From: "Chen, Kenneth W" <kenneth.w.chen@intel.com>
To: linux-ia64@vger.kernel.org
Subject: [patch] make exception handler in copy_user more robust
Date: Tue, 06 Sep 2005 23:05:23 +0000 [thread overview]
Message-ID: <200509062306.j86N64g19803@unix-os.sc.intel.com> (raw)
The exception handler in copy user always expects fault occurs only on
user space address and the fall back recovery code is written with that
very assumption in mind. Recent source code inspection revealed that
while it worked splendid and to the expectation under normal circumstances,
It broke down under unexpected condition where some address calculation
might go outside the legal address range the original copy_user was
called for. This patch is to make copy_user exception handler more robust
and to prevent potential memory corruption.
Signed-off-by: Ken Chen <kenneth.w.chen@intel.com>
--- linux-2.6.13/arch/ia64/lib/memcpy_mck.S.orig 2005-09-06 15:15:29.560795174 -0700
+++ linux-2.6.13/arch/ia64/lib/memcpy_mck.S 2005-09-06 15:21:46.798095240 -0700
@@ -625,8 +625,11 @@ EK(.ex_handler, (p17) st8 [dst1]=r39,8)
clrrrb
;;
alloc saved_pfs_stack=ar.pfs,3,3,3,0
+ cmp.lt p8,p0=A,r0
sub B = dst0, saved_in0 // how many byte copied so far
;;
+(p8) mov A = 0; // A shouldn't be negative, cap it
+ ;;
sub C = A, B
sub D = saved_in2, A
;;
next reply other threads:[~2005-09-06 23:05 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-09-06 23:05 Chen, Kenneth W [this message]
2005-09-07 1:10 ` [patch] make exception handler in copy_user more robust david mosberger
2005-09-07 1:49 ` Chen, Kenneth W
2005-09-07 2:07 ` david mosberger
2005-09-07 2:11 ` Chen, Kenneth W
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200509062306.j86N64g19803@unix-os.sc.intel.com \
--to=kenneth.w.chen@intel.com \
--cc=linux-ia64@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox