From: Greg KH <gregkh@suse.de>
To: linux-kernel@vger.kernel.org, stable@kernel.org,
Linus Torvalds <torvalds@linux-foundation.org>
Cc: Justin Forbes <jmforbes@linuxtx.org>,
Zwane Mwaikambo <zwane@arm.linux.org.uk>,
"Theodore Ts'o" <tytso@mit.edu>,
Randy Dunlap <rdunlap@xenotime.net>,
Dave Jones <davej@redhat.com>,
Chuck Wolber <chuckw@quantumlinux.com>,
Chris Wedgwood <reviews@ml.cw.f00f.org>,
Michael Krufky <mkrufky@linuxtv.org>,
Chuck Ebbert <cebbert@redhat.com>,
akpm@linux-foundation.org, alan@lxorguk.ukuu.org.uk,
Manfred Spraul <manfred@colorfullife.com>,
Adrian Bunk <bunk@stusta.de>, Ingo Molnar <mingo@elte.hu>,
Thomas Gleixner <tglx@linutronix.de>
Subject: [patch 02/31] i386: fix file_read_actor() and pipe_read() for original i386 systems
Date: Wed, 11 Apr 2007 15:51:17 -0700 [thread overview]
Message-ID: <20070411225117.GC24814@kroah.com> (raw)
In-Reply-To: <20070411225100.GA24814@kroah.com>
[-- Attachment #1: i386-fix-file_read_actor-and-pipe_read-for-original-i386-systems.patch --]
[-- Type: text/plain, Size: 1826 bytes --]
-stable review patch. If anyone has any objections, please let us know.
------------------
From: Thomas Gleixner <tglx@linutronix.de>
The __copy_to_user_inatomic() calls in file_read_actor() and pipe_read()
are broken on original i386 machines, where WP-works-ok == false, as
__copy_to_user_inatomic() on such systems calls functions which might
sleep and/or contain cond_resched() calls inside of a kmap_atomic()
region.
The original check for WP-works-ok was in access_ok(), but got moved
during the 2.5 series to fix a race vs. swap.
Return the number of bytes to copy in the case where we are in an atomic
region, so the non atomic code pathes in file_read_actor() and
pipe_read() are taken.
This could be optimized to avoid the kmap_atomic by moving the check for
WP-works-ok into fault_in_pages_writeable(), but this is more intrusive
and can be done later.
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---
arch/i386/lib/usercopy.c | 9 +++++++++
1 file changed, 9 insertions(+)
--- a/arch/i386/lib/usercopy.c
+++ b/arch/i386/lib/usercopy.c
@@ -10,6 +10,7 @@
#include <linux/blkdev.h>
#include <linux/module.h>
#include <linux/backing-dev.h>
+#include <linux/interrupt.h>
#include <asm/uaccess.h>
#include <asm/mmx.h>
@@ -719,6 +720,14 @@ unsigned long __copy_to_user_ll(void __u
#ifndef CONFIG_X86_WP_WORKS_OK
if (unlikely(boot_cpu_data.wp_works_ok == 0) &&
((unsigned long )to) < TASK_SIZE) {
+ /*
+ * When we are in an atomic section (see
+ * mm/filemap.c:file_read_actor), return the full
+ * length to take the slow path.
