On Tue, May 16, 2017 at 02:27:34PM +0200, Alexander Potapenko wrote: > It's possible that calling sendfile() to copy the data from a memfd to > itself may result in doing a memcpy() with overlapping arguments. > To avoid undefined behavior here, replace memcpy() with memmove() and > rename memcpy_to_page()/memcpy_from_page() accordingly.
Er... And what semantics would you assign to such sendfile()? I really want to see details, because it sounds like memmove() here will not be any more useful than memcpy() - you still can esily get odd behaviour.