On Wed, Nov 12, 2014 at 02:53:52PM -0800, Dave Hansen wrote:
> We shouldn't simply error out when we get short copy_from_user*()
> results from userspace (like intel_pmu_pebs_fixup_ip() does
> currently). It is perfectly valid to be executing an instruction
> within MAX_INSN_SIZE bytes of an unreadable page. We should be
> able to gracefully handle short reads in those cases.
> diff -puN
> arch/x86/kernel/cpu/perf_event_intel_ds.c~x86-insn-decoder-remove-arbitrary-limit
> arch/x86/kernel/cpu/perf_event_intel_ds.c
> ---
> a/arch/x86/kernel/cpu/perf_event_intel_ds.c~x86-insn-decoder-remove-arbitrary-limit
> 2014-11-12 12:45:52.954753152 -0800
> +++ b/arch/x86/kernel/cpu/perf_event_intel_ds.c 2014-11-12
> 12:45:52.970753874 -0800
> @@ -758,11 +759,12 @@ static int intel_pmu_pebs_fixup_ip(struc
> return 1;
> }
>
> + size = ip - to;
> if (!kernel_ip(ip)) {
> - int size, bytes;
> + int bytes;
> u8 *buf = this_cpu_read(insn_buffer);
>
> - size = ip - to; /* Must fit our buffer, see above */
> + /* 'size' must fit our buffer, see above */
> bytes = copy_from_user_nmi(buf, (void __user *)to, size);
> if (bytes != 0)
> return 0;
Right, so we should better deal with short copies there. Should be
doable.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
