On Thu, Oct 29, 2020 at 9:56 AM Christoph Hellwig hch@infradead.org wrote:
+int unsafe_follow_pfn(struct vm_area_struct *vma, unsigned long address,
unsigned long *pfn)The one tab indent here looks weird, normally tis would be two tabs or aligned aftetthe opening brace.
+{ +#ifdef CONFIG_STRICT_FOLLOW_PFN
pr_info("unsafe follow_pfn usage rejected, see CONFIG_STRICT_FOLLOW_PFN\n");return -EINVAL;+#else
WARN_ONCE(1, "unsafe follow_pfn usage\n");add_taint(TAINT_USER, LOCKDEP_STILL_OK);return follow_pfn(vma, address, pfn);+#endif
Woudn't this be a pretty good use case of "if (IS_ENABLED(...)))"?
Also I'd expect the inverse polarity of the config option, that is a USAFE_FOLLOW_PFN option to enable to unsafe behavior.
Was just about to send out v5, will apply your suggestions for that using IS_ENABLED.
Wrt negative or positive Kconfig, I was following STRICT_DEVMEM symbol as precedence. But easy to invert if there's strong feeling the other way round, I'm not attached to either.
+/**
- unsafe_follow_pfn - look up PFN at a user virtual address
- @vma: memory mapping
- @address: user virtual address
- @pfn: location to store found PFN
- Only IO mappings and raw PFN mappings are allowed.
- Returns zero and the pfn at @pfn on success, -ve otherwise.
- */
+int unsafe_follow_pfn(struct vm_area_struct *vma, unsigned long address,
unsigned long *pfn)+{
return follow_pfn(vma, address, pfn);+} +EXPORT_SYMBOL(unsafe_follow_pfn);
Any reason this doesn't use the warn and disable logic?
I figured without an mmu there's not much guarantees anyway. But I guess I can put it in here too for consistency. -Daniel
dri-devel@lists.freedesktop.org
-
Daniel Vetter