| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4858295D.8000904@firstfloor.org> Date: Tue, 17 Jun 2008 23:15:09 +0200 From: Andi Kleen <andi@...stfloor.org> To: Linus Torvalds <torvalds@...ux-foundation.org> CC: Bron Gondwana <brong@...tmail.fm>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Nick Piggin <npiggin@...e.de>, Andrew Morton <akpm@...ux-foundation.org>, Rob Mueller <robm@...tmail.fm>, Ingo Molnar <mingo@...e.hu> Subject: Re: BUG: mmapfile/writev spurious zero bytes (x86_64/not i386, bisected, reproducable) Linus Torvalds wrote: > > On Tue, 17 Jun 2008, Linus Torvalds wrote: >> I actually am starting to think that the bug is in >> __copy_to_user_inatomic_nocache(). > > Confirmed. > > The uncached user copies are totally broken. The number of bytes left > uncopied is simply wrong, because of how it does that unrolled loop and > doesn't account for the fact that just doing loads does not actually > increase the number of bytes copied at all. How can a load fault legitimately in copy_to_user? -Andi -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists