From: Greg KH <gregkh@suse.de>
To: linux-kernel@vger.kernel.org, stable@kernel.org,
Linus Torvalds <torvalds@linux-foundation.org>
Cc: Justin Forbes <jmforbes@linuxtx.org>,
Zwane Mwaikambo <zwane@arm.linux.org.uk>,
"Theodore Ts'o" <tytso@mit.edu>,
Randy Dunlap <rdunlap@xenotime.net>,
Dave Jones <davej@redhat.com>,
Chuck Wolber <chuckw@quantumlinux.com>,
Chris Wedgwood <reviews@ml.cw.f00f.org>,
Michael Krufky <mkrufky@linuxtv.org>,
Chuck Ebbert <cebbert@redhat.com>,
akpm@linux-foundation.org, alan@lxorguk.ukuu.org.uk,
Manfred Spraul <manfred@colorfullife.com>,
Adrian Bunk <bunk@stusta.de>, Ingo Molnar <mingo@elte.hu>,
Thomas Gleixner <tglx@linutronix.de>
Subject: [patch 02/31] i386: fix file_read_actor() and pipe_read() for original i386 systems
Date: Wed, 11 Apr 2007 15:51:17 -0700 [thread overview]
Message-ID: <20070411225117.GC24814@kroah.com> (raw)
In-Reply-To: <20070411225100.GA24814@kroah.com>
[-- Attachment #1: i386-fix-file_read_actor-and-pipe_read-for-original-i386-systems.patch --]
[-- Type: text/plain, Size: 1826 bytes --]
-stable review patch. If anyone has any objections, please let us know.
------------------
From: Thomas Gleixner <tglx@linutronix.de>
The __copy_to_user_inatomic() calls in file_read_actor() and pipe_read()
are broken on original i386 machines, where WP-works-ok == false, as
__copy_to_user_inatomic() on such systems calls functions which might
sleep and/or contain cond_resched() calls inside of a kmap_atomic()
region.
The original check for WP-works-ok was in access_ok(), but got moved
during the 2.5 series to fix a race vs. swap.
Return the number of bytes to copy in the case where we are in an atomic
region, so the non atomic code pathes in file_read_actor() and
pipe_read() are taken.
This could be optimized to avoid the kmap_atomic by moving the check for
WP-works-ok into fault_in_pages_writeable(), but this is more intrusive
and can be done later.
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---
arch/i386/lib/usercopy.c | 9 +++++++++
1 file changed, 9 insertions(+)
--- a/arch/i386/lib/usercopy.c
+++ b/arch/i386/lib/usercopy.c
@@ -10,6 +10,7 @@
#include <linux/blkdev.h>
#include <linux/module.h>
#include <linux/backing-dev.h>
+#include <linux/interrupt.h>
#include <asm/uaccess.h>
#include <asm/mmx.h>
@@ -719,6 +720,14 @@ unsigned long __copy_to_user_ll(void __u
#ifndef CONFIG_X86_WP_WORKS_OK
if (unlikely(boot_cpu_data.wp_works_ok == 0) &&
((unsigned long )to) < TASK_SIZE) {
+ /*
+ * When we are in an atomic section (see
+ * mm/filemap.c:file_read_actor), return the full
+ * length to take the slow path.
