Chuck Lever <[email protected]> wrote:
>
> +/*
> + * Check:
> + * 1. All bytes in the user buffers are properly accessible
> + * 2. The resulting number of bytes won't overflow ssize_t
> + */
hm.
> +static ssize_t check_access_ok(int type, const struct iovec *iov, unsigned long nr_segs)
> +{
> + ssize_t count = 0;
> + ssize_t retval = -EINVAL;
> + unsigned long seg;
> +
> + for (seg = 0; seg < nr_segs; seg++) {
> + void __user *buf = iov[seg].iov_base;
> + ssize_t len = (ssize_t) iov[seg].iov_len;
> +
> + if (len < 0) /* size_t not fitting an ssize_t .. */
> + goto out;
do_readv_writev() already checked for negative iov_len, and that's the more
appropriate place to do it, rather than duplicating it in each filesystem
(or forgetting to!)
So is this check really needed?
> + if (unlikely(!access_ok(type, buf, len))) {
> + retval = -EFAULT;
> + goto out;
> + }
Now what's up here? Why does NFS, at this level, care about the page's
virtual address? get_user_pages() will handle that?
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
