On Thu, Dec 14, 2017 at 2:24 PM, Peter Zijlstra <peterz@xxxxxxxxxxxxx> wrote:
>
> get_user_pages_fast() (both of them) do indeed test access_ok(), but the
> regular get_user_pages() does not, I suspect because it can operate on a
> foreign mm.
That sounds wrong.
We actually had some very serious reasons why get_user_pages_fast()
needed to check access_ok().
I happen to forget what those reasons were, though.
My mind may be going.
But I think it was something like "you could walk off the page tables
because the undefined address range generates nonsensical values for
the pgd_offset() functions" etc.
But maybe the regular get_user_pages() has some other way to protect
against that.
Linus
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>