+ */
+ if (in_atomic())
+ return n;
+
/*
* CPU does not honor the WP bit when writing
* from supervisory mode, and due to preemption or SMP,
--
next prev parent reply other threads:[~2007-04-11 22:54 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20070411224329.866978349@mini.kroah.org>
2007-04-11 22:51 ` [patch 00/31] [00/@num@] -stable review Greg KH
2007-04-11 22:51 ` [patch 01/31] kbuild: fix dependency generation Greg KH
2007-04-11 22:51 ` Greg KH [this message]
2007-04-11 22:51 ` [patch 03/31] sky2: reliable recovery Greg KH
2007-04-11 22:51 ` [patch 04/31] skge: turn carrier off when down Greg KH
2007-04-11 22:51 ` [patch 05/31] sky2: " Greg KH
2007-04-11 22:51 ` [patch 06/31] sky2: turn on clocks when doing resume Greg KH
2007-04-11 22:51 ` [patch 07/31] sky2: phy workarounds for Yukon EC-U A1 Greg KH
2007-04-11 22:51 ` [patch 08/31] DVB: tda10086: fix DiSEqC message length Greg KH
2007-04-11 22:51 ` [patch 09/31] DVB: pluto2: fix incorrect TSCR register setting Greg KH
2007-04-11 22:51 ` [patch 10/31] HID: Do not discard truncated input reports Greg KH
2007-04-11 22:51 ` [patch 11/31] Fix calculation for size of filemap_attr array in md/bitmap Greg KH
2007-04-11 22:51 ` [patch 12/31] 8139too: RTNL and flush_scheduled_work deadlock Greg KH
2007-04-11 22:51 ` [patch 13/31] NETFILTER: ipt_CLUSTERIP: fix oops in checkentry function Greg KH
2007-04-11 22:52 ` [patch 14/31] Fix IFB net driver input device crashes Greg KH
2007-04-11 22:52 ` [patch 15/31] Fix length validation in rawv6_sendmsg() Greg KH
2007-04-11 22:52 ` [patch 16/31] Fix scsi sense handling Greg KH
2007-04-11 22:52 ` [patch 17/31] Fix TCP receiver side SWS handling Greg KH
2007-04-11 22:52 ` [patch 18/31] Fix IPSEC replay window handling Greg KH
2007-04-11 22:52 ` [patch 19/31] Fix tcindex classifier ABI borkage Greg KH
2007-04-11 22:52 ` [patch 20/31] Fix TCP slow_start_after_idle sysctl Greg KH
2007-04-11 22:52 ` [patch 21/31] ide: use correct IDE error recovery Greg KH
2007-04-11 22:52 ` [patch 22/31] knfsd: allow nfsd READDIR to return 64bit cookies Greg KH
2007-04-11 22:52 ` [patch 23/31] softmac: avoid assert in ieee80211softmac_wx_get_rate Greg KH
2007-04-11 22:52 ` [patch 24/31] libata bugfix: preserve LBA bit for HDIO_DRIVE_TASK Greg KH
2007-04-11 22:52 ` [patch 25/31] ahci.c: walkaround for SB600 SATA internal error issue Greg KH
2007-04-11 22:52 ` [patch 26/31] fix lba48 bug in libata fill_result_tf() Greg KH
2007-04-11 22:52 ` [patch 27/31] libata: Clear tf before doing request sense (take 3) Greg KH
2007-04-11 22:52 ` [patch 28/31] revert "retries in ext3_prepare_write() violate ordering requirements" Greg KH
2007-04-11 22:52 ` [patch 29/31] revert "retries in ext4_prepare_write() " Greg KH
2007-04-11 22:53 ` [patch 30/31] fix page leak during core dump Greg KH
2007-04-11 22:53 ` [patch 31/31] Update libata drive blacklist to the latest from 2.6.21 Greg KH
2007-04-12 6:14 ` [patch 00/31] [00/@num@] -stable review Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20070411225117.GC24814@kroah.com \
--to=gregkh@suse.de \
--cc=akpm@linux-foundation.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=bunk@stusta.de \
--cc=cebbert@redhat.com \
--cc=chuckw@quantumlinux.com \
--cc=davej@redhat.com \
--cc=jmforbes@linuxtx.org \
--cc=linux-kernel@vger.kernel.org \
--cc=manfred@colorfullife.com \
--cc=mingo@elte.hu \
--cc=mkrufky@linuxtv.org \
--cc=rdunlap@xenotime.net \
--cc=reviews@ml.cw.f00f.org \
--cc=stable@kernel.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=tytso@mit.edu \
--cc=zwane@arm.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.