Re: is avoiding compat ioctls possible?

From: Andi Kleen
Date: Tue Oct 27 2009 - 23:51:27 EST

Next message: KOSAKI Motohiro: "Re: [PATCH 3/3] vmscan: Force kswapd to take notice faster when high-order watermarks are being hit"
Previous message: Yinghai Lu: "Re: [PATCH] pci: only release that resource index is less than 3"
In reply to: David Miller: "Re: is avoiding compat ioctls possible?"
Next in thread: Dave Airlie: "Re: is avoiding compat ioctls possible?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Oct 27, 2009 at 08:45:30PM -0700, David Miller wrote:
> From: Dave Airlie <airlied@xxxxxxxx>
> Date: Wed, 28 Oct 2009 03:43:07 +0000 (GMT)
>
> > we already opencoded this (probably before it was macroisied or we just
> > pasted it), so the radeon one is buggy, I should just go and compat_* all
> > of these then and we should be all happy?
>
> It should be, it's only working because:
>
> 1) A malicious userland hasn't put garbage in the upper bits for
> you yet.

The x86 compat_ptr wouldn't even help with that because it doesn't mask.

If they use *_user() or anything else with access_ok later that should
be caught properly. The user land could only put in pointers to unmapped
[32bit...kernel boundary] data, which is harmless.

-Andi

--
ak@xxxxxxxxxxxxxxx -- Speaking for myself only.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: KOSAKI Motohiro: "Re: [PATCH 3/3] vmscan: Force kswapd to take notice faster when high-order watermarks are being hit"
Previous message: Yinghai Lu: "Re: [PATCH] pci: only release that resource index is less than 3"
In reply to: David Miller: "Re: is avoiding compat ioctls possible?"
Next in thread: Dave Airlie: "Re: is avoiding compat ioctls possible?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]