Re: copy_from_user() fixu

Richard Gooch (rgooch@atnf.csiro.au)
Tue, 25 Aug 1998 18:32:59 +1000


H. Peter Anvin writes:
> > > > This abstract libc/kernel interface you refer to is an abstraction
> > > > you've invented. It's not Unix practice. Unix practice is to return
> > > > EFAULT on system calls. System calls are open(2), read(2), write(2)
> > > > and similar.
> > >
> > > I didn't invent it. It has been in every single Unix spec I've ever
> > > read, and it's very explicit.
> >
> > I'm staring at the read(2) man page for Solaris 2.5 and it talks about
> > EFAULT. I don't see where it implies that EFAULT is optional.
>
> I just sent you the relevant chapter and verse from the Unix98 spec.

No, I just said I was reading the Solaris 2.5 man page. So for Solaris
2.5 I can reasonably default on EFAULT. And similarly for other
Unices.

> > > > > If you want to trap errors, you either have to sanitize the input, or
> > > > > trap SIGSEGV.
> > > >
> > > > I can't sanitise the input: I don't know what pointer the application
> > > > will pass. Trapping SEGV is a performance bugger: I have to install a
> > > > signal handler before every pseudo-syscall and restore it afterwards
> > > > (my library can't steal signals).
> >
> > You haven't responded to this part. Wrapping *every* call to read(2)
> > with a signal/setjmp save/restore is a performance killer.
> > Can you actually be serious that an application/library that tries to
> > trap bad addresses has to put up with this?
>
> Since it's the only way to do it ANYWAY, yes.

No, that's not true. I can depend on EFAULT with other Unices. So, if
the end result is that Linux takes away EFAULT, the *best* I can do is
to do #ifdef __linux__ and save/restore around pseudo-syscalls.

So then I'll have to put a big warning message in the documentation
and tell people that Linux has a performance bug compared to other
Unices.

Regards,

Richard....

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html