Re: [PATCH] remember to check return value from __copy_to_user() in cdrom_read_cdda_old()

[Jens Axboe]

On Tue, Sep 07 2004, viro@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx wrote:
> On Tue, Sep 07, 2004 at 12:30:31PM +0200, Jens Axboe wrote:
> > it boils down to access_ok() not being sufficient on its own, and in
> > which case yes we should just use copy_to_user() and kill the check
> > completely as per the patch sent out.
> 
> access_ok() is just "we can trust MMU to do the right thing when dealing
> with access to process address space at that address".  On platforms with
> secondary address spaces (e.g. sparc) it's always true.  On something like
> i386 we *could* use segments for the same purposes.  In fact, we used to
> do just that - access to userland memory went with %fs as segment (thus
> the names like extinct memcpy_fromfs() and surviving set_fs()).  However,
> it's cheaper to do that check explicitly instead of relying on MMU.  And
> that's what access_ok() does.

Alright, I'm wondering how the misconception of what access_ok() really
guarantees snuck into cdrom.c. At least the patch takes care of it.

-- 
Jens Axboe

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/