Re: [PATCH/2.4.26] Avoid kernel data corruption through /dev/kmem

[BlaisorBlade]

Alle 15:18, venerdì 2 luglio 2004, Marcelo Tosatti ha scritto:
> On Thu, Jul 01, 2004 at 04:05:29PM +0200, BlaisorBlade wrote:

> This looks much better for inclusion. But do you actually have a problem
> with write to /dev/kmem not returning correct error code?
The *other* time I spoke about error code... but it seems you don't have 
noticed the part *below* of my mail, the one where I describe what I complain 
about kernel memory corruption... read below:

> If you convince me there are good enough reasons we can try this on
> 2.4.28-pre.

> > We need to check if do_write_mem == -EFAULT.
> > In fact, without that check, we could execute this:
> >
> > do_write_mem returns -EFAULT;
> > wrote = -EFAULT;
> >
> > buf += wrote; //i.e. buf -= EFAULT (14);
> >
> > ... read other data from buf, and write it to kernel memory
And those datas are crap, obviously: the app wanted to write *buf to kernel 
memory, not *(buf-14), so we can have data corruption.

> > (actually on special circumstances, i.e. p < high_memory &&
> >  p + count > high_memory).

-- 
Paolo Giarrusso, aka Blaisorblade
Linux registered user n. 292729

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/