fs: Replace user_access_{begin/end} by scoped user access

+49 -74

2 changed files

expand all

readdir.c

select.c

+35 -53

fs/readdir.c

··· 200 200 } 201 201 buf->result++; 202 202 dirent = buf->dirent; 203 - if (!user_write_access_begin(dirent, dirent_size(dirent, namlen + 1))) 204 - goto efault; 205 - unsafe_put_user(d_ino, &dirent->d_ino, efault_end); 206 - unsafe_put_user(offset, &dirent->d_offset, efault_end); 207 - unsafe_put_user(namlen, &dirent->d_namlen, efault_end); 208 - unsafe_copy_dirent_name(dirent->d_name, name, namlen, efault_end); 209 - user_write_access_end(); 203 + scoped_user_write_access_size(dirent, dirent_size(dirent, namlen + 1), efault) { 204 + unsafe_put_user(d_ino, &dirent->d_ino, efault); 205 + unsafe_put_user(offset, &dirent->d_offset, efault); 206 + unsafe_put_user(namlen, &dirent->d_namlen, efault); 207 + unsafe_copy_dirent_name(dirent->d_name, name, namlen, efault); 208 + } 210 209 return true; 211 - efault_end: 212 - user_write_access_end(); 213 210 efault: 214 211 buf->result = -EFAULT; 215 212 return false; ··· 283 286 return false; 284 287 dirent = buf->current_dir; 285 288 prev = (void __user *) dirent - prev_reclen; 286 - if (!user_write_access_begin(prev, reclen + prev_reclen)) 287 - goto efault; 288 - 289 - /* This might be 'dirent->d_off', but if so it will get overwritten */ 290 - unsafe_put_user(offset, &prev->d_off, efault_end); 291 - unsafe_put_user(d_ino, &dirent->d_ino, efault_end); 292 - unsafe_put_user(reclen, &dirent->d_reclen, efault_end); 293 - unsafe_put_user(d_type, (char __user *) dirent + reclen - 1, efault_end); 294 - unsafe_copy_dirent_name(dirent->d_name, name, namlen, efault_end); 295 - user_write_access_end(); 289 + scoped_user_write_access_size(prev, reclen + prev_reclen, efault) { 290 + /* This might be 'dirent->d_off', but if so it will get overwritten */ 291 + unsafe_put_user(offset, &prev->d_off, efault); 292 + unsafe_put_user(d_ino, &dirent->d_ino, efault); 293 + unsafe_put_user(reclen, &dirent->d_reclen, efault); 294 + unsafe_put_user(d_type, (char __user *)dirent + reclen - 1, efault); 295 + unsafe_copy_dirent_name(dirent->d_name, name, namlen, efault); 296 + } 296 297 297 298 buf->current_dir = (void __user *)dirent + reclen; 298 299 buf->prev_reclen = reclen; 299 300 ctx->count -= reclen; 300 301 return true; 301 - efault_end: 302 - user_write_access_end(); 303 302 efault: 304 303 buf->error = -EFAULT; 305 304 return false; ··· 362 369 return false; 363 370 dirent = buf->current_dir; 364 371 prev = (void __user *)dirent - prev_reclen; 365 - if (!user_write_access_begin(prev, reclen + prev_reclen)) 366 - goto efault; 367 - 368 - /* This might be 'dirent->d_off', but if so it will get overwritten */ 369 - unsafe_put_user(offset, &prev->d_off, efault_end); 370 - unsafe_put_user(ino, &dirent->d_ino, efault_end); 371 - unsafe_put_user(reclen, &dirent->d_reclen, efault_end); 372 - unsafe_put_user(d_type, &dirent->d_type, efault_end); 373 - unsafe_copy_dirent_name(dirent->d_name, name, namlen, efault_end); 374 - user_write_access_end(); 372 + scoped_user_write_access_size(prev, reclen + prev_reclen, efault) { 373 + /* This might be 'dirent->d_off', but if so it will get overwritten */ 374 + unsafe_put_user(offset, &prev->d_off, efault); 375 + unsafe_put_user(ino, &dirent->d_ino, efault); 376 + unsafe_put_user(reclen, &dirent->d_reclen, efault); 377 + unsafe_put_user(d_type, &dirent->d_type, efault); 378 + unsafe_copy_dirent_name(dirent->d_name, name, namlen, efault); 379 + } 375 380 376 381 buf->prev_reclen = reclen; 377 382 buf->current_dir = (void __user *)dirent + reclen; 378 383 ctx->count -= reclen; 379 384 return true; 380 385 381 - efault_end: 382 - user_write_access_end(); 383 386 efault: 384 387 buf->error = -EFAULT; 385 388 return false; ··· 447 458 } 448 459 buf->result++; 449 460 dirent = buf->dirent; 450 - if (!user_write_access_begin(dirent, dirent_size(dirent, namlen + 1))) 451 - goto efault; 452 - unsafe_put_user(d_ino, &dirent->d_ino, efault_end); 453 - unsafe_put_user(offset, &dirent->d_offset, efault_end); 454 - unsafe_put_user(namlen, &dirent->d_namlen, efault_end); 455 - unsafe_copy_dirent_name(dirent->d_name, name, namlen, efault_end); 456 - user_write_access_end(); 461 + scoped_user_write_access_size(dirent, dirent_size(dirent, namlen + 1), efault) { 462 + unsafe_put_user(d_ino, &dirent->d_ino, efault); 463 + unsafe_put_user(offset, &dirent->d_offset, efault); 464 + unsafe_put_user(namlen, &dirent->d_namlen, efault); 465 + unsafe_copy_dirent_name(dirent->d_name, name, namlen, efault); 466 + } 457 467 return true; 458 - efault_end: 459 - user_write_access_end(); 460 468 efault: 461 469 buf->result = -EFAULT; 462 470 return false; ··· 524 538 return false; 525 539 dirent = buf->current_dir; 526 540 prev = (void __user *) dirent - prev_reclen; 527 - if (!user_write_access_begin(prev, reclen + prev_reclen)) 528 - goto efault; 529 - 530 - unsafe_put_user(offset, &prev->d_off, efault_end); 531 - unsafe_put_user(d_ino, &dirent->d_ino, efault_end); 532 - unsafe_put_user(reclen, &dirent->d_reclen, efault_end); 533 - unsafe_put_user(d_type, (char __user *) dirent + reclen - 1, efault_end); 534 - unsafe_copy_dirent_name(dirent->d_name, name, namlen, efault_end); 535 - user_write_access_end(); 541 + scoped_user_write_access_size(prev, reclen + prev_reclen, efault) { 542 + unsafe_put_user(offset, &prev->d_off, efault); 543 + unsafe_put_user(d_ino, &dirent->d_ino, efault); 544 + unsafe_put_user(reclen, &dirent->d_reclen, efault); 545 + unsafe_put_user(d_type, (char __user *)dirent + reclen - 1, efault); 546 + unsafe_copy_dirent_name(dirent->d_name, name, namlen, efault); 547 + } 536 548 537 549 buf->prev_reclen = reclen; 538 550 buf->current_dir = (void __user *)dirent + reclen; 539 551 ctx->count -= reclen; 540 552 return true; 541 - efault_end: 542 - user_write_access_end(); 543 553 efault: 544 554 buf->error = -EFAULT; 545 555 return false;

