LinuxLists.cc - Re: x86-cache-pollution-aware-__copy_from_user

2005-09-04 20:23:39

Subject: Re: x86-cache-pollution-aware-__copy_from_user_ll.patch added to -mm tree

On Sun, Sep 04, 2005 at 01:16:00PM -0700, Andrew Morton wrote:
> unsigned long __copy_to_user_ll(void __user *to, const void *from, unsigned long n)
> {
> BUG_ON((long) n < 0);

Ehh? It's unsigned. This will never be true.

> +unsigned long
> +__copy_from_user_ll_nocache(void *to, const void __user *from, unsigned long n)
> +{
> + BUG_ON((long)n < 0);

Ditto.

Dave

2005-09-04 21:44:14

by Andrew Morton

[permalink] [raw]

Subject: Re: x86-cache-pollution-aware-__copy_from_user_ll.patch added to -mm tree

Dave Jones <[email protected]> wrote:
>
> On Sun, Sep 04, 2005 at 01:16:00PM -0700, Andrew Morton wrote:
> > unsigned long __copy_to_user_ll(void __user *to, const void *from, unsigned long n)
> > {
> > BUG_ON((long) n < 0);
>
> Ehh? It's unsigned. This will never be true.

It's cast to long, so it'll trap if we try to copy >=2G.

It seems a strange thing to check though. Do we really need it?

2005-09-05 03:24:06

by Hiro Yoshioka

[permalink] [raw]

Subject: Re: x86-cache-pollution-aware-__copy_from_user_ll.patch added to -mm tree

From: Andrew Morton <[email protected]>

> Dave Jones <[email protected]> wrote:
> >
> > On Sun, Sep 04, 2005 at 01:16:00PM -0700, Andrew Morton wrote:
> > > unsigned long __copy_to_user_ll(void __user *to, const void *from, unsigned long n)
> > > {
> > > BUG_ON((long) n < 0);
> >
> > Ehh? It's unsigned. This will never be true.
>
> It's cast to long, so it'll trap if we try to copy >=2G.
>
> It seems a strange thing to check though. Do we really need it?

I don't know. I've just cut&paste the original __copy_from_user_ll()

Regards,
Hiro

2005-09-05 04:08:30

by David Miller

[permalink] [raw]

Subject: Re: x86-cache-pollution-aware-__copy_from_user_ll.patch added to -mm tree

From: Dave Jones <[email protected]>
Subject: Re: x86-cache-pollution-aware-__copy_from_user_ll.patch added to -mm tree
Date: Sun, 4 Sep 2005 16:23:33 -0400

> On Sun, Sep 04, 2005 at 01:16:00PM -0700, Andrew Morton wrote:
> > unsigned long __copy_to_user_ll(void __user *to, const void *from, unsigned long n)
> > {
> > BUG_ON((long) n < 0);
>
> Ehh? It's unsigned. This will never be true.

It's to catch the user slipping in enormous lengths to
the user copy routines.

Sparc64 makes this check as well. From U3memcpy.S:

srlx %o2, 31, %g2
cmp %g2, 0
tne %xcc, 5

%o2 is the length, we make sure the upper 33-bits are clear.

2005-09-05 04:14:51

by David Miller

[permalink] [raw]

Subject: Re: x86-cache-pollution-aware-__copy_from_user_ll.patch added to -mm tree

From: Andrew Morton <[email protected]>
Date: Sun, 4 Sep 2005 14:42:18 -0700

> It seems a strange thing to check though. Do we really need it?

Other platforms already do, it's a very good sanity check.