>>> On 23.04.15 at 17:33, <torva...@linux-foundation.org> wrote: > On Tue, Apr 21, 2015 at 11:33 PM, Jan Beulich <jbeul...@suse.com> wrote: >> >> while the description of commit cae2a173fe certainly makes sense, the >> change itself ignores the __probe_kernel_write() code path, for which >> the destination address is expected to be in kernel space but accesses >> may still fault. I.e. the use of plain memset() causes >> __probe_kernel_write() to oops rather than return an error. Shouldn't >> the "(unsigned long)to >= TASK_SIZE_MAX" be relaxed to take the >> effect of set_fs() into account? > > Hmm. I think you're right. So something like > > --- a/arch/x86/lib/usercopy_64.c > +++ b/arch/x86/lib/usercopy_64.c > @@ -82,7 +82,7 @@ copy_user_handle_tail(char *to, char *from, unsigned > len) > clac(); > > /* If the destination is a kernel buffer, we always clear the end > */ > - if ((unsigned long)to >= TASK_SIZE_MAX) > + if (!__addr_ok(to)) > memset(to, 0, len); > return len; > } > > which will effectively say "only if we copy from user mode to kernel > mode" because if we use "set_fs(KERNEL_DS)" then kernel addresses will > also be __addr_ok.. > > Did you have a test-case for this? I guess we're talking odd ftrace > uses or kgdb?
I'm afraid not one you'd like - we've seen ftrace initialization fail for quite some time on our Xen kernels, but in a way only affecting ftrace itself. Said change converted that failure to an oops. (The ftrace init failure itself is because the traditional Xen kernel creates 1:1 mappings for pages that are part of kernel image as read-only, to avoid having to special case embedded regions [GDT, page tables] that must be r/o under Xen. I think the pv-ops kernel behaves differently, which made me recognize this as a problem wider than just for our specific Xen case only on second thought.) Jan -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
