Commit 5cdec2d8 authored Dec 12, 2013 by Linus Torvalds

futex: move user address verification up to common code



When debugging the read-only hugepage case, I was confused by the fact
that get_futex_key() did an access_ok() only for the non-shared futex
case, since the user address checking really isn't in any way specific
to the private key handling.

Now, it turns out that the shared key handling does effectively do the
equivalent checks inside get_user_pages_fast() (it doesn't actually
check the address range on x86, but does check the page protections for
being a user page).  So it wasn't actually a bug, but the fact that we
treat the address differently for private and shared futexes threw me
for a loop.

Just move the check up, so that it gets done for both cases.  Also, use
the 'rw' parameter for the type, even if it doesn't actually matter any
more (it's a historical artifact of the old racy i386 "page faults from
kernel space don't check write protections").

Cc: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

parent f12d5bfc

kernel/futex.c

+3 −2

Original line number	Diff line number	Diff line
		@@ -251,6 +251,9 @@ get_futex_key(u32 __user uaddr, int fshared, union futex_key key, int rw)
		return -EINVAL;
		address -= key->both.offset;

		if (unlikely(!access_ok(rw, uaddr, sizeof(u32))))
		return -EFAULT;

		/*
		* PROCESS_PRIVATE futexes are fast.
		* As the mm cannot disappear under us and the 'key' only needs
		@@ -259,8 +262,6 @@ get_futex_key(u32 __user uaddr, int fshared, union futex_key key, int rw)
		* but access_ok() should be faster than find_vma()
		*/
		if (!fshared) {
		if (unlikely(!access_ok(VERIFY_WRITE, uaddr, sizeof(u32))))
		return -EFAULT;
		key->private.mm = mm;
		key->private.address = address;
		get_futex_key_refs(key);

Admin message