From: Christoph Rohland <cr@sap.com>
To: David.Egolf@Bull.com, Marcelo Tosatti <marcelo@conectiva.com.br>,
Linus Torvalds <torvalds@transmeta.com>
Cc: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: Linux - Patch to shmat
Date: 08 Dec 2001 10:53:57 +0100 [thread overview]
Message-ID: <m3y9kehwp9.fsf@linux.local> (raw)
In-Reply-To: <OF82220913.E96CC81C-ON07256B1B.002C703D@az05.bull.com>
In-Reply-To: <OF82220913.E96CC81C-ON07256B1B.002C703D@az05.bull.com>
Hi Marcelo and Linus,
On Fri, 7 Dec 2001, David Egolf wrote:
> We put your patch on a dual processor IA32 machine. It correctly
> ran our prior test which did not employ threads. We also designed a
> test which was meant to stress the gating by attempting overlapped
> virtual mappings from ten different threads on the same process. We
> detected no problems with the patch as everything ran with correct
> status.
David Egolf and his colleages from Bull noticed that a pretty crucial
test was dropped by me when redesigning SYSV shm and tmpfs. If you
give an address to shmat it no longer checks if there is already a
mapping and happily maps it unconditionally at the given address. This
should only happen with the SHM_REMAP flag.
The appended patch reintroduces the necessary checks.
Please apply
Christoph
--- 2.4.16/ipc/shm.c Sun Oct 28 16:59:03 2001
+++ m2.4.16/ipc/shm.c Sat Dec 8 10:35:17 2001
@@ -569,6 +569,7 @@
{
struct shmid_kernel *shp;
unsigned long addr;
+ unsigned long size;
struct file * file;
int err;
unsigned long flags;
@@ -588,8 +589,12 @@
return -EINVAL;
}
flags = MAP_SHARED | MAP_FIXED;
- } else
+ } else {
+ if ((shmflg & SHM_REMAP))
+ return -EINVAL;
+
flags = MAP_SHARED;
+ }
if (shmflg & SHM_RDONLY) {
prot = PROT_READ;
@@ -603,7 +608,7 @@
/*
* We cannot rely on the fs check since SYSV IPC does have an
- * aditional creator id...
+ * additional creator id...
*/
shp = shm_lock(shmid);
if(shp == NULL)
@@ -618,11 +623,27 @@
return -EACCES;
}
file = shp->shm_file;
+ size = file->f_dentry->d_inode->i_size;
shp->shm_nattch++;
shm_unlock(shmid);
down_write(¤t->mm->mmap_sem);
- user_addr = (void *) do_mmap (file, addr, file->f_dentry->d_inode->i_size, prot, flags, 0);
+ if (addr && !(shmflg & SHM_REMAP)) {
+ user_addr = ERR_PTR(-EINVAL);
+ if (find_vma_intersection(current->mm, addr, addr + size))
+ goto invalid;
+ /*
+ * If shm segment goes below stack, make sure there is some
+ * space left for the stack to grow (at least 4 pages).
+ */
+ if (addr < current->mm->start_stack &&
+ addr > current->mm->start_stack - size - PAGE_SIZE * 5)
+ goto invalid;
+ }
+
+ user_addr = (void*) do_mmap (file, addr, size, prot, flags, 0);
+
+invalid:
up_write(¤t->mm->mmap_sem);
down (&shm_ids.sem);
parent reply other threads:[~2001-12-08 10:01 UTC|newest]
Thread overview: expand[flat|nested] mbox.gz Atom feed
[parent not found: <OF82220913.E96CC81C-ON07256B1B.002C703D@az05.bull.com>]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m3y9kehwp9.fsf@linux.local \
--to=cr@sap.com \
--cc=David.Egolf@Bull.com \
--cc=linux-kernel@vger.kernel.org \
--cc=marcelo@conectiva.com.br \
--cc=torvalds@transmeta.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox