diff options
Diffstat (limited to '01-compat-make-compat_alloc_user_space-incorporate-the-access_ok-check.patch')
-rw-r--r-- | 01-compat-make-compat_alloc_user_space-incorporate-the-access_ok-check.patch | 198 |
1 files changed, 0 insertions, 198 deletions
diff --git a/01-compat-make-compat_alloc_user_space-incorporate-the-access_ok-check.patch b/01-compat-make-compat_alloc_user_space-incorporate-the-access_ok-check.patch deleted file mode 100644 index 2053e03..0000000 --- a/01-compat-make-compat_alloc_user_space-incorporate-the-access_ok-check.patch +++ /dev/null @@ -1,198 +0,0 @@ -From f45716729488bd8263b06e7d672c8ff8f2ded8b7 Mon Sep 17 00:00:00 2001 -From: H. Peter Anvin <hpa@linux.intel.com> -Date: Tue, 7 Sep 2010 16:16:18 -0700 -Subject: [PATCH 1/4] compat: Make compat_alloc_user_space() incorporate the access_ok() - -compat_alloc_user_space() expects the caller to independently call -access_ok() to verify the returned area. A missing call could -introduce problems on some architectures. - -This patch incorporates the access_ok() check into -compat_alloc_user_space() and also adds a sanity check on the length. -The existing compat_alloc_user_space() implementations are renamed -arch_compat_alloc_user_space() and are used as part of the -implementation of the new global function. - -This patch assumes NULL will cause __get_user()/__put_user() to either -fail or access userspace on all architectures. This should be -followed by checking the return value of compat_access_user_space() -for NULL in the callers, at which time the access_ok() in the callers -can also be removed. - -Reported-by: Ben Hawkes <hawkes@sota.gen.nz> -Signed-off-by: H. Peter Anvin <hpa@linux.intel.com> -Acked-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> -Acked-by: Chris Metcalf <cmetcalf@tilera.com> -Acked-by: David S. Miller <davem@davemloft.net> -Acked-by: Ingo Molnar <mingo@elte.hu> -Acked-by: Thomas Gleixner <tglx@linutronix.de> -Acked-by: Tony Luck <tony.luck@intel.com> -Cc: Andrew Morton <akpm@linux-foundation.org> -Cc: Arnd Bergmann <arnd@arndb.de> -Cc: Fenghua Yu <fenghua.yu@intel.com> -Cc: H. Peter Anvin <hpa@zytor.com> -Cc: Heiko Carstens <heiko.carstens@de.ibm.com> -Cc: Helge Deller <deller@gmx.de> -Cc: James Bottomley <jejb@parisc-linux.org> -Cc: Kyle McMartin <kyle@mcmartin.ca> -Cc: Martin Schwidefsky <schwidefsky@de.ibm.com> -Cc: Paul Mackerras <paulus@samba.org> -Cc: Ralf Baechle <ralf@linux-mips.org> -Cc: <stable@kernel.org> ---- - - [ edited to fix build on 2.6.32 ] - - arch/ia64/include/asm/compat.h | 2 +- - arch/mips/include/asm/compat.h | 2 +- - arch/parisc/include/asm/compat.h | 2 +- - arch/powerpc/include/asm/compat.h | 2 +- - arch/s390/include/asm/compat.h | 2 +- - arch/sparc/include/asm/compat.h | 2 +- - arch/x86/include/asm/compat.h | 2 +- - include/linux/compat.h | 2 ++ - kernel/compat.c | 22 +++++++++++++++++++++ - 9 files changed, 30 insertions(+), 7 deletions(-) - -diff --git a/arch/ia64/include/asm/compat.h b/arch/ia64/include/asm/compat.h -index dfcf75b..c8662cd 100644 ---- a/arch/ia64/include/asm/compat.h -+++ b/arch/ia64/include/asm/compat.h -@@ -198,7 +198,7 @@ ptr_to_compat(void __user *uptr) - } - - static __inline__ void __user * --compat_alloc_user_space (long len) -+arch_compat_alloc_user_space (long len) - { - struct pt_regs *regs = task_pt_regs(current); - return (void __user *) (((regs->r12 & 0xffffffff) & -16) - len); -diff --git a/arch/mips/include/asm/compat.h b/arch/mips/include/asm/compat.h -index f58aed3..27505bd 100644 ---- a/arch/mips/include/asm/compat.h -+++ b/arch/mips/include/asm/compat.h -@@ -144,7 +144,7 @@ static inline compat_uptr_t ptr_to_compat(void __user *uptr) - return (u32)(unsigned long)uptr; - } - --static inline void __user *compat_alloc_user_space(long len) -+static inline void __user *arch_compat_alloc_user_space(long len) - { - struct pt_regs *regs = (struct pt_regs *) - ((unsigned long) current_thread_info() + THREAD_SIZE - 32) - 1; -diff --git