diff mbox series

[2/4] net: make sockptr_is_null strict aliasing safe

Message ID 20200728163836.562074-3-hch@lst.de
State Accepted
Delegated to: David Miller
Headers show
Series sockptr_t fixes v2 | expand

Commit Message

Christoph Hellwig July 28, 2020, 4:38 p.m. UTC 
While the kernel in general is not strict aliasing safe we can trivially
do that in sockptr_is_null without affecting code generation, so always
check the actually assigned union member.

Reported-by: Jan Engelhardt <jengelh@inai.de>
Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 include/linux/sockptr.h | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

Comments

David Laight July 29, 2020, 8:04 a.m. UTC | #1 
From: Christoph Hellwig <hch@lst.de>
> Sent: 28 July 2020 17:39
> 
> While the kernel in general is not strict aliasing safe we can trivially
> do that in sockptr_is_null without affecting code generation, so always
> check the actually assigned union member.

Even with 'strict aliasing' gcc (at least) guarantees that
the members of a union alias each other.
It is about the only way so safely interpret a float as an int.

So when sockptr_t is a union testing either member is enough.

When it is a structure the changed form almost certainly adds code.

	David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
Jan Engelhardt July 29, 2020, 9:06 a.m. UTC | #2 
On Wednesday 2020-07-29 10:04, David Laight wrote:
>From: Christoph Hellwig <hch@lst.de>
>> Sent: 28 July 2020 17:39
>> 
>> While the kernel in general is not strict aliasing safe we can trivially
>> do that in sockptr_is_null without affecting code generation, so always
>> check the actually assigned union member.
>
>Even with 'strict aliasing' gcc (at least) guarantees that
>the members of a union alias each other.
>It is about the only way so safely interpret a float as an int.

The only?

  float given;
  int i;
  memcpy(&i, &given, sizeof(i));
  BUILD_BUG_ON(sizeof(i) > sizeof(given));
diff mbox series

Patch

diff --git a/include/linux/sockptr.h b/include/linux/sockptr.h
index 7d5cdb2b30b5f0..b13ea1422f93a5 100644
--- a/include/linux/sockptr.h
+++ b/include/linux/sockptr.h
@@ -64,7 +64,9 @@  static inline int __must_check init_user_sockptr(sockptr_t *sp, void __user *p)
 
 static inline bool sockptr_is_null(sockptr_t sockptr)
 {
-	return !sockptr.user && !sockptr.kernel;
+	if (sockptr_is_kernel(sockptr))
+		return !sockptr.kernel;
+	return !sockptr.user;
 }
 
 static inline int copy_from_sockptr(void *dst, sockptr_t src, size_t size)