It had better add argument pointer checking.
If any guys write driver want to alloc hightmem and pass a no-initial pointer,
it would be crashed.
Signed-off-by: Figo.zhang <[email protected]>
---
arch/x86/mm/highmem_32.c | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/arch/x86/mm/highmem_32.c b/arch/x86/mm/highmem_32.c
index 58f621e..e52e1a9 100644
--- a/arch/x86/mm/highmem_32.c
+++ b/arch/x86/mm/highmem_32.c
@@ -31,6 +31,7 @@ void *kmap_atomic_prot(struct page *page, enum km_type type, pgprot_t prot)
{
enum fixed_addresses idx;
unsigned long vaddr;
+ BUG_ON(!page);
/* even !CONFIG_PREEMPT needs this, for in_atomic in do_page_fault */
pagefault_disable();
@@ -58,6 +59,9 @@ void kunmap_atomic(void *kvaddr, enum km_type type)
unsigned long vaddr = (unsigned long) kvaddr & PAGE_MASK;
enum fixed_addresses idx = type + KM_TYPE_NR*smp_processor_id();
+ if(!kvaddr)
+ return;
+
/*
* Force other mappings to Oops if they'll try to access this pte
* without first remap it. Keeping stale mappings around is a bad idea
* Figo.zhang <[email protected]> wrote:
> It had better add argument pointer checking.
>
> If any guys write driver want to alloc hightmem and pass a no-initial pointer,
> it would be crashed.
>
> Signed-off-by: Figo.zhang <[email protected]>
> ---
> arch/x86/mm/highmem_32.c | 4 ++++
> 1 files changed, 4 insertions(+), 0 deletions(-)
>
> diff --git a/arch/x86/mm/highmem_32.c b/arch/x86/mm/highmem_32.c
> index 58f621e..e52e1a9 100644
> --- a/arch/x86/mm/highmem_32.c
> +++ b/arch/x86/mm/highmem_32.c
> @@ -31,6 +31,7 @@ void *kmap_atomic_prot(struct page *page, enum km_type type, pgprot_t prot)
> {
> enum fixed_addresses idx;
> unsigned long vaddr;
> + BUG_ON(!page);
>
> /* even !CONFIG_PREEMPT needs this, for in_atomic in do_page_fault */
> pagefault_disable();
> @@ -58,6 +59,9 @@ void kunmap_atomic(void *kvaddr, enum km_type type)
> unsigned long vaddr = (unsigned long) kvaddr & PAGE_MASK;
> enum fixed_addresses idx = type + KM_TYPE_NR*smp_processor_id();
>
> + if(!kvaddr)
> + return;
> +
(Please run patches through scripts/checkpatch.pl before
submission.)
Also, what's the improvement here? Before the patch we'd crash on a
NULL dereference ... after the patch we'd crash on a BUG_ON().
Furthermore, he kunmap_atomic() change is outright wrong - it will
now allow NULL kunmaps, which can hide bugs in drivers.
Ingo
On Mon, 2009-06-29 at 06:09 +0200, Ingo Molnar wrote:
> * Figo.zhang <[email protected]> wrote:
>
> > It had better add argument pointer checking.
> >
> > If any guys write driver want to alloc hightmem and pass a no-initial pointer,
> > it would be crashed.
> >
> > Signed-off-by: Figo.zhang <[email protected]>
> > ---
> > arch/x86/mm/highmem_32.c | 4 ++++
> > 1 files changed, 4 insertions(+), 0 deletions(-)
> >
> > diff --git a/arch/x86/mm/highmem_32.c b/arch/x86/mm/highmem_32.c
> > index 58f621e..e52e1a9 100644
> > --- a/arch/x86/mm/highmem_32.c
> > +++ b/arch/x86/mm/highmem_32.c
> > @@ -31,6 +31,7 @@ void *kmap_atomic_prot(struct page *page, enum km_type type, pgprot_t prot)
> > {
> > enum fixed_addresses idx;
> > unsigned long vaddr;
> > + BUG_ON(!page);
> >
> > /* even !CONFIG_PREEMPT needs this, for in_atomic in do_page_fault */
> > pagefault_disable();
> > @@ -58,6 +59,9 @@ void kunmap_atomic(void *kvaddr, enum km_type type)
> > unsigned long vaddr = (unsigned long) kvaddr & PAGE_MASK;
> > enum fixed_addresses idx = type + KM_TYPE_NR*smp_processor_id();
> >
> > + if(!kvaddr)
> > + return;
> > +
>
> (Please run patches through scripts/checkpatch.pl before
> submission.)
>
> Also, what's the improvement here? Before the patch we'd crash on a
> NULL dereference ... after the patch we'd crash on a BUG_ON().
why it would be crash on BUG_ON()?
I motify it and test on my computer, it would not crash.
Best Regards,
Figo.zhang
>
> Furthermore, he kunmap_atomic() change is outright wrong - it will
> now allow NULL kunmaps, which can hide bugs in drivers.
>
> Ingo