On Tue, 18 Feb 2003, Linus Torvalds wrote: > > On 19 Feb 2003, Alan Cox wrote: > > > > copy_from_user sorts out the whole thing itself. In general > > __copy_from_user and verify_area isnt a win, except if you do lots of > > small copies to/from the same area, which is often a bad idea anyway. > > It _can_ be a good idea, though. > > In particular, it's a _really_ good idea if the loop is basically a > "glorified memcpy", at which point it can be very much worthwhile to move > the limit checking outside the loop. > > An example of this is doing things like "copy-and-checksum", or, in the > case of DRM "copy-and-check-validity", where the code should sanely look > something like > > > u32 *addr; /* Command list */ > > if (!access_ok(VERIFY_READ, addr, size)) > return -EFAULT; > > while (size > 0) { > unsigned int cmd; > > if (__get_user(cmd, addr)) > goto efault; > addr++; > switch (cmd) { > ... verify it ... > } > > *dst++ = cmd; > } > > where the difference between a "get_user()" and a "__get_user()" can be > quite noticeable (the unchecked version is usually a single instruction in > size and has no nasty branch behaviour or anything like that, while the > checking version usually has at least one conditional branch and uses up > one or two registers etc). > > Of course, this is really only worth doing for tight loops that really > matter. If the code in the loop is crap, the optimization just isn't worth > the complexity. > > (And the extreme case of this is when the code is _so_ performance > critical that you end up writing it all in assembly language. The example > of this is the TCP copy-and-checksum stuff. The above example is somewhere > between the "normal usage" and the "TCP copy-and-checksum" extremes). > > Linus
The code is similar to this, but with a couple of differences. We have to split apart 'cmd' into two local vars (swapping bytes for big-endian) and verify them (register address and count of data dwords following). If the verify passes, we copy the command as in the last line of the loop above, but then we need to __copy_from_user up to 7 dwords of data into the destination without reading it. So it's a loop of alternating 1 dword read/verify/write and 1-7 dwords straight copy. -- Leif Delgass http://www.retinalburn.net ------------------------------------------------------- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge _______________________________________________ Dri-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/dri-devel