From: Ingo Molnar <mingo@elte.hu>
To: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Chuck Ebbert <76306.1226@compuserve.com>,
Linus Torvalds <torvalds@linux-foundation.org>,
Roland McGrath <roland@redhat.com>,
linux-kernel@vger.kernel.org
Subject: [patch] i386: remove unnecessary code
Date: Tue, 17 Jul 2007 18:04:25 +0200 [thread overview]
Message-ID: <20070717160425.GA26401@elte.hu> (raw)
In-Reply-To: <20070717154638.GA342@tv-sign.ru>
* Oleg Nesterov <oleg@tv-sign.ru> wrote:
> I am really puzzled by set_fs(USER_DS) in setup_frame/setup_rt_frame.
>
> How is it possible that current->addr_limit != USER_DS ? If this _is_
> possible, how can can we trust the result of access_ok() above?
hm, this is _ancient_ code (possibly dating back to the pharaohs). If we
are in KERNEL_DS then we call do_signal() then we are most likely a
kernel thread and regs->esp points to the kernel stack ... the result of
which would be a quite spectacular crash anyway.
Patch below.
Ingo
----------------------------->
Subject: [patch] i386: remove unnecessary code
From: Ingo Molnar <mingo@elte.hu>
Oleg Nesterov pointed out that the set_fs() calls in setup_frame()
and setup_rt_frame() were superfluous.
Signed-off-by: Ingo Molnar <mingo@elte.hu>
---
arch/i386/kernel/signal.c | 2 --
1 file changed, 2 deletions(-)
Index: linux/arch/i386/kernel/signal.c
===================================================================
--- linux.orig/arch/i386/kernel/signal.c
+++ linux/arch/i386/kernel/signal.c
@@ -380,7 +380,6 @@ static int setup_frame(int sig, struct k
regs->edx = (unsigned long) 0;
regs->ecx = (unsigned long) 0;
- set_fs(USER_DS);
regs->xds = __USER_DS;
regs->xes = __USER_DS;
regs->xss = __USER_DS;
@@ -474,7 +473,6 @@ static int setup_rt_frame(int sig, struc
regs->edx = (unsigned long) &frame->info;
regs->ecx = (unsigned long) &frame->uc;
- set_fs(USER_DS);
regs->xds = __USER_DS;
regs->xes = __USER_DS;
regs->xss = __USER_DS;
next prev parent reply other threads:[~2007-07-17 16:04 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-07-17 15:46 Q: a bogus set_fs(USER_DS) in setup_frame/setup_rt_frame ? Oleg Nesterov
2007-07-17 16:04 ` Ingo Molnar [this message]
2007-07-17 16:05 ` Linus Torvalds
2007-07-17 17:15 ` Oleg Nesterov
2007-07-17 19:36 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20070717160425.GA26401@elte.hu \
--to=mingo@elte.hu \
--cc=76306.1226@compuserve.com \
--cc=linux-kernel@vger.kernel.org \
--cc=oleg@tv-sign.ru \
--cc=roland@redhat.com \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.