Re: [PATCH v2 11/17] selftests/x86/ldt_gdt: Prepare for access bit forced

From: Linus Torvalds
Date: Thu Dec 14 2017 - 17:53:10 EST

Next message: Dmitry Osipenko: "Re: [PATCH v1 2/2] memory: tegra: Introduce memory client hot reset API"
Previous message: Bjorn Helgaas: "Re: [PATCH v3 3/8] PCI: brcmstb: Add Broadcom STB PCIe host controller driver"
In reply to: Peter Zijlstra: "Re: [PATCH v2 11/17] selftests/x86/ldt_gdt: Prepare for access bit forced"
Next in thread: Andy Lutomirski: "Re: [PATCH v2 11/17] selftests/x86/ldt_gdt: Prepare for access bit forced"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Dec 14, 2017 at 2:24 PM, Peter Zijlstra <peterz@xxxxxxxxxxxxx> wrote:
>
> get_user_pages_fast() (both of them) do indeed test access_ok(), but the
> regular get_user_pages() does not, I suspect because it can operate on a
> foreign mm.

That sounds wrong.

We actually had some very serious reasons why get_user_pages_fast()
needed to check access_ok().

I happen to forget what those reasons were, though.

My mind may be going.

But I think it was something like "you could walk off the page tables
because the undefined address range generates nonsensical values for
the pgd_offset() functions" etc.

But maybe the regular get_user_pages() has some other way to protect
against that.

Linus

Next message: Dmitry Osipenko: "Re: [PATCH v1 2/2] memory: tegra: Introduce memory client hot reset API"
Previous message: Bjorn Helgaas: "Re: [PATCH v3 3/8] PCI: brcmstb: Add Broadcom STB PCIe host controller driver"
In reply to: Peter Zijlstra: "Re: [PATCH v2 11/17] selftests/x86/ldt_gdt: Prepare for access bit forced"
Next in thread: Andy Lutomirski: "Re: [PATCH v2 11/17] selftests/x86/ldt_gdt: Prepare for access bit forced"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]