This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug runtime/6697] need more access_ok() checks in runtime/tapsets


------- Additional Comments From mhiramat at redhat dot com  2008-06-25 20:04 -------
on ia64, access_ok() is defined as below:

#define __access_ok(addr, size, segment)                                       
        \
({                                                                             
        \
        __chk_user_ptr(addr);                                                  
        \
        (likely((unsigned long) (addr) <= (segment).seg)                       
        \
         && ((segment).seg == KERNEL_DS.seg                                    
        \
             || likely(REGION_OFFSET((unsigned long) (addr)) < RGN_MAP_LIMIT)));
       \
})
#define access_ok(type, addr, size)     __access_ok((addr), (size), get_fs())

and KERNEL_DS.seg = 0xffffffffffffffff

This means, if we set segment=KERNEL_DS, access_ok() always returns 1. :-(

-- 


http://sourceware.org/bugzilla/show_bug.cgi?id=6697

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]