a/arch/parisc/include/asm/compat.h b/arch/parisc/include/asm/compat.h -index 7f32611..7c77fa9 100644 ---- a/arch/parisc/include/asm/compat.h -+++ b/arch/parisc/include/asm/compat.h -@@ -146,7 +146,7 @@ static inline compat_uptr_t ptr_to_compat(void __user *uptr) - return (u32)(unsigned long)uptr; - } - --static __inline__ void __user *compat_alloc_user_space(long len) -+static __inline__ void __user *arch_compat_alloc_user_space(long len) - { - struct pt_regs *regs = ¤t->thread.regs; - return (void __user *)regs->gr[30]; -diff --git a/arch/powerpc/include/asm/compat.h b/arch/powerpc/include/asm/compat.h -index 4774c2f..8d0fff3 100644 ---- a/arch/powerpc/include/asm/compat.h -+++ b/arch/powerpc/include/asm/compat.h -@@ -133,7 +133,7 @@ static inline compat_uptr_t ptr_to_compat(void __user *uptr) - return (u32)(unsigned long)uptr; - } - --static inline void __user *compat_alloc_user_space(long len) -+static inline void __user *arch_compat_alloc_user_space(long len) - { - struct pt_regs *regs = current->thread.regs; - unsigned long usp = regs->gpr[1]; -diff --git a/arch/s390/include/asm/compat.h b/arch/s390/include/asm/compat.h -index 01a0802..0c940d3 100644 ---- a/arch/s390/include/asm/compat.h -+++ b/arch/s390/include/asm/compat.h -@@ -180,7 +180,7 @@ static inline int is_compat_task(void) - - #endif - --static inline void __user *compat_alloc_user_space(long len) -+static inline void __user *arch_compat_alloc_user_space(long len) - { - unsigned long stack; - -diff --git a/arch/sparc/include/asm/compat.h b/arch/sparc/include/asm/compat.h -index 0e70625..612bb38 100644 ---- a/arch/sparc/include/asm/compat.h -+++ b/arch/sparc/include/asm/compat.h -@@ -166,7 +166,7 @@ static inline compat_uptr_t ptr_to_compat(void __user *uptr) - return (u32)(unsigned long)uptr; - } - --static inline void __user *compat_alloc_user_space(long len) -+static inline void __user *arch_compat_alloc_user_space(long len) - { - struct pt_regs *regs = current_thread_info()->kregs; - unsigned long usp = regs->u_regs[UREG_I6]; -diff --git a/arch/x86/include/asm/compat.h b/arch/x86/include/asm/compat.h -index 9a9c7bd..c8c9a74 100644 ---- a/arch/x86/include/asm/compat.h -+++ b/arch/x86/include/asm/compat.h -@@ -204,7 +204,7 @@ static inline compat_uptr_t ptr_to_compat(void __user *uptr) - return (u32)(unsigned long)uptr; - } - --static inline void __user *compat_alloc_user_space(long len) -+static inline void __user *arch_compat_alloc_user_space(long len) - { - struct pt_regs *regs = task_pt_regs(current); - return (void __user *)regs->sp - len; -diff --git a/include/linux/compat.h b/include/linux/compat.h -index af931ee..cab23f2 100644 ---- a/include/linux/compat.h -+++ b/include/linux/compat.h -@@ -309,5 +309,7 @@ asmlinkage long compat_sys_newfstatat(unsigned int dfd, char __user * filename, - asmlinkage long compat_sys_openat(unsigned int dfd, const char __user *filename, - int flags, int mode); - -+extern void __user *compat_alloc_user_space(unsigned long len); -+ - #endif /* CONFIG_COMPAT */ - #endif /* _LINUX_COMPAT_H */ -diff a/kernel/compat.c b/kernel/compat.c ---- a/kernel/compat.c -+++ b/kernel/compat.c -@@ -13,6 +13,7 @@ - - #include <linux/linkage.h> - #include <linux/compat.h> -+#include <linux/module.h> - #include <linux/errno.h> - #include <linux/time.h> - #include <linux/signal.h> -@@ -1137,3 +1137,24 @@ compat_sys_sysinfo(struct compat_sysinfo __user *info) - - return 0; - } -+ -+/* -+ * Allocate user-space memory for the duration of a single system call, -+ * in order to marshall parameters inside a compat thunk. -+ */ -+void __user *compat_alloc_user_space(unsigned long len) -+{ -+ void __user *ptr; -+ -+ /* If len would occupy more than half of the entire compat space... */ -+ if (unlikely(len > (((compat_uptr_t)~0) >> 1))) -+ return NULL; -+ -+ ptr = arch_compat_alloc_user_space(len); -+ -+ if (unlikely(!access_ok(VERIFY_WRITE, ptr, len))) -+ return NULL; -+ -+ return ptr; -+} -+EXPORT_SYMBOL_GPL(compat_alloc_user_space); --- -1.7.2.3 - |