Commit aa28de27 authored by Al Viro's avatar Al Viro

iov_iter/hardening: move object size checks to inlined part

There we actually have useful information about object sizes.
Note: this patch has them done for all iov_iter flavours.
Right now we do them twice in iovec case, but that'll change
very shortly.
Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
parent b0377fed
...@@ -10,6 +10,7 @@ ...@@ -10,6 +10,7 @@
#define __LINUX_UIO_H #define __LINUX_UIO_H
#include <linux/kernel.h> #include <linux/kernel.h>
#include <linux/thread_info.h>
#include <uapi/linux/uio.h> #include <uapi/linux/uio.h>
struct page; struct page;
...@@ -91,11 +92,58 @@ size_t copy_page_to_iter(struct page *page, size_t offset, size_t bytes, ...@@ -91,11 +92,58 @@ size_t copy_page_to_iter(struct page *page, size_t offset, size_t bytes,
struct iov_iter *i); struct iov_iter *i);
size_t copy_page_from_iter(struct page *page, size_t offset, size_t bytes, size_t copy_page_from_iter(struct page *page, size_t offset, size_t bytes,
struct iov_iter *i); struct iov_iter *i);
size_t copy_to_iter(const void *addr, size_t bytes, struct iov_iter *i);
size_t copy_from_iter(void *addr, size_t bytes, struct iov_iter *i); size_t _copy_to_iter(const void *addr, size_t bytes, struct iov_iter *i);
bool copy_from_iter_full(void *addr, size_t bytes, struct iov_iter *i); size_t _copy_from_iter(void *addr, size_t bytes, struct iov_iter *i);
size_t copy_from_iter_nocache(void *addr, size_t bytes, struct iov_iter *i); bool _copy_from_iter_full(void *addr, size_t bytes, struct iov_iter *i);
bool copy_from_iter_full_nocache(void *addr, size_t bytes, struct iov_iter *i); size_t _copy_from_iter_nocache(void *addr, size_t bytes, struct iov_iter *i);
bool _copy_from_iter_full_nocache(void *addr, size_t bytes, struct iov_iter *i);
static __always_inline __must_check
size_t copy_to_iter(const void *addr, size_t bytes, struct iov_iter *i)
{
if (unlikely(!check_copy_size(addr, bytes, true)))
return bytes;
else
return _copy_to_iter(addr, bytes, i);
}
static __always_inline __must_check
size_t copy_from_iter(void *addr, size_t bytes, struct iov_iter *i)
{
if (unlikely(!check_copy_size(addr, bytes, false)))
return bytes;
else
return _copy_from_iter(addr, bytes, i);
}
static __always_inline __must_check
bool copy_from_iter_full(void *addr, size_t bytes, struct iov_iter *i)
{
if (unlikely(!check_copy_size(addr, bytes, false)))
return false;
else
return _copy_from_iter_full(addr, bytes, i);
}
static __always_inline __must_check
size_t copy_from_iter_nocache(void *addr, size_t bytes, struct iov_iter *i)
{
if (unlikely(!check_copy_size(addr, bytes, false)))
return bytes;
else
return _copy_from_iter_nocache(addr, bytes, i);
}
static __always_inline __must_check
bool copy_from_iter_full_nocache(void *addr, size_t bytes, struct iov_iter *i)
{
if (unlikely(!check_copy_size(addr, bytes, false)))
return false;
else
return _copy_from_iter_full_nocache(addr, bytes, i);
}
size_t iov_iter_zero(size_t bytes, struct iov_iter *); size_t iov_iter_zero(size_t bytes, struct iov_iter *);
unsigned long iov_iter_alignment(const struct iov_iter *i); unsigned long iov_iter_alignment(const struct iov_iter *i);
unsigned long iov_iter_gap_alignment(const struct iov_iter *i); unsigned long iov_iter_gap_alignment(const struct iov_iter *i);
......
