On Fri, Nov 6, 2015 at 12:49 PM, Linus Torvalds
<torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
>
> And some "handle_mm_fault would BUG_ON()" comment is just bogus. It's
> not handle_mm_fault()'s case that you called it without checking
> proper permissions.
Side note: as to why handle_mm_fault() doesn't just do things itself,
there's a historical situation where we used to let people do things
in ptrace() that they couldn't do directly, and punch through
protections (and turn shared read-only pages into a dirty private
page).
So the permissions checking was up to the caller, because some callers
could do things that other callers could not.
I *think* we have gotten rid of all those cases, and I guess we could
consider just making handle_mm_fault() itself stricter. But that's the
historical background on why callers need to check this.
Adding linux-mm to the cc, to see if anybody there has some comments
wrt just moving all the EFAULT handling into handle_mm_fault() and
relaxing the caller requirements.
Linus
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html