On Wed, Oct 23, 2019 at 08:05:49PM +0200, Thomas Gleixner wrote:
> Prevent this by checking the validity of the cea_exception_stack base
> address and bailing out if it is zero.
Could also initialise cea_exception_stack to -1? That would lead to it
being caught by ...
> end = begin + sizeof(struct cea_exception_stacks);
> /* Bail if @stack is outside the exception stack area. */
> if (stk < begin || stk >= end)
this existing check.
On Wed, Oct 23, 2019 at 11:31:40AM -0700, Matthew Wilcox wrote:
> On Wed, Oct 23, 2019 at 08:05:49PM +0200, Thomas Gleixner wrote:
> > Prevent this by checking the validity of the cea_exception_stack base
> > address and bailing out if it is zero.
>
> Could also initialise cea_exception_stack to -1? That would lead to it
> being caught by ...
>
> > end = begin + sizeof(struct cea_exception_stacks);
> > /* Bail if @stack is outside the exception stack area. */
> > if (stk < begin || stk >= end)
>
> this existing check.
As to me this would be a hack and fragile :/ In turn the current explicit
test Thomas made is a way more readable.
On Wed, 23 Oct 2019, Matthew Wilcox wrote:
> On Wed, Oct 23, 2019 at 08:05:49PM +0200, Thomas Gleixner wrote:
> > Prevent this by checking the validity of the cea_exception_stack base
> > address and bailing out if it is zero.
>
> Could also initialise cea_exception_stack to -1? That would lead to it
> being caught by ...
>
> > end = begin + sizeof(struct cea_exception_stacks);
> > /* Bail if @stack is outside the exception stack area. */
> > if (stk < begin || stk >= end)
>
> this existing check.
Yes thought about that, but then decided to do it in a readable way :)