Re: [PATCH net-next] net: datagram: Bypass usercopy checks for kernel iterators
From: "Chuck Lever" <cel@kernel.org>
Date: 2026-03-03 15:54:19
Also in:
linux-fsdevel
On Tue, Mar 3, 2026, at 4:42 AM, Paolo Abeni wrote:
On 2/25/26 5:25 PM, Chuck Lever wrote:quoted
From: Chuck Lever <redacted> Profiling NFSD under an iozone workload showed that hardened usercopy checks consume roughly 1.3% of CPU in the TCP receive path. These checks validate memory regions during copies, but provide no security benefit when both source (skb data) and destination (kernel pages in BVEC/KVEC iterators) reside in kernel address space.Are you sure? AFAICS: size_t copy_from_iter(void *addr, size_t bytes, struct iov_iter *i) { if (check_copy_size(addr, bytes, false)) return _copy_from_iter(addr, bytes, i); calls check_copy_size() on the source address, and the latter: static __always_inline __must_check bool check_copy_size(const void *addr, size_t bytes, bool is_source) { int sz = __builtin_object_size(addr, 0); if (unlikely(sz >= 0 && sz < bytes)) { if (!__builtin_constant_p(bytes)) copy_overflow(sz, bytes); else if (is_source)$ __bad_copy_from(); else __bad_copy_to(); return false; } if (WARN_ON_ONCE(bytes > INT_MAX)) return false; Validates vs overflow regardless of the source address being in kernel space or user-space. FTR, I also observe a relevant overhead in check_copy_size(), especially for oldish CPUs. /P
Paolo, thanks for the review. I'll post a refreshed patch shortly that attempts to address your comments, and that modifies the common helper, as Jakub suggested earlier. -- Chuck Lever