From patchwork Thu Jan 9 18:59:04 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Isaac J. Manjarres" X-Patchwork-Id: 13933154 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id DCDF2E77197 for ; Thu, 9 Jan 2025 18:59:20 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6FB246B00BA; Thu, 9 Jan 2025 13:59:20 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 686196B00BB; Thu, 9 Jan 2025 13:59:20 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4FFBF6B00BD; Thu, 9 Jan 2025 13:59:20 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 2F9AB6B00BA for ; Thu, 9 Jan 2025 13:59:20 -0500 (EST) Received: from smtpin28.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id CB6381203B8 for ; Thu, 9 Jan 2025 18:59:19 +0000 (UTC) X-FDA: 82988826438.28.6822707 Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) by imf16.hostedemail.com (Postfix) with ESMTP id 0B83618000C for ; Thu, 9 Jan 2025 18:59:17 +0000 (UTC) Authentication-Results: imf16.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=uHs2Ez5h; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf16.hostedemail.com: domain of 3hByAZw4KCAEjtbbdnbokbssfthpphmf.dpnmjovy-nnlwbdl.psh@flex--isaacmanjarres.bounces.google.com designates 209.85.214.201 as permitted sender) smtp.mailfrom=3hByAZw4KCAEjtbbdnbokbssfthpphmf.dpnmjovy-nnlwbdl.psh@flex--isaacmanjarres.bounces.google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1736449158; a=rsa-sha256; cv=none; b=EW0h/+TEYZcV5MIUCd427mwUg7kI/pzp4kj1nt2CYiWWUuQhJLbVoih0ydMLrYP0B0v4TU Umo8ldob2rqa8hZC6NrnhZ0/NQ+HehvCNIYFIgEp1rx1ZEO2Xkdq26MF3SRO/dhUlDSqzU nZsvO035yOhjCGeM5E79XWs+FQNLX50= ARC-Authentication-Results: i=1; imf16.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=uHs2Ez5h; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf16.hostedemail.com: domain of 3hByAZw4KCAEjtbbdnbokbssfthpphmf.dpnmjovy-nnlwbdl.psh@flex--isaacmanjarres.bounces.google.com designates 209.85.214.201 as permitted sender) smtp.mailfrom=3hByAZw4KCAEjtbbdnbokbssfthpphmf.dpnmjovy-nnlwbdl.psh@flex--isaacmanjarres.bounces.google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1736449158; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=9BM99KssmhmTboJoX+NifvNHQdZn7EvgZFYAg3A4crk=; b=PchaL3nBUrqPvxFNphd79KXQPYBeRfECCSVVrFAC+xPQqBdA2i2umVseoSwKMGMOHOkJWs LrWmuswxnresS0Iv1OaPb+TvWA2MORQZRXcx3MLvi7SxsTGHJ44IDTA3GwStt69q0F1cHz 9nBNKx3fe6UBKqgAQv8PtVzF29Drd40= Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-216405eea1fso21448505ad.0 for ; Thu, 09 Jan 2025 10:59:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1736449157; x=1737053957; darn=kvack.