packages: kernel/kernel-small_fixes.patch - fix for http://seclists.org/bug...
arekm
arekm at pld-linux.org
Wed Oct 20 19:33:28 CEST 2010
Author: arekm Date: Wed Oct 20 17:33:28 2010 GMT
Module: packages Tag: HEAD
---- Log message:
- fix for http://seclists.org/bugtraq/2010/Oct/161
---- Files affected:
packages/kernel:
kernel-small_fixes.patch (1.9 -> 1.10)
---- Diffs:
================================================================
Index: packages/kernel/kernel-small_fixes.patch
diff -u packages/kernel/kernel-small_fixes.patch:1.9 packages/kernel/kernel-small_fixes.patch:1.10
--- packages/kernel/kernel-small_fixes.patch:1.9 Sun Mar 7 14:30:30 2010
+++ packages/kernel/kernel-small_fixes.patch Wed Oct 20 19:33:23 2010
@@ -77,3 +77,81 @@
#include "../../include/linux/license.h"
/* Some toolchains use a `_' prefix for all user symbols. */
+From 799c10559d60f159ab2232203f222f18fa3c4a5f Mon Sep 17 00:00:00 2001
+From: Linus Torvalds <torvalds at linux-foundation.org>
+Date: Fri, 15 Oct 2010 11:09:28 -0700
+Subject: [PATCH] De-pessimize rds_page_copy_user
+
+Don't try to "optimize" rds_page_copy_user() by using kmap_atomic() and
+the unsafe atomic user mode accessor functions. It's actually slower
+than the straightforward code on any reasonable modern CPU.
+
+Back when the code was written (although probably not by the time it was
+actually merged, though), 32-bit x86 may have been the dominant
+architecture. And there kmap_atomic() can be a lot faster than kmap()
+(unless you have very good locality, in which case the virtual address
+caching by kmap() can overcome all the downsides).
+
+But these days, x86-64 may not be more populous, but it's getting there
+(and if you care about performance, it's definitely already there -
+you'd have upgraded your CPU's already in the last few years). And on
+x86-64, the non-kmap_atomic() version is faster, simply because the code
+is simpler and doesn't have the "re-try page fault" case.
+
+People with old hardware are not likely to care about RDS anyway, and
+the optimization for the 32-bit case is simply buggy, since it doesn't
+verify the user addresses properly.
+
+Reported-by: Dan Rosenberg <drosenberg at vsecurity.com>
+Acked-by: Andrew Morton <akpm at linux-foundation.org>
+Cc: stable at kernel.org
+Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
+---
+ net/rds/page.c | 27 +++++++--------------------
+ 1 files changed, 7 insertions(+), 20 deletions(-)
+
+diff --git a/net/rds/page.c b/net/rds/page.c
+index 595a952..1dfbfea 100644
+--- a/net/rds/page.c
++++ b/net/rds/page.c
+@@ -57,30 +57,17 @@ int rds_page_copy_user(struct page *page, unsigned long offset,
+ unsigned long ret;
+ void *addr;
+
+- if (to_user)
++ addr = kmap(page);
++ if (to_user) {
+ rds_stats_add(s_copy_to_user, bytes);
+- else
++ ret = copy_to_user(ptr, addr + offset, bytes);
++ } else {
+ rds_stats_add(s_copy_from_user, bytes);
+-
+- addr = kmap_atomic(page, KM_USER0);
+- if (to_user)
+- ret = __copy_to_user_inatomic(ptr, addr + offset, bytes);
+- else
+- ret = __copy_from_user_inatomic(addr + offset, ptr, bytes);
+- kunmap_atomic(addr, KM_USER0);
+-
+- if (ret) {
+- addr = kmap(page);
+- if (to_user)
+- ret = copy_to_user(ptr, addr + offset, bytes);
+- else
+- ret = copy_from_user(addr + offset, ptr, bytes);
+- kunmap(page);
+- if (ret)
+- return -EFAULT;
++ ret = copy_from_user(addr + offset, ptr, bytes);
+ }
++ kunmap(page);
+
+- return 0;
++ return ret ? -EFAULT : 0;
+ }
+ EXPORT_SYMBOL_GPL(rds_page_copy_user);
+
+--
+1.7.3.1
+
================================================================
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/kernel/kernel-small_fixes.patch?r1=1.9&r2=1.10&f=u
More information about the pld-cvs-commit
mailing list