Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1760927AbZCWVUl (ORCPT ); Mon, 23 Mar 2009 17:20:41 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1760831AbZCWVUa (ORCPT ); Mon, 23 Mar 2009 17:20:30 -0400 Received: from iolanthe.rowland.org ([192.131.102.54]:43158 "HELO iolanthe.rowland.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with SMTP id S1758428AbZCWVU3 (ORCPT ); Mon, 23 Mar 2009 17:20:29 -0400 Date: Mon, 23 Mar 2009 17:20:27 -0400 (EDT) From: Alan Stern X-X-Sender: stern@iolanthe.rowland.org To: "K.Prasad" cc: Ingo Molnar , Linux Kernel Mailing List , Andrew Morton , Benjamin Herrenschmidt , Frederic Weisbecker , Maneesh Soni , Roland McGrath , Steven Rostedt Subject: Re: [Patch 01/11] Introducing generic hardware breakpoint handler interfaces In-Reply-To: <20090323204220.GA19602@in.ibm.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1601 Lines: 50 On Tue, 24 Mar 2009, K.Prasad wrote: > > Isn't that exactly the check you need to implement? > > > > addr >= TASK_SIZE && (addr + len) >= TASK_SIZE, > > > > or perhaps better, > > > > addr >= TASK_SIZE && (addr + len) >= addr. > > > > In this case you _do_ know the length of the breakpoint. > > > > Alan Stern > > > > Aren't we just checking if len is a positive number through the above > checks? The validation checks in the patchset should take care of > negative lengths. Or am I missing something? Well, 0x60000000 is a positive number, and 0xd0000000 is >= TASK_SIZE. But their sum is 0x30000000, which lies in userspace. In other words, you are missing the possibility that the addition might overflow and wrap around. > I thought you wanted the code to check for an upper sane limit for addr > in kernel-space, say something like this: > > TASK_SIZE <= addr <= (Upper limit for Kernel Virtual Address) No, the test should be TASK_SIZE <= addr <= addr + (len-1) <= (Upper limit for Kernel VA) By the way, is TASK_SIZE the correct lower bound for kernel virtual addresses on x86-64? > When I referred to 'len' in my previous mail, it meant the length > of the kernel virtual memory area (which can be used to find the upper > bound). Oh, sorry, I misunderstood. Isn't that limit always 0xffffffff on x86-32? Alan Stern -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/