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=9BM99KssmhmTboJoX+NifvNHQdZn7EvgZFYAg3A4crk=; b=uHs2Ez5hLN0KfNafsVCDzSWx9X4qzIBzcutnb0byQuUQjuJW77cNHsyx5teQ9QQ2bz i6KulJ3+bLrF565UvgiYEAhs1itRMIdQDnLqJtMVlnwl8DyJBLoqD2nsIuKagUiJdQgQ B07nxxYayoWi9JHrtWsA6u6tyh1mx7V3532alA5ave+Um8YnzOflMlfHLQwUC7eLARtj zOh+ZJbo2cOT+XOfNpk/C4kL91udU8IIwaRP3Gx/fsyKaoaE4QPe6m0KhzqrIjEyfIq7 wgKwFgyPua53C3WmJV+KFnh+MbRWeeGFiAvmv21HcmzKxYak1HU4IpWO4Qb2B1V876De k2DA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1736449157; x=1737053957; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=9BM99KssmhmTboJoX+NifvNHQdZn7EvgZFYAg3A4crk=; b=umBycQ/OuIU2WWMIsMFF6a3CSYkpIjid2MRS3HdPCF2Cp6D9glKLUAp2Q2BEtq315V aJmVyroeK9jIqJ82eIimlgSNe/uU1yajTApP4Thl55O5KhixfEUHYR3N8z4atANdLA9B h862rnRovgNkKn4JwMbx61aSKcJqVAJpOutP97ubOJMz8Ox1+zO2pW3s52jp9IVf8dzk CPUmKTKfPlooME3Zz5XpEXYRTeBEVGv6soG7Z6y5o5T0RUvnerciJhO2NF3aDQ0ox7qs h19En8rARD2Z9eXyvRNpDNVQaPBWYQu0w2yrIUUFWliPv3EtLKxCt1XO2GWlWuQd3cwC YsgQ== X-Forwarded-Encrypted: i=1; AJvYcCVhQmUoFxw0xQXiNf9g5JJ0rGS8SPPw46Y6YQqZH5ncCJ2dmQRSLGoc9yWRU+P5LE3VVQxKUbfF+g==@kvack.org X-Gm-Message-State: AOJu0YyNe0zV2a7W3AilwuPuOEBprOd5sdut4uf1Fs9uK8hFHxzEyMnD wxCOM/OhMnLZGqJjxOnSsYEYoFndStuLs6VpeDOSwnXRXxC2x8d5M47xj8qqRSoXPKFXrZCbvcY y4wzmQMgdyMLNw5fp8998NZX+CVKcX85bvw== X-Google-Smtp-Source: AGHT+IHA+ue8ssbg4T8El5ZJqPpI8Z5g1BzSDPCiGMlQKNfCBhMyjgYhHWpnabOxoBs97nTzEBWzGU1z3a8OuNT70fFeBA== X-Received: from pgbdr5.prod.google.com ([2002:a05:6a02:fc5:b0:7fd:3282:aa47]) (user=isaacmanjarres job=prod-delivery.src-stubby-dispatcher) by 2002:a17:902:cecd:b0:215:6995:1ef3 with SMTP id d9443c01a7336-21a83f3469cmr96318765ad.3.1736449156806; Thu, 09 Jan 2025 10:59:16 -0800 (PST) Date: Thu, 9 Jan 2025 10:59:04 -0800 In-Reply-To: <20250109185908.1006310-1-isaacmanjarres@google.com> Mime-Version: 1.0 References: <20250109185908.1006310-1-isaacmanjarres@google.com> X-Mailer: git-send-email 2.47.1.613.gc27f4b7a9f-goog Message-ID: <20250109185908.1006310-2-isaacmanjarres@google.com> Subject: [PATCH v3 1/2] mm/memfd: Refactor and cleanup the logic in memfd_create() From: "Isaac J. Manjarres" To: lorenzo.stoakes@oracle.com, Andrew Morton Cc: kaleshsingh@google.com, jstultz@google.com, aliceryhl@google.com, surenb@google.com, "Isaac J. Manjarres" , kernel-team@android.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org X-Stat-Signature: 7ze86sm7xtfgq334xnwa1zsek9ukpewo X-Rspam-User: X-Rspamd-Queue-Id: 0B83618000C X-Rspamd-Server: rspam08 X-HE-Tag: 1736449157-604499 X-HE-Meta: