On Wednesday 04 January 2006 01:43, Eric Dumazet wrote:
> And I would like to pinpoint that set_fd_set() implementation seems *buggy*
> :
>
> It should not use __copy_to_user() but the real one (copy_to_user())
> because the calling thread could have slept in do_select() and another
> thread played mm games during this sleep.
__ only skips the access_ok which checks the kernel/user boundary, and the
kernel/user boundary doesn't change even while sleeping.
On very early 386s it did something more to work around a CPU bug, but that is
racy on multithreaded processes in any case. Not really worth caring about.
Also I doubt any such machines are left in working condition. That old
workaround code could be probably safely removed by now.
-Andi
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
