Re: [PATCH] mpt3sas: downgrade full copy_from_user to access_ok check

> On Sep 20, 2017, at 11:26 PM, Al Viro wrote: > > On Tue, Sep 19, 2017 at 11:11:11PM -0400, Meng Xu wrote: >> Since right after the user copy, we are going to >> memset(&karg, 0, sizeof(karg)), I guess an access_ok check is enough? > > access_ok() is *NOT* "will copy_from_user() succeed?" Not

Re: [PATCH] mpt3sas: downgrade full copy_from_user to access_ok check

On Tue, Sep 19, 2017 at 11:11:11PM -0400, Meng Xu wrote: > Since right after the user copy, we are going to > memset(&karg, 0, sizeof(karg)), I guess an access_ok check is enough? access_ok() is *NOT* "will copy_from_user() succeed?" Not even close. On a bunch of architectures (sparc64, for one)

Re: [PATCH] mpt3sas: downgrade full copy_from_user to access_ok check

On Tue, Sep 19, 2017 at 11:11:11PM -0400, Meng Xu wrote: > Since right after the user copy, we are going to > memset(&karg, 0, sizeof(karg)), I guess an access_ok check is enough? The right thing is to remove it entirely.

[PATCH] mpt3sas: downgrade full copy_from_user to access_ok check

Since right after the user copy, we are going to memset(&karg, 0, sizeof(karg)), I guess an access_ok check is enough? Signed-off-by: Meng Xu --- drivers/scsi/mpt3sas/mpt3sas_ctl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/scsi/mpt3sas/mpt3sas_ctl.c b/drivers/s