Re: [PATCH] Fix out-by-one error in traps.c

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


On Fri, 31 Aug 2007, Rusty Russell wrote:
>
> We don't care if ebp is on the stack, we care about ebp + 4.  Without
> this, lguest (with CONFIG_DEBUG_LOCKDEP) can touch a page unmapped by
> CONFIG_DEBUG_PAGEALLOC.

Hmm.. This *really* cannot happen with a normal kernel - it implies that 
the stack has crossed into an invalid page. 

Why is that allowed with lguest? What kind of code could validly *ever* 
come in here and cause problems?

I'm getting the nervous feeling that lguest is really doing things that 
shouldn't be done, or is using normal kernel functions in ways that they 
should not be used. 

In other words, yes, we load off "ebp+4", but I really don't see it being 
a valid situation wher ebp itself isn't also a valid stack frame. The 
stack is not sized for "off-by-one" errors - we're supposed to always have 
plenty of stack space free, and if you care about "off-by-one", you're not 
just living on the edge, you're way beyond it!

IOW, please explain why/how lguest ever triggers a case where this would 
possibly matter!

		Linus
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux