From: Jamie Lokier <jamie@shareable.org>
To: Andi Kleen <andi@firstfloor.org>
Cc: Vitaly Mayatskikh <v.mayatskih@gmail.com>,
Josef Bacik <josef@redhat.com>,
sandeen@redhat.com, linux-fsdevel@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 2/2] Perform check in iov_iter_fault_in_readable() by check_readable_bytes()
Date: Fri, 15 May 2009 14:43:15 +0100 [thread overview]
Message-ID: <20090515134315.GB8235@shareable.org> (raw)
In-Reply-To: <20090515093838.GB16682@one.firstfloor.org>
Andi Kleen wrote:
> > ptr = mmap(0, page_size, ....);
> > ...
> > write(fd, ptr + page_size - 256, 512);
> >
> > Write() will fail here, but it can write first 256 bytes. Previously,
> > all 512 bytes were proceeded, but last 256 bytes were zeroed, and
> > sys_write() returned 256. Not very nice too.
>
> Is that really something that users rely on? It looks like a seriously
> broken user program. Which one is that? (just that I can avoid it :)
A few programs set pages read-only, and rely on SIGSEGVs to trigger
mprotect() in the signal handler and thus track dirty pages.
I think the Boehm garbage collector has this option, as do some LISP
interpreters.
System calls don't trigger SIGSEGVs so they can't rely on that when
calling read(). I'm not sure how they handle that.
It would be quite nice if it were safe to call read(), get EFAULT
immediately, or a truncated read() then the next read() gets EFAULT
because it starts at a missing page boundary, and then that's a hint
for the program to consult it's data structures and do it's mprotect()
thing.
Hopefully no programs assume they can do that already, but it would be
nice if they could begin to assume it, instead of checking their data
structure in advance of every read() call.
I don't know of any program which would need the same thing with
write(), but obviously good for symmetry.
-- Jamie
next prev parent reply other threads:[~2009-05-15 13:43 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-05-14 16:18 [PATCH 0/2] sys_write() should write all valid data Vitaly Mayatskikh
2009-05-14 16:19 ` [PATCH 1/2] Introduce check_readable_bytes() Vitaly Mayatskikh
2009-05-14 17:40 ` Josef Bacik
2009-05-14 17:57 ` Vitaly Mayatskikh
2009-05-14 16:19 ` [PATCH 2/2] Perform check in iov_iter_fault_in_readable() by check_readable_bytes() Vitaly Mayatskikh
2009-05-15 6:56 ` Andi Kleen
2009-05-15 7:56 ` Vitaly Mayatskikh
2009-05-15 9:38 ` Andi Kleen
2009-05-15 11:56 ` Vitaly Mayatskikh
2009-05-15 12:19 ` Andi Kleen
2009-05-15 13:43 ` Jamie Lokier [this message]
2009-05-15 14:01 ` Andi Kleen
2009-05-15 14:37 ` Jamie Lokier
2009-05-18 8:31 ` Alan Cox
2009-05-18 9:48 ` Jamie Lokier
2009-05-18 10:03 ` Alan Cox
2009-05-18 10:16 ` Andi Kleen
2009-05-19 8:55 ` Pavel Machek
2009-05-14 18:02 ` [PATCH 0/2] sys_write() should write all valid data Josef Bacik
2009-05-14 18:48 ` Vitaly Mayatskikh
2009-05-14 19:05 ` Josef Bacik
2009-05-15 6:52 ` Andi Kleen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090515134315.GB8235@shareable.org \
--to=jamie@shareable.org \
--cc=andi@firstfloor.org \
--cc=josef@redhat.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=sandeen@redhat.com \
--cc=v.mayatskih@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).