U2FsdGVkX1+P0J+ypSWTgHQn+vCLYNYGqVAS7w49NWCXytIHyDr9BCDbcFnrUDlyJeWGFnlxF/XAqp6CaqXXNVz3JJI0pwhKU0OFTr7xGR70AlprfqA/+NlhMvL7nvZGI7ExYoXvWhPoxkZzaNRkJyXJe9l/4/+bXVtwux6UvYIf01uAakhMkthU3h2dlP/P4uaYnlyfFWRC9gbQDUFuVBhOt948nRC3/RXTH09h8AdVjkZ64qhKljVjpRbj0mC2RPia+w+P4NnPBz/Ve4laSJK+iuCjZTGt3I0J07RiRjwfTCHidMcndBjVaIcjKFBGNd0E4Mt4hRPhfUzN+KJ3u1axxSJzYpb3ewykepMHpYfRGB882WYM1iOFr/JCKTKHvjgJzQQ5Tqexh+B7B/Qw6CIT4AlMAlNXEa/0eCXsj/bsrG7oJS2PAluvttDcbK700iSwN3ldHUGSnhZtV5fWQ4B1H+qNyo5UjEUmlYuuHIPQsT8epQxqhWOCtrT6+Z/e6scOFKEXWuA026prAV28QKiCmPY29nf+6ltWozgDbng+e0maMp+5tI90OfJrUXrUi2I2wD6EmnaFHH+bPO4suAk0fSGBMa4m4nVmxZEfkMnMROI2S6eIsBDJxu5ietdm0KiDOZSfMqkqXp5Zc+Qhvk9yxoXZ3V9keGsrrIE55nY6TaKFCaU4/ed9SaB/K1z6DArP++VJSKGpXogW8FhdqZqMeO7MdhpSrUhBsjm/AwfFXv01SJPcAnSp0QfjwYQMPLmOKehDZO8TSG5f9Aa+LLaX/9AJYwZXL8ni2gGfs6ofM7qdYoc14kRSaGasbKZ5LvYgCJvSSg/yJK53CiZsXC9QopJlzlGhuPHSlfYmGqW5rljVQHC8i5zrcXUk7LjOKBsA3nKb3s14wzcUGrKnUAVb5/VZCsSGuZXMhxtNZueW0UMGhdFYo4phyNMo36MoXqII6u2yH9OjyJJO3Nh mpSjUN58 DAw3df/gb+DeZtihsrzwaHovLzNGN+cu/ezrEdeiCzwqfffOUmK7wh9VwaSByCqE0wEwk71BG9SPCDOLtZyWKTqOzIEZIwAjFeoqVhi4FqJHZueAqBkNfOR54jwVq18GY2/3IKChkLE8yqj+P1MAJ/nV7QVL6N4fVIUNRBSJKP9jgnfO4xkDtyszWH2NJiXrkzf+H0qeHYIf2vo9uApPndvik0D+QTD0De/8Nho6IQ+rIIiilBnODZeNApBDeUMDqw6awRYa55/JK4r0mwNbj31P2NsmCSO9SXqcEovx6leRJ0Kqv/d6uzQk/tYVLcnk/fAxXqLLtBXkf1iGUBgZhpB+Kaas2niYWdD14Zqh4LNMi7EwKy7MUjwSc9FcHNaO+Jq4rt3uLN78RTybXuZjfwdUltM2zsF+guvT4Jp+QZ9MABdDKTdiYQk6AVmf1rRIwDvxoVbMqt9xIabRJ0T3Qp6DXeOHcOT86IR9UJsaVvyf5fFatxhncLLX+dNpNlU5sZwym9zRVR37aj/QTep+lQgPmTnt3ab0k425pnCRFtr4KoYbo0R1zFUJiS+kj4NZ27NQW9jJtqKzjkFAQ/3/MYP3IRYz9BIymnXLNRmf+q3jz3y6q3U2tbf1EIMEB+2k63myPZAsgJLWg++QVlPxddw25yg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000016, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: memfd_create() is a pretty busy function that could be easier to read if some of the logic was split out into helper functions. Therefore, split the flags sanitization, name allocation, and file structure allocation into their own helper functions. No functional change. Signed-off-by: Isaac J. Manjarres Reviewed-by: Alice Ryhl --- mm/memfd.c | 82 +++++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 59 insertions(+), 23 deletions(-) diff --git a/mm/memfd.c b/mm/memfd.c index 5f5a23c9051d..bf0c2d97b940 100644 --- a/mm/memfd.c +++ b/mm/memfd.c @@ -369,15 +369,9 @@ int memfd_check_seals_mmap(struct file *file, unsigned long *vm_flags_ptr) return err; } -SYSCALL_DEFINE2(memfd_create, - const char __user *, uname, - unsigned int, flags) +static int sanitize_flags(unsigned int *flags_ptr) { - unsigned int *file_seals; - struct file *file; - int fd, error; - char *name; - long len; + unsigned int flags = *flags_ptr; if (!(flags & MFD_HUGETLB)) { if (flags & ~(unsigned int)MFD_ALL_FLAGS) @@ -393,20 +387,25 @@ SYSCALL_DEFINE2(memfd_create, if ((flags & MFD_EXEC) && (flags & MFD_NOEXEC_SEAL)) return -EINVAL; - error = check_sysctl_memfd_noexec(&flags); - if (error < 0) - return error; + return check_sysctl_memfd_noexec(flags_ptr); +} + +static char *alloc_name(const char __user *uname) +{ + int error; + char *name; + long len; /* length includes terminating zero */ len = strnlen_user(uname, MFD_NAME_MAX_LEN + 1); if (len <= 0) - return -EFAULT; + return ERR_PTR(-EFAULT); if (len > MFD_NAME_MAX_LEN + 1) - return -EINVAL; + return ERR_PTR(-EINVAL); name = kmalloc(len + MFD_NAME_PREFIX_LEN, GFP_KERNEL); if (!name) - return -ENOMEM; + return ERR_PTR(-ENOMEM); strcpy(name, MFD_NAME_PREFIX); if (copy_from_user(&name[MFD_NAME_PREFIX_LEN], uname, len)) { @@ -420,23 +419,28 @@ SYSCALL_DEFINE2(memfd_create, goto err_name; } - fd = get_unused_fd_flags((flags & MFD_CLOEXEC) ? O_CLOEXEC : 0); - if (fd < 0) { - error = fd; - goto err_name; - } + return name; + +err_name: + kfree(name); + return ERR_PTR(error); +} + +static struct file *alloc_file(const char *name, unsigned int flags) +{ + unsigned int *file_seals; + struct file *file; if (flags & MFD_HUGETLB) { file = hugetlb_file_setup(name, 0, VM_NORESERVE, HUGETLB_ANONHUGE_INODE, (flags >> MFD_HUGE_SHIFT) & MFD_HUGE_MASK); - } else + } else { file = shmem_file_setup(name, 0, VM_NORESERVE); - if (IS_ERR(file)) { - error = PTR_ERR(file); - goto err_fd; } + if (IS_ERR(file)) + return file; file->f_mode |= FMODE_LSEEK | FMODE_PREAD | FMODE_PWRITE; file->f_flags |= O_LARGEFILE; @@ -456,7 +460,39 @@ SYSCALL_DEFINE2(memfd_create, *file_seals &= ~F_SEAL_SEAL; } + return file; +} + +SYSCALL_DEFINE2(memfd_create, + const char __user *, uname, + unsigned int, flags) +{ + struct file *file; + int fd, error; + char *name; + + error = sanitize_flags(&flags); + if (error < 0) + return error; + + name = alloc_name(uname); + if (IS_ERR(name)) + return PTR_ERR(name); + + fd = get_unused_fd_flags((flags & MFD_CLOEXEC) ? O_CLOEXEC : 0); + if (fd < 0) { + error = fd; + goto err_name; + } + + file = alloc_file(name, flags); + if (IS_ERR(file)) { + error = PTR_ERR(file); + goto err_fd; + } + fd_install(fd, file); + /* name is not needed beyond this point. */ kfree(name); return fd; From patchwork Thu Jan 9 18:59:05 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Isaac J. Manjarres" X-Patchwork-Id: 13933155 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id BBF88E77197 for ; Thu, 9 Jan 2025 18:59:25 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4DA626B00BB; Thu, 9 Jan 2025 13:59:25 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 48C606B00BD; Thu, 9 Jan 2025 13:59:25 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3034E6B00BE; Thu, 9 Jan 2025 13:59:25 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 0DF026B00BB for ; Thu, 9 Jan 2025 13:59:25 -0500 (EST) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id A5B74C03EC for ; Thu, 9 Jan 2025 18:59:23 +0000 (UTC) X-FDA: 82988826606.03.C71DC07 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) by imf08.hostedemail.com (Postfix) with ESMTP id D5537160018 for ; Thu, 9 Jan 2025 18:59:21 +0000 (UTC) Authentication-Results: imf08.