Re: [PATCH] x86 page fault handler not interrupt safe

Brian Gerst (bgerst@didntduck.org)
Mon, 07 May 2001 15:54:17 -0400


Linus Torvalds wrote:
>
> On Mon, 7 May 2001, Alan Cox wrote:
> >
> > That is nice. I hadn't thought about doing it that way. It still has the problem
> > if %cr2 is corrupted by a vmalloc fault but it cleans up my other code paths
> > nicely.
>
> See about "corruption" in previous email. It doesn't exist.
>
> For better debugging, we should probably walk the whole init_mm page table
> tree when we take the fault, so this patch does that too: it
> unconditionally copies the init_mm page table entries into the current
> page table, while at the same time checking that they exist (including the
> very last level that we didn't use to check at all).
>
> This means that if you access one page past a vmalloc'ed area, you will
> get a nice oops instead of endless page faults that will fix up the page
> tables with mappings that already exist.

This patch will still cause the user process to seg fault: The error
code on the stack will not match the address in %cr2.

user fault (cr2=useraddr, error_code=5 or 7)
interrupt
vmalloc fault (cr2=vmallocaddr, error_code=0 or 2)
handle vmalloc fault
iret
iret
handle user fault (cr2=vmallocaddr, error_code=5 or 7)

We then fall down to find_vma() which will fail and then send SIGSEGV to
the user process.

--

Brian Gerst - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/