On 04/10/2011 04:58 PM, Sergei Trofimovich wrote:
On Sun, 10 Apr 2011 23:24:03 +0300
Sergei Trofimovich<sly...@gmail.com> wrote:
Fix data corruption caused by memcpy() usage on overlapping data.
I've observed it first when found out usermode linux crash on btrfs.
Changes since v1:
else
src_kaddr = dst_kaddr;
+ BUG_ON(abs(src_off - dst_off)< len);
memcpy(dst_kaddr + dst_off, src_kaddr + src_off, len);
Too eager BUG_ON. Now used only for src_page == dst_page.
- if (dst_offset< src_offset) {
+ if (abs(dst_offset - src_offset)>= len) {
abs() is not a good thing to use un unsigned values. aded helper
overlapping_areas.
Very nice catch, one nit
if (dst_page != src_page)
src_kaddr = kmap_atomic(src_page, KM_USER1);
else
+ {
src_kaddr = dst_kaddr;
+ BUG_ON(areas_overlap(src_off, dst_off, len));
+ }
you will want to turn that into
if (dst_page != src_page) {
src_kaddr = kmap_atomic(src_page, KM_USER1);
} else {
src_kaddr = dst_kaddr;
BUG_ON(areas_overlap(src_off, dst_off, len));
}
Also maybe BUG_ON() is a little strong, since the kernel will do this
right, it just screws up UML. So maybe just do a WARN_ON() so we notice
it. Thanks,
Josef
--
To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html