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=4OZFR2aa; spf=pass (imf08.hostedemail.com: domain of 3iByAZw4KCAUnxffhrfsofwwjxlttlqj.htrqnsz2-rrp0fhp.twl@flex--isaacmanjarres.bounces.google.com designates 209.85.216.74 as permitted sender) smtp.mailfrom=3iByAZw4KCAUnxffhrfsofwwjxlttlqj.htrqnsz2-rrp0fhp.twl@flex--isaacmanjarres.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1736449161; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=vVkytyGroLwxKpu6w8PxqqBpmuTg7vt8SUP4RbxWhNI=; b=1YO4FNAyYSkqb/8+H3ZnNY4n81Z+irwPY7jr12feR5h2uC20OGtrhjQxx0ZZBByB4wDXgR ktDVifGHwK8y8O7lknQLqykrATgyo/Ls8p2KKyIsRZi80upCvlwgbvrqcTZPKOerJ3OTkj j4IQRfqQ8KRniqk3gafLd52m4P1rG3o= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1736449161; a=rsa-sha256; cv=none; b=7939Aeq29LiL4F0IwfwwcbWF0/dTn1sgqYnrLhXY8+YJ+8xVpQ7DKDYno8LAEI2Dn2nUh/ GQwSZEKZECU1OUGTTI89fZ2QSAGRPFWza7TA5+2JW598YX9rOgoOBacuqxYZnyQ7ZfhhEQ LVPJMGGV7eOaE49qkoxZagzdDjPzPnE= ARC-Authentication-Results: i=1; imf08.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=4OZFR2aa; spf=pass (imf08.hostedemail.com: domain of 3iByAZw4KCAUnxffhrfsofwwjxlttlqj.htrqnsz2-rrp0fhp.twl@flex--isaacmanjarres.bounces.google.com designates 209.85.216.74 as permitted sender) smtp.mailfrom=3iByAZw4KCAUnxffhrfsofwwjxlttlqj.htrqnsz2-rrp0fhp.twl@flex--isaacmanjarres.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-2efc3292021so3185385a91.1 for ; Thu, 09 Jan 2025 10:59:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1736449160; x=1737053960; darn=kvack.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=vVkytyGroLwxKpu6w8PxqqBpmuTg7vt8SUP4RbxWhNI=; b=4OZFR2aaBUhzZVSx1xxUSJLFVJQRJJa1AnJthnm7s78yiZq79mmufj41i1szcf4PaZ U4xt9aryGmM2Ce00IoXgWXqzXXbiXCeluZb/gDcqKwkyw0Zd+c36H2B83zejx2dfYZIW +wAIPYt0/sZRfYau8t9PmhwdLBAHQNlU/42PAH2KHbJEw0C2U2hV4HOvRPJ/GWuB42My woiMs6iCv3SJ0cwupef+MOXmLc4Va9w6grk3QD0jPbyVAbLYnXSCiR1tP4CIhQooQIxr 7x2SdCqijJJPEk4+6GqlLFuXCWaugQ5JxUiQmouMiiFgIaCFHA0EBb5FGxIuyD8g4MHo hZqQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1736449160; x=1737053960; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=vVkytyGroLwxKpu6w8PxqqBpmuTg7vt8SUP4RbxWhNI=; b=JckZqIiRi8Bo43ms5mdbVYnEA8P7G+mpcAvQCwTpUP8cfRMC3zunhiL+3Y+rEljlbD JutWw4bbYOgwicD/y8MDxfke9IFW4+beu0o5GttUopt0DJ8XjJhEByED0s4GdURJIQq9 