From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 26938 invoked by alias); 4 Mar 2013 17:54:38 -0000 Received: (qmail 26382 invoked by uid 48); 4 Mar 2013 17:53:59 -0000 From: "dsmith at redhat dot com" To: systemtap@sourceware.org Subject: [Bug tapsets/15219] syscall.exp failures on RHEL5, RHEL6, and rawhide Date: Mon, 04 Mar 2013 17:54:00 -0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: systemtap X-Bugzilla-Component: tapsets X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: dsmith at redhat dot com X-Bugzilla-Status: NEW X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: systemtap at sourceware dot org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated Content-Type: text/plain; charset="UTF-8" MIME-Version: 1.0 Mailing-List: contact systemtap-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: systemtap-owner@sourceware.org X-SW-Source: 2013-q1/txt/msg00206.txt.bz2 http://sourceware.org/bugzilla/show_bug.cgi?id=15219 --- Comment #1 from David Smith 2013-03-04 17:53:58 UTC --- Here's compat_sys_timer_settime() from kernel/compat.c. Notice it converts the 'struct compat_itimerspec' to a 'struct itimerspec' (which is in kernel memory), calls 'set_fs(KERENL_DS), then calls the real syscall function, 'sys_timer_settime()'. ==== long compat_sys_timer_settime(timer_t timer_id, int flags, struct compat_itimerspec __user *new, struct compat_itimerspec __user *old) { long err; mm_segment_t oldfs; struct itimerspec newts, oldts; if (!new) return -EINVAL; if (get_compat_itimerspec(&newts, new)) return -EFAULT; oldfs = get_fs(); set_fs(KERNEL_DS); err = sys_timer_settime(timer_id, flags, (struct itimerspec __user *) &newts, (struct itimerspec __user *) &oldts); set_fs(oldfs); if (!err && old && put_compat_itimerspec(old, &oldts)) return -EFAULT; return err; } ==== Here's our '_stp_copy_from_user()'. Notice we explicitly call 'set_fs(USER_DS)', which just overrode compat_sys_timer_settime() setting. ==== static unsigned long _stp_copy_from_user(char *dst, const char __user *src, unsigned long count) { if (count) { mm_segment_t _oldfs = get_fs(); set_fs(USER_DS); pagefault_disable(); if (access_ok(VERIFY_READ, src, count)) count = __copy_from_user_inatomic(dst, src, count); else memset(dst, 0, count); pagefault_enable(); set_fs(_oldfs); } return count; } ==== I'm thinking we should no longer change the kernel's idea of what memory space to use in _stp_copy_from_user(). -- Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.