Re: [PATCH] server: Add API to protect access to an SHM buffer

2013-11-12 Thread Kristian Høgsberg
On Tue, Oct 01, 2013 at 12:51:29AM +0100, Neil Roberts wrote: > Linux will let you mmap a region of a file that is larger than the > size of the file. If you then try to read from that region the process > will get a SIGBUS signal. Currently the clients can use this to crash > a compositor because

Re: [PATCH] server: Add API to protect access to an SHM buffer

2013-10-04 Thread Jason Ekstrand
Neil, While I think this patch will work in the single-threaded case, I'm not a big fan of the api for two reasons: 1) without doing thread-local things it is inherently single-threaded. (This is obviously not an issue for Weston, but requiring all shm buffer reads to be on the Wayland fd thread co

Re: [PATCH] server: Add API to protect access to an SHM buffer

2013-10-02 Thread José Bollo
On dt, 2013-10-01 at 13:50 +0100, Neil Roberts wrote: > Hi > > José Bollo writes: > > > That is a really interesting point. > > I have two questions about it: > > - Is it normal that the client trucates the buffer? Is your patch > >designed to allow normal operations? or to allow forbiden u

Re: [PATCH] server: Add API to protect access to an SHM buffer

2013-10-01 Thread Bill Spitzak
Is changing the signal handler rapidly wasteful? It seems annoying to have this overhead to fix this problem. Could the signal handler *always* be replaced, and just have a (per thread?) flag that is turned on/off indicating how it can behave. Or could there be a zero-cost method: the signal h

Re: [PATCH] server: Add API to protect access to an SHM buffer

2013-10-01 Thread Neil Roberts
Hi José Bollo writes: > That is a really interesting point. > I have two questions about it: > - Is it normal that the client trucates the buffer? Is your patch >designed to allow normal operations? or to allow forbiden uses? > - If it is not "normal", is there good reasons to continue to

Re: [PATCH] server: Add API to protect access to an SHM buffer

2013-10-01 Thread José Bollo
That is a really interesting point. I have two questions about it: - Is it normal that the client trucates the buffer? Is your patch designed to allow normal operations? or to allow forbiden uses? - If it is not "normal", is there good reasons to continue to serve a nasty client? Just curi

[PATCH] server: Add API to protect access to an SHM buffer

2013-09-30 Thread Neil Roberts
Linux will let you mmap a region of a file that is larger than the size of the file. If you then try to read from that region the process will get a SIGBUS signal. Currently the clients can use this to crash a compositor because it can create a pool and lie about the size of the file which will cau