Pdu3jDdXnD09U8iXY7JNGy/cbFOvmzLpC6o8EkFCMPd49FLMOcnb+p/w4/PVKjUqguTr 7/vq7djZrWWl2A9ccNQrgYNj9Q2lpU5WtrRBLXBJesJJYaEYbVbS67xDiQrDNSYa8KOj 7wq0n9JTbRbahkmexDEC6HZxd45qwmmXrDPMDR5S70rsFFGB3J6uoVYdAv0id2r1odaA IbBg== X-Forwarded-Encrypted: i=1; AJvYcCUBSUluL7jkRxVK0aq4mSPkx8K7OBTamXqXgOsFvn/b1mbkEjq5pnRNHcreqJAOHF/pn27ZUQvnXA==@kvack.org X-Gm-Message-State: AOJu0YzSfQ3b4DHZ+3lf0w8GXNvJEgV8c9i3Ao5vjM/DpLQLOeFKhvq1 kTXB9pjkrmh7yV5SvrbeXVb195yruTR5kV5EAIU3Ki6iWH8zs1U1ws1w5ODEteWI0WXrvK0+/Y1 w6EvhIxdO5FMjBmq5CPJqzoz6xXGkCtTiSQ== X-Google-Smtp-Source: AGHT+IFcAdbj5ipXPPT8S6r/j/AGAC2HdwtO6q6OnIuCZs5nz6p0jTJfcCgfKaTqsW7r6Riz5MD0Oxb+Hl+AaSAao9LhCw== X-Received: from pjbqa5.prod.google.com ([2002:a17:90b:4fc5:b0:2ef:d283:5089]) (user=isaacmanjarres job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:280a:b0:2ee:d63f:d77 with SMTP id 98e67ed59e1d1-2f548f2ecb6mr12096434a91.9.1736449160589; Thu, 09 Jan 2025 10:59:20 -0800 (PST) Date: Thu, 9 Jan 2025 10:59:05 -0800 In-Reply-To: <20250109185908.1006310-1-isaacmanjarres@google.com> Mime-Version: 1.0 References: <20250109185908.1006310-1-isaacmanjarres@google.com> X-Mailer: git-send-email 2.47.1.613.gc27f4b7a9f-goog Message-ID: <20250109185908.1006310-3-isaacmanjarres@google.com> Subject: [PATCH v3 2/2] mm/memfd: Use strncpy_from_user() to read memfd name From: "Isaac J. Manjarres" To: lorenzo.stoakes@oracle.com, Andrew Morton Cc: kaleshsingh@google.com, jstultz@google.com, aliceryhl@google.com, surenb@google.com, "Isaac J. Manjarres" , kernel-team@android.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org X-Rspamd-Queue-Id: D5537160018 X-Rspam-User: X-Rspamd-Server: rspam07 X-Stat-Signature: ez37a4bufjb8t8xffp3b13unxuh8yxs3 X-HE-Tag: 1736449161-859045 X-HE-Meta: U2FsdGVkX18MyFnTPMxrAD+pt8S9wMKl+NFdkVUfYNC+IurtTq33BBnctqVhNsBQfohEsuxBbyDf0d/fc8CdByrUjdtZIt+Qr0AdZ3DAmnxLqc99zlZZOMDGlvmjymi6yotBBrQJLmsZiQ/wzVWdcwWTLRVv3Wm5L3wy/taaCRdQoNY7YpefETYTrn93sEyemsOVyeinTtdppuMwILfNSV99JbKxAhF14ZZg/jlhfZIvl9KVTyzVHddAQJIFw2gmQVLd0sbFRDvpp1f/CD3dz2C4n+cnfmxSHF6Jeo7TAEHgEDJvCfNjXwKkJB5S10kPuYdz43cjMkwXjn5cQZT16/1aykdRRNeljtmMeCEdMuUaXn0+d4jO5T5g/ZXkYerOXUjQiib99534ps0Ra9IV52SL1MBQhSEQRyl6mzf3PRCXrQjX/L5I75mh6j2eqPTNZKORYlr5UNXfF3DlOz+7BUPkUB41mkEXBZHIWw/sEE9LaVhP9mT7xzQ6CKjoOTLkiwwNDRo3iA6L/UHSS9LE7hRzHYADK9LxvOlHS8v9O9UIsOSrvEOkpul1WaGGBr317SvrgekJrA0fQQ0B5X5djcw3kEkLCKMLg4lQIHMjyHwdsbmFiP3D7//0Cq5SSO+9N98cgyYqRQmCNFEcOG/8y5mHGGCvRki2XxW5d7LrWINjpNpLvigt0oO0AmVUi2GzxPNq1CqDqeT8IJEe1vawV7cKCna/GlUZYIt7hPxyN+ZiIn95Tgtgv9fmNbrVkz5fmq+8xoely15jlzq3qhVeP34q+kEM8Xn042lz5Y/nERVXHPbIteuIXBreazcYVjJVl425L3wgl2EkLXFYrX84UzQatcscQaphA82iUxAS0cXBUZpL0QtvfbOFWSWHSib8R87j5/uSvAYguSIoJm4vKCCkeRMm0K0V5sNxLibX+rRE9e5KP3D44oEhdkPN9fTVGR/MvQ2FCSnCayHysOG