On Thu, Mar 4, 2021 at 4:24 PM Christophe Leroy
<christophe.le...@csgroup.eu> wrote:
> Le 04/03/2021 à 16:17, Arnd Bergmann a écrit :
> > On Thu, Mar 4, 2021 at 1:51 PM Christophe Leroy
> > <christophe.le...@csgroup.eu> wrote:
> >> ---
> >> First version was in 2008, at that time it was rejected, see
> >> http://patchwork.ozlabs.org/project/linuxppc-dev/patch/200809240839.14902.a...@arndb.de/
> >
> > The patch from 2008 did two things:
> >
> > - it removed the ppc32 specific 'select' syscall at #82
> > - it fixed the generic '_newselect' syscall at #142
> >
> > Back then, the decision was to only address the second issue, which
> > got merged in commit dad2f2fb0fc7 ("powerpc: Fix wrong error code from
> > ppc32 select syscall").
> >
> > It is probably ok to remove the old select system call now, but
> > my changelog text no longer makes sense, as the patch has nothing
> > to do with the bug that was reported back then.
> >
>
> I understood that the original reported bug was that calling that version of
> select() with a
> negative value as first parametre would lead to a -EFAULT instead of -EINVAL.
> That's exactly the
> case here, if you set n = -1 you get into this (unsigned long)n > 4096 then
> the buffer is at
> 0xffffffff and access_ok() won't grand access to it so the return value will
> be -EFAULT instead of
> -EINVAL.
>
> Am I missing something ?
This is the behavior of the ppc_select() implementation, but as far as
I can tell,
the bug report was for the problem that this behavior would happen for both
syscall #82 and syscall #142 when the correct behavior would have been to
only do it for #82 but not for #142.
Arnd
