4LjhU2q3/0Jr9qXLS159zBt5C+7BAZdEWmaq/4hf22l5bSwUQmq5FslRLCfiXi9KGAsbtna7icR3szqrwvypaZStOdtPOdQUP+4Iz6k2q+qbXSwW+fFd5DLzZm5mjm1J5KsiPnr/+msTYDUoIR8EN2k8GVs50Rn1I8UgyNQr7KDft1ilrVLpvzoFaGJyWjHvIc7l+RlKI7Z07LG4/Bw/iOnt5I2XGiGRgv+qPZ4lM2mSAlZGb6jGbp1fUebcCzi4ZrJHZXjldWnX9MDjhG/aAXUgrz4IQA83DaSyVBL6ZVsjS6MxncN/Dkkxv+r4RAnMQtdPeYZRqnCryencZsVvYcnj9B9NqCsS/1B3aNlsdf13W+cV6soflImrytuURAJd8mDwW433q4uJQbYWRKe2Wd9M/ODGTcA84W/PdQ3zNiU2ss= X-Bogosity: Ham, tests=bogofilter, spamicity=0.008259, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: The existing logic uses strnlen_user() to calculate the length of the memfd name from userspace and then copies the string into a buffer using copy_from_user(). This is error-prone, as the string length could have changed between the time when it was calculated and when the string was copied. The existing logic handles this by ensuring that the last byte in the buffer is the terminating zero. This handling is contrived and can better be handled by using strncpy_from_user(), which gets the length of the string and copies it in one shot. Therefore, simplify the logic for copying the memfd name by using strncpy_from_user(). No functional change. Reviewed-by: Alice Ryhl Reviewed-by: Lorenzo Stoakes Signed-off-by: Isaac J. Manjarres --- mm/memfd.c | 20 ++++++-------------- 1 file changed, 6 insertions(+), 14 deletions(-) diff --git a/mm/memfd.c b/mm/memfd.c index 04d9e2a23df8..37f7be57c2f5 100644 --- a/mm/memfd.c +++ b/mm/memfd.c @@ -396,26 +396,18 @@ static char *alloc_name(const char __user *uname) char *name; long len; - /* length includes terminating zero */ - len = strnlen_user(uname, MFD_NAME_MAX_LEN + 1); - if (len <= 0) - return ERR_PTR(-EFAULT); - if (len > MFD_NAME_MAX_LEN + 1) - return ERR_PTR(-EINVAL); - - name = kmalloc(len + MFD_NAME_PREFIX_LEN, GFP_KERNEL); + name = kmalloc(NAME_MAX + 1, GFP_KERNEL); if (!name) return ERR_PTR(-ENOMEM); strcpy(name, MFD_NAME_PREFIX); - if (copy_from_user(&name[MFD_NAME_PREFIX_LEN], uname, len)) { + /* returned length does not include terminating zero */ + len = strncpy_from_user(&name[MFD_NAME_PREFIX_LEN], uname, MFD_NAME_MAX_LEN + 1); + if (len < 0) { error = -EFAULT; goto err_name; - } - - /* terminating-zero may have changed after strnlen_user() returned */ - if (name[len + MFD_NAME_PREFIX_LEN - 1]) { - error = -EFAULT; + } else if (len > MFD_NAME_MAX_LEN) { + error = -EINVAL; goto err_name; }