Re: i486 emu in mainline?

[Willy Tarreau]

On Sun, May 23, 2004 at 11:13:56AM +0200, Arjan van de Ven wrote:
> On Sun, May 23, 2004 at 10:44:15AM +0200, Willy Tarreau wrote:
> > Hi Arjan,
> > 
> > On Sun, May 23, 2004 at 09:13:20AM +0200, Arjan van de Ven wrote:
> > > on first look it seems to be missing a bunch of get_user() calls and
> > > does direct access instead....
> > 
> > It was intentional for speed purpose. The areas are checked once with
> > verify_area() when we need to access memory, then data is copied directly
> > from/to memory. I don't think there's any risk, but I can be wrong.
> 
> it's an oopsable offence; nothing is making sure the memory is actually
> present for example.

You mean like when a user does a malloc() and the memory is not physically
allocated because not used yet ? or even in case memory has been swapped
out ? I believe I begin to understand, but the corner case is not really
clear to me. It yet seems strange to me that the user can reference memory
areas that the kernel cannot access. I'm certainly mistaken somewhere, but
I don't know where. In fact, if you could give me a simple example which
puts my original code at fault, it would really help me. Then I'll change
the code as suggested by Andrew but at least I would understand what I do.

Thanks in advance.
Willy

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/