Re: [PATCH] check user access ok writing /proc/irq/<pid>/smp_affinity

From: David Mosberger <>
Date: 2003-11-25 18:11:58
>>>>> On Mon, 24 Nov 2003 20:15:47 -0800, Paul Jackson <> said:

  Paul> David,
  Paul> Could you kindly apply the following patch?

  Paul> In arch/ia64/kernel/irq.c:irq_affinity_write_proc() there
  Paul> is an unchecked user access that examines writes to files
  Paul> /proc/irq/<pid>/smp_affinity for a leading character 'R',
  Paul> in order to trigger some interrupt redirect feature.

  Paul> You can oops the kernel easily, by issuing a write() system
  Paul> call to these files with a bogus address.

  Paul> Here's a patch against test10 to fix it:

I see the problem, but the patch is incomplete: even after an
access_ok()-check, you'll need to use __get_user() to access the
buffer.  Otherwise, the kernel will panic when accessing an unmapped
user-space address.  Can you update the patch and re-test?


To unsubscribe from this list: send the line "unsubscribe linux-ia64" in
the body of a message to
More majordomo info at
Received on Tue Nov 25 02:12:18 2003

This archive was generated by hypermail 2.1.8 : 2005-08-02 09:20:20 EST