Manfred Spraul wrote:
> [ 2nd part of the mail, after hitting the send button in the middle of
> the sentence]
>
> The solution is to perform the check for write protection in the actual
> access functions, not during access_ok.
>
> The attached patch does that:
> - remove the check from access_ok
> - redirect all user space write access into __copy_to_user_ll
> - within __copy_to_user_ll: use get_user_pages, and write directly to
> the obtained kernel address.
>
> This fixes all swapout & data corruption bugs, and even removes 26 lines
> from the kernel.
>
> What do you think? The alternative would be to drop support for real
> 80386 cpus.
>
> Not tested on a real 80386, I've just replace wp_works_ok with
> !wp_works_ok.
>
> --
> Manfred
>
Close, but there is still a race here. You need to hold mmap_sem over
the memcpy. Another thread will expect the memory to not be written to
after write-protecting it.
-- Brian Gerst- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Apr 23 2003 - 22:00:31 EST