Re: [PATCH v2] arm64: add alignment fault hanling

From: Arjan van de Ven
Date: Tue Feb 16 2016 - 16:31:43 EST

Next message: Aravind Gopalakrishnan: "[PATCH 0/4] Updates to EDAC and AMD MCE driver"
Previous message: Carlo Caione: "[PATCH] ASoC: cht_bsw_rt5645: Enable jack detection"
In reply to: Linus Torvalds: "Re: [PATCH v2] arm64: add alignment fault hanling"
Next in thread: Catalin Marinas: "Re: [PATCH v2] arm64: add alignment fault hanling"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2/16/2016 10:50 AM, Linus Torvalds wrote:

On Tue, Feb 16, 2016 at 9:04 AM, Will Deacon <will.deacon@xxxxxxx> wrote:

[replying to self and adding some x86 people]

Background: Euntaik reports a problem where userspace has ended up with
a memory page mapped adjacent to an MMIO page (e.g. from /dev/mem or a
PCI memory bar from someplace in /sys). strncpy_from_user happens with
the word-at-a-time implementation, and we end up reading into the MMIO
page.

how does this work if the adjacent page is not accessible?
or has some other magic fault handler, or is on an NFS filesystem where
the server is rebooting?

isn't the general rule for such basic functions "don't touch memory unless you KNOW it is there"

Of course, no actual real program will do that for mixing MMIO and
non-MMIO, and so we might obviously add code to always add a guard
page for the normal case when a specific address isn't asked for. So
as a heuristic to make sure it doesn't happen by mistake it possibly
makes sense.

but what happens to the read if the page isn't present?
or is execute-only or .. or ..

Next message: Aravind Gopalakrishnan: "[PATCH 0/4] Updates to EDAC and AMD MCE driver"
Previous message: Carlo Caione: "[PATCH] ASoC: cht_bsw_rt5645: Enable jack detection"
In reply to: Linus Torvalds: "Re: [PATCH v2] arm64: add alignment fault hanling"
Next in thread: Catalin Marinas: "Re: [PATCH v2] arm64: add alignment fault hanling"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]