ChMBGBTy vklG9LrZUr6/If8wMvN2SX7DH3+vSENxqEYQLpH2TC68oNY0ZrYIJYnvEehZQrvap0vREE39y06Y/ERGYW+/pCuGANjU8F540ozQiid7srvo8JtP9H7mrAwCpH6zneNWev+OSw8QuNaJOZdktHszKTxlnXtUhjodeZJkU4odUJhfqCQtOqjLxZls0TsoIWr5cL9V+EkguN2aBkhIKFHRvOuD2W5+zbdqHDqQsDo2qYz/Li1RClYo/vIPIAZ4kfm+o+INskrFk1uRwy7RxuyHdt+lLLQqL0gJ/FKpzGmTdlFf0p7BwRh7m5lOyahtr6v6ellDR7mWt0CvUksYg/mH4RJGLJFQP/U6G7EcDz792sKxmR+UYjMxE/H26VnrNfO1YC0Ebc3LJKm5qAVNYI1RVuUaQMKGpDTyfW4s9n4vtNOYsCS+b2Dm67Vv8+n/iXVGWCSI8GY9JYT8xrHZx21quMv6Nz9MAAq7iU4llfxsqG3/NhM0hTOZc+M5DWWoE6359/c2h8SLQcTfP3UJIVfEc8GYH1ga5UGdbL7DJn0PzsiKKjpZOpqgM55sZ8tTVb/eVUApFq7fU6mP76SUjymjIDp0VzIWOsJegnYsolkZB4M5wCSwubB2lxj/hTMibS3QsFFjOpgHytriZyD0L8yAkxrJDkrho8Eyg8ITTnfincSmxSj4/RihgSV6/PA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.015266, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: The existing logic uses strnlen_user() to calculate the length of the memfd name from userspace and then copies the string into a buffer using copy_from_user(). This is error-prone, as the string length could have changed between the time when it was calculated and when the string was copied. The existing logic handles this by ensuring that the last byte in the buffer is the terminating zero. This handling is contrived and can better be handled by using strncpy_from_user(), which gets the length of the string and copies it in one shot. Therefore, simplify the logic for copying the memfd name by using strncpy_from_user(). No functional change. Reviewed-by: Alice Ryhl Signed-off-by: Isaac J. Manjarres --- mm/memfd.c | 20 ++++++-------------- 1 file changed, 6 insertions(+), 14 deletions(-) diff --git a/mm/memfd.c b/mm/memfd.c index bf0c2d97b940..5b7c5892ba64 100644 --- a/mm/memfd.c +++ b/mm/memfd.c @@ -396,26 +396,18 @@ static char *alloc_name(const char __user *uname) char *name; long len; - /* length includes terminating zero */ - len = strnlen_user(uname, MFD_NAME_MAX_LEN + 1); - if (len <= 0) - return ERR_PTR(-EFAULT); - if (len > MFD_NAME_MAX_LEN + 1) - return ERR_PTR(-EINVAL); - - name = kmalloc(len + MFD_NAME_PREFIX_LEN, GFP_KERNEL); + name = kmalloc(NAME_MAX + 1, GFP_KERNEL); if (!name) return ERR_PTR(-ENOMEM); strcpy(name, MFD_NAME_PREFIX); - if (copy_from_user(&name[MFD_NAME_PREFIX_LEN], uname, len)) { + /* returned length does not include terminating zero */ + len = strncpy_from_user(&name[MFD_NAME_PREFIX_LEN], uname, MFD_NAME_MAX_LEN + 1); + if (len < 0) { error = -EFAULT; goto err_name; - } - - /* terminating-zero may have changed after strnlen_user() returned */ - if (name[len + MFD_NAME_PREFIX_LEN - 1]) { - error = -EFAULT; + } else if (len > MFD_NAME_MAX_LEN) { + error = -EINVAL; goto err_name; }