Hello, Al. I think that this access_ok() check helps reducing partial writes (either "whole amount was processed" or "not processed at all" unless -ENOMEM). Do you think that such attempt is pointless? Then, please go ahead...
On 2020/05/10 8:45, Al Viro wrote: > From: Al Viro <v...@zeniv.linux.org.uk> > > address is passed only to get_user() > > Signed-off-by: Al Viro <v...@zeniv.linux.org.uk> > --- > security/tomoyo/common.c | 2 -- > 1 file changed, 2 deletions(-) > > diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c > index 1b467381986f..f93f8acd05f7 100644 > --- a/security/tomoyo/common.c > +++ b/security/tomoyo/common.c > @@ -2662,8 +2662,6 @@ ssize_t tomoyo_write_control(struct tomoyo_io_buffer > *head, > > if (!head->write) > return -EINVAL; > - if (!access_ok(buffer, buffer_len)) > - return -EFAULT; > if (mutex_lock_interruptible(&head->io_sem)) > return -EINTR; > head->read_user_buf_avail = 0; >
