All of lore.kernel.org
 help / color / mirror / Atom feed
* missing check in __get_user_pages
@ 2014-06-10 14:54 Dave Jones
  2014-06-10 15:34 ` Kirill A. Shutemov
  0 siblings, 1 reply; 2+ messages in thread
From: Dave Jones @ 2014-06-10 14:54 UTC (permalink / raw)
  To: linux-mm

coverity flagged this code in __get_user_pages

448                         if (is_vm_hugetlb_page(vma)) {
449                                 i = follow_hugetlb_page(mm, vma, pages, vmas,
450                                                 &start, &nr_pages, i,
451                                                 gup_flags);
452                                 continue;
453                         }

It seems unaware that follow_hugetlb_page can in some cases return -EFAULT.
I'm not sure if this is triggerable, but it looks dangerous.

	Dave

--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org.  For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>

^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: missing check in __get_user_pages
  2014-06-10 14:54 missing check in __get_user_pages Dave Jones
@ 2014-06-10 15:34 ` Kirill A. Shutemov
  0 siblings, 0 replies; 2+ messages in thread
From: Kirill A. Shutemov @ 2014-06-10 15:34 UTC (permalink / raw)
  To: Dave Jones; +Cc: linux-mm

On Tue, Jun 10, 2014 at 10:54:39AM -0400, Dave Jones wrote:
> coverity flagged this code in __get_user_pages
> 
> 448                         if (is_vm_hugetlb_page(vma)) {
> 449                                 i = follow_hugetlb_page(mm, vma, pages, vmas,
> 450                                                 &start, &nr_pages, i,
> 451                                                 gup_flags);
> 452                                 continue;
> 453                         }
> 
> It seems unaware that follow_hugetlb_page can in some cases return -EFAULT.
> I'm not sure if this is triggerable, but it looks dangerous.

Looks like follow_hugetlb_page() sets nr_pages to 0 in this case, and
__get_user_pages() can handle this correctly.

But, yes, it's ugly.

-- 
 Kirill A. Shutemov

--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org.  For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-06-10 15:34 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-06-10 14:54 missing check in __get_user_pages Dave Jones
2014-06-10 15:34 ` Kirill A. Shutemov

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.