On 08/05/2023 08:37, Kevin Brodsky wrote:
Looking at your explicit check patch, I am thinking about making another change: we could potentially return to a single check_user_ptr() helper that takes a permissions argument, but this time round using READ and WRITE from linux/kernel.h instead of creating a new type like in the original RFC [1]. I am suggesting this as it would make it easier to check for variable permissions, like in lib/iov_iter.c, and would be generally more consistent with helpers that check for permissions. I did not want to use PROT_READ / PROT_WRITE as it would create confusion with mapping permissions, but READ and WRITE are generic so it should be fine from that perspective.
Any opinion on this? Interested in opinions from everyone, especially Luca and Beata (who first proposed having multiple helpers instead of a permissions argument).
Hi Kevin,
I agree that it may indeed be more convenient to have a single helper function and pass the permissions as an argument. Especially given situations like the one in my patch where I resorted to a function pointer which is somewhat ugly.
Best, Luca