+14 -21

fs/select.c

··· 1005 1005 fdcount = do_poll(head, &table, end_time); 1006 1006 poll_freewait(&table); 1007 1007 1008 - if (!user_write_access_begin(ufds, nfds * sizeof(*ufds))) 1009 - goto out_fds; 1008 + scoped_user_write_access_size(ufds, nfds * sizeof(*ufds), out_fds) { 1009 + struct pollfd __user *_ufds = ufds; 1010 1010 1011 - for (walk = head; walk; walk = walk->next) { 1012 - struct pollfd *fds = walk->entries; 1013 - unsigned int j; 1011 + for (walk = head; walk; walk = walk->next) { 1012 + struct pollfd *fds = walk->entries; 1013 + unsigned int j; 1014 1014 1015 - for (j = walk->len; j; fds++, ufds++, j--) 1016 - unsafe_put_user(fds->revents, &ufds->revents, Efault); 1017 - } 1018 - user_write_access_end(); 1015 + for (j = walk->len; j; fds++, _ufds++, j--) 1016 + unsafe_put_user(fds->revents, &_ufds->revents, out_fds); 1017 + } 1018 + } 1019 1019 1020 1020 err = fdcount; 1021 1021 out_fds: ··· 1027 1027 } 1028 1028 1029 1029 return err; 1030 - 1031 - Efault: 1032 - user_write_access_end(); 1033 - err = -EFAULT; 1034 - goto out_fds; 1035 1030 } 1036 1031 1037 1032 static long do_restart_poll(struct restart_block *restart_block) ··· 1334 1339 struct compat_sigset_argpack __user *from) 1335 1340 { 1336 1341 if (from) { 1337 - if (!user_read_access_begin(from, sizeof(*from))) 1338 - return -EFAULT; 1339 - unsafe_get_user(to->p, &from->p, Efault); 1340 - unsafe_get_user(to->size, &from->size, Efault); 1341 - user_read_access_end(); 1342 + scoped_user_read_access(from, efault) { 1343 + unsafe_get_user(to->p, &from->p, efault); 1344 + unsafe_get_user(to->size, &from->size, efault); 1345 + } 1342 1346 } 1343 1347 return 0; 1344 - Efault: 1345 - user_read_access_end(); 1348 + efault: 1346 1349 return -EFAULT; 1347 1350 } 1348 1351

Configure Feed

Configure Feed