the copy_to_user() here expect can fix the fault on both kernel and user address, this is not true on other platforms except x86, change to user copy_in_user() so that can detect the page fault, work as expected.
Signed-off-by: yalin wang <yalin.wang2...@gmail.com> --- fs/proc/kcore.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/fs/proc/kcore.c b/fs/proc/kcore.c index 92e6726..4f28deb 100644 --- a/fs/proc/kcore.c +++ b/fs/proc/kcore.c @@ -515,8 +515,12 @@ read_kcore(struct file *file, char __user *buffer, size_t buflen, loff_t *fpos) } else { if (kern_addr_valid(start)) { unsigned long n; - - n = copy_to_user(buffer, (char *)start, tsz); + if ((start + tsz < tsz) || + (start + tsz) > TASK_SIZE) + return -EFAULT; + set_fs(KERNEL_DS); + n = copy_in_user(buffer, (char *)start, tsz); + set_fs(USER_DS); /* * We cannot distinguish between fault on source * and fault on destination. When this happens -- 1.9.1 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/