On Fri, Mar 02, 2018 at 12:43:34PM -0500, Pedro Giffuni wrote: > (cc in Eitan as he may be interested in the extra restrict cases) > > > On 02/03/2018 11:47, Konstantin Belousov wrote: > > Author: kib > > Date: Fri Mar 2 16:47:02 2018 > > New Revision: 330285 > > URL: https://svnweb.freebsd.org/changeset/base/330285 > > > > Log: > > Remove _Nonnull attributes from user addresses arguments for > > copyout(9) family. > > > > The addresses are user-controllable, and if the process ABI allows > > mapping at zero, then the zero address is meaningful, contradicting > > the definition of _Nonnull. In any case, it does not require any > > special code to handle NULL udaddr. > > > > FWIW, the _Nonnull attributes didn't do much at all beyond producing a > warning. > They replaced the GNU __nonnull() attributes which were much more dangerous. > I am OK with seeing both gone here though.
Even if the process ABI doesn't allow mapping at NULL, we have code that depends on copyout(NULL, foo, 0) being a nop. -- Brooks
signature.asc
Description: PGP signature