Insertion of die_if_kernel in unaligned.c

Insertion of die_if_kernel in unaligned.c

[Carsten Langgaard]

In the latest version of arch/mips/kernel/unaligned.c, there has been
inserted some calls to the die_if_kernel, which check if we are running
in kernel mode and if so dies.
I'm not so sure this is the right thing to do, the floating point
emulator will in some cases generate an address error (e.g. if emulating
a swc1 to an unaligned address). The result is that an user application
can crash the kernel.

/Carsten


--
_    _ ____  ___   Carsten Langgaard   Mailto:carstenl@mips.com
|\  /|||___)(___   MIPS Denmark        Direct: +45 4486 5527
| \/ |||    ____)  Lautrupvang 4B      Switch: +45 4486 5555
  TECHNOLOGIES     2750 Ballerup       Fax...: +45 4486 5556
                   Denmark             http://www.mips.com

Re: Insertion of die_if_kernel in unaligned.c

[Ralf Baechle]

On Thu, May 03, 2001 at 12:39:20PM +0200, Carsten Langgaard wrote:

> In the latest version of arch/mips/kernel/unaligned.c, there has been
> inserted some calls to the die_if_kernel, which check if we are running
> in kernel mode and if so dies.
> I'm not so sure this is the right thing to do, the floating point
> emulator will in some cases generate an address error (e.g. if emulating
> a swc1 to an unaligned address). The result is that an user application
> can crash the kernel.

They're wrong and what's worse, I knew about them.  The unaligned from
kernelspace case can also be triggered from the network stack so this
leaves machines open to remote DoS.

  Ralf