Commit e61ef4a6 authored by Jeff Dike's avatar Jeff Dike Committed by Linus Torvalds

[PATCH] uml: Fix some usercopy confusion

This fixes a couple of copy-user problems spotted by Al Viro.

copy_sc_from_user_tt was doing a copy_from_user to do an in-kernel assignment.
 I commented this, at the request of Chris Wedgewood.  sys_ipc had a void
*__user ptr which should have been void __user *ptr.  Finally, there were a
couple of bogus __user annotations on unsigned longs, which were never going
to be passed into copy_user.
Signed-off-by: default avatarJeff Dike <jdike@addtoit.com>
Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent 22a5cf62
......@@ -108,6 +108,15 @@ int copy_sc_to_user_skas(struct sigcontext *to, struct _fpstate *to_fp,
#endif
#ifdef CONFIG_MODE_TT
/* These copy a sigcontext to/from userspace. They copy the fpstate pointer,
* blowing away the old, good one. So, that value is saved, and then restored
* after the sigcontext copy. In copy_from, the variable holding the saved
* fpstate pointer, and the sigcontext that it should be restored to are both
* in the kernel, so we can just restore using an assignment. In copy_to, the
* saved pointer is in the kernel, but the sigcontext is in userspace, so we
* copy_to_user it.
*/
int copy_sc_from_user_tt(struct sigcontext *to, struct sigcontext *from,
int fpsize)
{
......@@ -120,11 +129,9 @@ int copy_sc_from_user_tt(struct sigcontext *to, struct sigcontext *from,
sigs = to->oldmask;
err = copy_from_user(to, from, sizeof(*to));
to->oldmask = sigs;
if(to_fp != NULL){
err |= copy_from_user(&to->fpstate, &to_fp,
sizeof(to->fpstate));
to->fpstate = to_fp;
if(to_fp != NULL)
err |= copy_from_user(to_fp, from_fp, fpsize);
}
return(err);
}
......@@ -138,8 +145,7 @@ int copy_sc_to_user_tt(struct sigcontext *to, struct _fpstate *fp,
from_fp = from->fpstate;
err = copy_to_user(to, from, sizeof(*to));
if(from_fp != NULL){
err |= copy_to_user(&to->fpstate, &to_fp,
sizeof(to->fpstate));
err |= copy_to_user(&to->fpstate, &to_fp, sizeof(to->fpstate));
err |= copy_to_user(to_fp, from_fp, fpsize);
}
return(err);
......@@ -303,7 +309,7 @@ int setup_signal_stack_si(unsigned long stack_top, int sig,
long sys_sigreturn(struct pt_regs regs)
{
unsigned long __user sp = PT_REGS_SP(&current->thread.regs);
unsigned long sp = PT_REGS_SP(&current->thread.regs);
struct sigframe __user *frame = (struct sigframe *)(sp - 8);
sigset_t set;
struct sigcontext __user *sc = &frame->sc;
......
......@@ -88,7 +88,7 @@ long sys_clone(unsigned long clone_flags, unsigned long newsp,
* This is really horribly ugly.
*/
long sys_ipc (uint call, int first, int second,
int third, void *__user ptr, long fifth)
int third, void __user *ptr, long fifth)
{
int version, ret;
......
......@@ -237,7 +237,7 @@ int setup_signal_stack_si(unsigned long stack_top, int sig,
long sys_rt_sigreturn(struct pt_regs *regs)
{
unsigned long __user sp = PT_REGS_SP(&current->thread.regs);
unsigned long sp = PT_REGS_SP(&current->thread.regs);
struct rt_sigframe __user *frame =
(struct rt_sigframe __user *)(sp - 8);
struct ucontext __user *uc = &frame->uc;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment