[PATCH v3 2/2] vfs: avoid duplicating creds in faccessat if possible
Linus Torvalds
torvalds at linux-foundation.org
Sat Mar 4 20:34:40 UTC 2023
On Sat, Mar 4, 2023 at 11:19 AM Linus Torvalds
<torvalds at linux-foundation.org> wrote:
>
> Rather than commit aa47a7c215e7, we should just have fixed 'setall()'
> and 'for_each_cpu()' to use nr_cpu_ids, and then the rest would
> continue to use nr_cpumask_bits.
Looking around, there's a few more "might set high bits in the
bitmask" cases - notably cpumask_complement(). It uses
bitmap_complement(), which in turn can set bits past the end of the
bit range.
Of course, that function is then used in exactly one place (ia64 ACPI):
cpumask_complement(&tmp_map, cpu_present_mask);
cpu = cpumask_first(&tmp_map);
it's basically a nasty way or writing
cpu = cpumask_first_zero(cpu_present_mask);
so the "fix" is to just do that cleanup, and get rid of
"cpumask_complement()" entirely.
So I would suggest we simply do something like the attached patch.
NOTE! This is *entirely* untested. See the _intent_ behind the patch
in the big comment above the 'nr_cpumask_bits' #define.
So this patch is more of a "maybe something like this?"
And no, nothing here helps the MAXSMP case. I don't think it's
entirely unfixable, but it's close. Some very involved static jump
infrastructure *might* make the MAXSMP case be something we could
generate good code for too, but the whole "we potentially have
thousands of CPUs" case really shouldn't have ever been used on normal
machines.
It is what it is. I think the best we can do is to try to generate
good code for a distribution that cares about good code. Once the
distro maintainers go "let's enable MAXSMP even though the kernel
Kconfig help file tells us not to", there's very little we as kernel
maintainers can do.
Linus
More information about the Linux-security-module-archive
mailing list