+ */
+ if (in_atomic())
+ return n;
+
/*
* CPU does not honor the WP bit when writing
* from supervisory mode, and due to preemption or SMP,
--
next prev parent reply other threads:[~2007-04-11 22:54 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20070411224329.866978349@mini.kroah.org>
2007-04-11 22:51 ` [patch 00/31] [00/@num@] -stable review Greg KH
2007-04-11 22:51 ` [patch 01/31] kbuild: fix dependency generation Greg KH
2007-04-11 22:51 ` Greg KH [this message]
2007-04-11 22:51 ` [patch 03/31] sky2: reliable recovery Greg KH
2007-04-11 22:51 ` [patch 04/31] skge: turn carrier off when down Greg KH
2007-04-11 22:51 ` [patch 05/31] sky2: " Greg KH
2007-04-11 22:51 ` [patch 06/31] sky2: turn on clocks when doing resume Greg KH
2007-04-11 22:51 ` [patch 07/31] sky2: phy workarounds for Yukon EC-U A1 Greg KH
2007-04-11 22:51 ` [patch 08/31] DVB: tda10086: fix DiSEqC message length Greg KH
2007-04-11 22:51 ` [patch 09/31] DVB: pluto2: fix incorrect TSCR register setting Greg KH
2007-04-11 22:51 ` [patch 10/31] HID: Do not discard truncated input reports Greg KH
2007-04-11 22:51 ` [patch 11/31] Fix calculation for size of filemap_attr array in md/bitmap Greg KH
2007-04-11 22:51 ` [patch 12/31] 8139too: RTNL and flush_scheduled_work deadlock Greg KH
2007-04-11 22:51 ` [patch 13/31] NETFILTER: ipt_CLUSTERIP: fix oops in checkentry function Greg KH
2007-04-11 22:52 ` [patch 14/31] Fix IFB net driver input device crashes Greg KH
2007-04-11 22:52 ` [patch 15/31] Fix length validation in rawv6_sendmsg() Greg KH
2007-04-11 22:52 ` [patch 16/31] Fix scsi sense handling Greg KH
2007-04-11 22:52 ` [patch 17/31] Fix TCP receiver side SWS handling Greg KH
2007-04-11 22:52 ` [patch 18/31] Fix IPSEC replay window handling Greg KH
2007-04-11 22:52 ` [patch 19/31] Fix tcindex classifier ABI borkage Greg KH
2007-04-11 22:52 ` [patch 20/31] Fix TCP slow_start_after_idle sysctl Greg KH
2007-04-11 22:52 ` [patch 21/31] ide: use correct IDE error recovery Greg KH
2007-04-11 22:52 ` [patch 22/31] knfsd: allow nfsd READDIR to return 64bit cookies Greg KH
2007-04-11 22:52 ` [patch 23/31] softmac: avoid assert in ieee80211softmac_wx_get_rate Greg KH
2007-04-11 22:52 ` [patch 24/31] libata bugfix: preserve LBA bit for HDIO_DRIVE_TASK Greg KH
2007-04-11 22:52 ` [patch 25/31] ahci.c: walkaround for SB600 SATA internal error issue Greg KH
2007-04-11 22:52 ` [patch 26/31] fix lba48 bug in libata fill_result_tf() Greg KH
2007-04-11 22:52 ` [patch 27/31] libata: Clear tf before doing request sense (take 3) Greg KH
2007-04-11 22:52 ` [patch 28/31] revert "retries in ext3_prepare_write() violate ordering requirements" Greg KH
2007-04-11 22:52 ` [patch 29/31] revert "retries in ext4_prepare_write() " Greg KH
2007-04-11 22:53 ` [patch 30/31] fix page leak during core dump Greg KH
2007-04-11 22:53 ` [patch 31/31] Update libata drive blacklist to the latest from 2.6.21 Greg KH
2007-04-12 6:14 ` [patch 00/31] [00/@num@] -stable review Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20070411225117.GC24814@kroah.com \
--to=gregkh@suse.de \
--cc=akpm@linux-foundation.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=bunk@stusta.de \
--cc=cebbert@redhat.com \
--cc=chuckw@quantumlinux.com \
--cc=davej@redhat.com \
--cc=jmforbes@linuxtx.org \
--cc=linux-kernel@vger.kernel.org \
--cc=manfred@colorfullife.com \
--cc=mingo@elte.hu \
--cc=mkrufky@linuxtv.org \
--cc=rdunlap@xenotime.net \
--cc=reviews@ml.cw.f00f.org \
--cc=stable@kernel.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=tytso@mit.edu \
--cc=zwane@arm.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox