On Thu, Apr 30, 2020 at 7:03 AM Linus Torvalds torvalds@linux-foundation.org wrote:
On Thu, Apr 30, 2020 at 1:41 AM Dan Williams dan.j.williams@intel.com wrote:
With the above realizations the name "mcsafe" is no longer accurate and copy_safe() is proposed as its replacement. x86 grows a copy_safe_fast() implementation as a default implementation that is independent of detecting the presence of x86-MCA.
How is this then different from "probe_kernel_read()" and "probe_kernel_write()"? Other than the obvious "it does it for both reads and writes"?
IOW, wouldn't it be sensible to try to match the naming and try to find some unified model for all these things?
"probe_kernel_copy()"?
I don't like this whole concept.
If I'm going to copy from memory that might be bad but is at least a valid pointer, I want a function to do this. If I'm going to copy from memory that might be entirely bogus, that's a different operation. In other words, if I'm writing e.g. filesystem that is touching get_user_pages()'d persistent memory, I don't want to panic if the memory fails, but I do want at least a very loud warning if I follow a wild pointer.
So I think that probe_kernel_copy() is not a valid replacement for memcpy_mcsafe().
--Andy