From: "David S. Miller" <davem@davemloft.net>
To: Andi Kleen <ak@suse.de>
Cc: rmk@arm.linux.org.uk, torvalds@osdl.org, akpm@osdl.org,
dwmw2@infradead.org, linux-arch@vger.kernel.org
Subject: Re: [patch 19/24] TASK_SIZE is variable.
Date: Mon, 7 Feb 2005 12:13:21 -0800 [thread overview]
Message-ID: <20050207121321.3bb6e521.davem@davemloft.net> (raw)
In-Reply-To: <20050207201547.GA6790@wotan.suse.de>
On Mon, 7 Feb 2005 21:15:47 +0100
Andi Kleen <ak@suse.de> wrote:
> Yes, but it is done outside KERNEL_DS (otherwise it is a security hole)
> And then later in KERNEL_DS there is no verify_area.
It is done "inside" KERNEL_DS by the routines we invoke which
expect user pointers but we're giving them kernel pointers.
Example:
extern long sys_foo(char __user *buf, int len);
long compat_sys_foo(compat_uptr_t ubuf, int len)
{
char *kbuf = kmalloc(len, GFP_KERNEL);
mm_segment_t old_fs = get_fs();
int err;
if (!kbuf)
return -ENOMEM;
set_fs(KERNEL_DS);
err = sys_foo(kbuf, len);
set_fs(old_fs);
kfree(kbuf);
return err;
}
The copy_to_user() or whatever done by sys_foo() will operate within
KERNEL_DS on "kbuf" and thus the access_ok() check done via copy_to_user()
will do the proper checks for us with my proposal of valid virtual address
ranges stored in the mm_struct.
next prev parent reply other threads:[~2005-02-07 20:13 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <200502050150.j151osl11380@mail.osdl.org>
2005-02-05 2:16 ` [patch 19/24] TASK_SIZE is variable Linus Torvalds
2005-02-05 3:29 ` Linus Torvalds
2005-02-05 5:52 ` David S. Miller
2005-02-07 10:59 ` David Howells
2005-02-07 19:30 ` David S. Miller
2005-02-08 9:05 ` Martin Schwidefsky
2005-02-08 19:09 ` David S. Miller
2005-02-05 9:06 ` Russell King
2005-02-05 23:44 ` David S. Miller
2005-02-06 10:50 ` Andi Kleen
2005-02-06 21:19 ` David S. Miller
2005-02-06 21:31 ` Andi Kleen
2005-02-06 21:31 ` David S. Miller
2005-02-06 21:50 ` Andi Kleen
2005-02-06 22:25 ` David S. Miller
2005-02-06 22:31 ` David S. Miller
2005-02-07 8:11 ` Andi Kleen
2005-02-07 19:28 ` David S. Miller
2005-02-07 20:15 ` Andi Kleen
2005-02-07 20:13 ` David S. Miller [this message]
2005-02-05 6:54 ` Andi Kleen
2005-02-05 7:18 ` Andrew Morton
2005-02-05 7:40 ` Andi Kleen
2005-02-05 23:27 ` David S. Miller
2005-02-06 10:38 ` Andi Kleen
2005-02-06 13:05 ` Matthew Wilcox
2005-02-05 23:15 ` David S. Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050207121321.3bb6e521.davem@davemloft.net \
--to=davem@davemloft.net \
--cc=ak@suse.de \
--cc=akpm@osdl.org \
--cc=dwmw2@infradead.org \
--cc=linux-arch@vger.kernel.org \
--cc=rmk@arm.linux.org.uk \
--cc=torvalds@osdl.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox