On Tue, Aug 18, 2020 at 03:40:28PM +0200, Oleg Nesterov wrote: > On 08/18, Jann Horn wrote: > > > > + if (dump_interrupted()) > > + return 0; > > + n = __kernel_write(file, addr, nr, &pos); > > + if (n != nr) > > + return 0; > > + file->f_pos = pos; > > Just curious, can't we simply do > > __kernel_write(file, addr, nr, &file->f_pos); > > and avoid "loff_t pos" ? Bloody bad pattern; it would be (probably) safe in this case, but in general ->f_pos is shared data. Exposing it to fuckloads of ->write() instances is a bad idea - we had bugs like that. General rule: never pass an address of ->f_pos to anything, and limit access to it as much as possible.
