Weekly Edition
Return to the Kernel page
| |||||||||||||
|
| |||||||||||||
Futex II: Copy-from-user can fail.
From: Rusty Russell <rusty@rustcorp.com.au>
To: torvalds@transmeta.com
Subject: [PATCH] Futex II: Copy-from-user can fail.
Date: Thu, 06 Jun 2002 17:02:19 +1000
Cc: linux-kernel@vger.kernel.org, frankeh@watson.ibm.com
OK, so AFAICT copy_from_user can fail, so shouldn't BUG.
Name: Copy-from-user FUTEX bugfix
Author: Rusty Russell
Status: Tested on 2.5.20
D: This patch handles the case where copy_from_user fails (it could
D: have been unmapped from this address space by another thread).
diff -urN -I \$.*\$ --exclude TAGS -X /home/rusty/devel/kernel/kernel-patches/current-dontdiff --minimal linux-2.5.20.18383/kernel/futex.c linux-2.5.20.18383.updated/kernel/futex.c
--- linux-2.5.20.18383/kernel/futex.c Sat May 25 14:35:00 2002
+++ linux-2.5.20.18383.updated/kernel/futex.c Wed Jun 5 19:00:47 2002
@@ -155,13 +155,14 @@
set_current_state(TASK_INTERRUPTIBLE);
queue_me(head, &q, page, offset);
- /* Page is pinned, can't fail */
- if (get_user(curval, uaddr) != 0)
- BUG();
+ /* Page is pinned, but may no longer be in this address space. */
+ if (get_user(curval, uaddr) != 0) {
+ ret = -EFAULT;
+ goto out;
+ }
if (curval != val) {
ret = -EWOULDBLOCK;
- set_current_state(TASK_RUNNING);
goto out;
}
time = schedule_timeout(time);
@@ -174,6 +175,7 @@
goto out;
}
out:
+ set_current_state(TASK_RUNNING);
/* Were we woken up anyway? */
if (!unqueue_me(&q))
return 0;
--
Anyone who quotes me in their sig is an idiot. -- Rusty Russell.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
|
|
||||||||||||