Re: [PATCH 1/3] uprobes: fix the usage of install_special_mapping()
From: Oleg Nesterov
Date: Thu Jul 09 2015 - 18:04:05 EST
On 07/09, Andy Lutomirski wrote:
>
> On Thu, Jul 9, 2015 at 2:44 PM, Oleg Nesterov <oleg@xxxxxxxxxx> wrote:
> > install_special_mapping(pages) expects that "pages" is the zero-
> > terminated array while xol_add_vma() passes &area->page, this means
> > that special_mapping_fault() can wrongly use the next member in
> > xol_area (vaddr) as "struct page *".
> >
> > Fortunately, this area is not expandable so pgoff != 0 isn't possible
> > (modulo bugs in special_mapping_vmops), but still this does not look
> > good.
> >
>
> I fell for that awhile back, too, causing a bizarre HPET bug.
I guess you mean no_pages[] = {NULL} in map_vdso() ?
uprobes differs, I think pgoff != 0 is not actually possible (assuming
we fix special_mapping_fault). But this doesn't matter, this is wrong
anyway.
> What zeroes pages[1]?
Heh ;) Thanks. I'll send v2.
Oleg.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/