...@@ -535,7 +535,7 @@ static size_t copy_pipe_to_iter(const void *addr, size_t bytes, ...@@ -535,7 +535,7 @@ static size_t copy_pipe_to_iter(const void *addr, size_t bytes,
return bytes; return bytes;
} }
size_t copy_to_iter(const void *addr, size_t bytes, struct iov_iter *i) size_t _copy_to_iter(const void *addr, size_t bytes, struct iov_iter *i)
{ {
const char *from = addr; const char *from = addr;
if (unlikely(i->type & ITER_PIPE)) if (unlikely(i->type & ITER_PIPE))
...@@ -550,9 +550,9 @@ size_t copy_to_iter(const void *addr, size_t bytes, struct iov_iter *i) ...@@ -550,9 +550,9 @@ size_t copy_to_iter(const void *addr, size_t bytes, struct iov_iter *i)
return bytes; return bytes;
} }
EXPORT_SYMBOL(copy_to_iter); EXPORT_SYMBOL(_copy_to_iter);
size_t copy_from_iter(void *addr, size_t bytes, struct iov_iter *i) size_t _copy_from_iter(void *addr, size_t bytes, struct iov_iter *i)
{ {
char *to = addr; char *to = addr;
if (unlikely(i->type & ITER_PIPE)) { if (unlikely(i->type & ITER_PIPE)) {
...@@ -569,9 +569,9 @@ size_t copy_from_iter(void *addr, size_t bytes, struct iov_iter *i) ...@@ -569,9 +569,9 @@ size_t copy_from_iter(void *addr, size_t bytes, struct iov_iter *i)
return bytes; return bytes;
} }
EXPORT_SYMBOL(copy_from_iter); EXPORT_SYMBOL(_copy_from_iter);
bool copy_from_iter_full(void *addr, size_t bytes, struct iov_iter *i) bool _copy_from_iter_full(void *addr, size_t bytes, struct iov_iter *i)
{ {
char *to = addr; char *to = addr;
if (unlikely(i->type & ITER_PIPE)) { if (unlikely(i->type & ITER_PIPE)) {
...@@ -594,9 +594,9 @@ bool copy_from_iter_full(void *addr, size_t bytes, struct iov_iter *i) ...@@ -594,9 +594,9 @@ bool copy_from_iter_full(void *addr, size_t bytes, struct iov_iter *i)
iov_iter_advance(i, bytes); iov_iter_advance(i, bytes);
return true; return true;
} }
EXPORT_SYMBOL(copy_from_iter_full); EXPORT_SYMBOL(_copy_from_iter_full);
size_t copy_from_iter_nocache(void *addr, size_t bytes, struct iov_iter *i) size_t _copy_from_iter_nocache(void *addr, size_t bytes, struct iov_iter *i)
{ {
char *to = addr; char *to = addr;
if (unlikely(i->type & ITER_PIPE)) { if (unlikely(i->type & ITER_PIPE)) {
...@@ -613,9 +613,9 @@ size_t copy_from_iter_nocache(void *addr, size_t bytes, struct iov_iter *i) ...@@ -613,9 +613,9 @@ size_t copy_from_iter_nocache(void *addr, size_t bytes, struct iov_iter *i)
return bytes; return bytes;
} }
EXPORT_SYMBOL(copy_from_iter_nocache); EXPORT_SYMBOL(_copy_from_iter_nocache);
bool copy_from_iter_full_nocache(void *addr, size_t bytes, struct iov_iter *i) bool _copy_from_iter_full_nocache(void *addr, size_t bytes, struct iov_iter *i)
{ {
char *to = addr; char *to = addr;
if (unlikely(i->type & ITER_PIPE)) { if (unlikely(i->type & ITER_PIPE)) {
...@@ -637,7 +637,7 @@ bool copy_from_iter_full_nocache(void *addr, size_t bytes, struct iov_iter *i) ...@@ -637,7 +637,7 @@ bool copy_from_iter_full_nocache(void *addr, size_t bytes, struct iov_iter *i)
iov_iter_advance(i, bytes); iov_iter_advance(i, bytes);
return true; return true;
} }
EXPORT_SYMBOL(copy_from_iter_full_nocache); EXPORT_SYMBOL(_copy_from_iter_full_nocache);
size_t copy_page_to_iter(struct page *page, size_t offset, size_t bytes, size_t copy_page_to_iter(struct page *page, size_t offset, size_t bytes,
struct iov_iter *i) struct iov_iter *i)
...@@ -663,7 +663,7 @@ size_t copy_page_from_iter(struct page *page, size_t offset, size_t bytes, ...@@ -663,7 +663,7 @@ size_t copy_page_from_iter(struct page *page, size_t offset, size_t bytes,
} }
if (i->type & (ITER_BVEC|ITER_KVEC)) { if (i->type & (ITER_BVEC|ITER_KVEC)) {
void *kaddr = kmap_atomic(page); void *kaddr = kmap_atomic(page);
size_t wanted = copy_from_iter(kaddr + offset, bytes, i); size_t wanted = _copy_from_iter(kaddr + offset, bytes, i);
kunmap_atomic(kaddr); kunmap_atomic(kaddr);
return wanted; return wanted;
} else } else
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment