Re: don't let mmap allocate down to zero

[linux-os]

On Thu, 27 Jan 2005, William Lee Irwin III wrote:

> On Thu, 27 Jan 2005, William Lee Irwin III wrote:
> > > (b) sys_mremap() isn't covered.
>
> On Thu, Jan 27, 2005 at 03:58:12PM -0500, Rik van Riel wrote:
> > AFAICS it is covered.
> > > --- mm1-2.6.11-rc2.orig/mm/mremap.c	2005-01-26 00:26:43.000000000 -0800
> > > +++ mm1-2.6.11-rc2/mm/mremap.c	2005-01-27 12:34:34.000000000 -0800
> > > @@ -297,6 +297,8 @@
> > > 	if (flags & MREMAP_FIXED) {
> > > 		if (new_addr & ~PAGE_MASK)
> > > 			goto out;
> > > +		if (!new_addr)
> > > +			goto out;
> >
> > This looks broken, look at the MREMAP_FIXED part...
>
> The only way I can make sense of this is if you're trying to say that
> because the user is trying to pass in a fixed address, that 0 should
> then be permitted.
>
> The intention was to disallow vmas starting at 0 categorically. i.e. it
> is very intentional to deny the MREMAP_FIXED to 0 case of mremap().
> It was also the intention to deny the MAP_FIXED to 0 case of mmap(),
> though I didn't actually sweep that much (if at all).
>
>
> -- wli

No! Then you can't make a tool that will be able to look at
the entire x86 address-space! You end up with an offset that will
eventually wrap to zero which you are denying. You must leave
MAP_FIXED alone. Ignore the 'C' pedants, a pointer is properly
initialized if it points to a mapped address. It would be absurd
to have to make the CPU calculate the address at run-time just
because you thew some rocks in the way.

Cheers,
Dick Johnson
Penguin : Linux version 2.6.10 on an i686 machine (5537.79 BogoMips).
 Notice : All mail here is now cached for review by Dictator Bush.
                 98.36% of all statistics are fiction.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/