ctx64 is not initiated in sys32_io_setup

[Zhang, Yanmin]

Kernel 2.6.9-rc3-mm3 has a bug in function sys32_io_setup in file
arch/x86_64/ia32/sys_ia32.c. Local variable ctx64 is not initiated
before sys32_io_setup calls sys_io_setup. If ctx64 is not zero, and
sys_io_setup will return -EINVAL. Generic function compat_sys_io_setup
has not the bug. 

Here is the patch against 2.6.9-rc3-mm3. Just use compat_sys_io_setup to
replace sys32_io_setup.

Signed-of-by: Zhang Yanmin <yanmin.zhang@xxxxxxxxx>

diff -Nraup a/arch/x86_64/ia32/ia32entry.S
b/arch/x86_64/ia32/ia32entry.S
--- a/arch/x86_64/ia32/ia32entry.S	2004-10-08 12:09:03.000000000
+0800
+++ b/arch/x86_64/ia32/ia32entry.S	2004-10-10 18:59:38.295452840
+0800
@@ -547,7 +547,7 @@ ia32_sys_call_table:
 	.quad compat_sys_sched_getaffinity
 	.quad sys32_set_thread_area
 	.quad sys32_get_thread_area
-	.quad sys32_io_setup		/* 245 */
+	.quad compat_sys_io_setup	/* 245 */
 	.quad sys_io_destroy
 	.quad sys32_io_getevents
 	.quad sys32_io_submit
diff -Nraup a/arch/x86_64/ia32/sys_ia32.c b/arch/x86_64/ia32/sys_ia32.c
--- a/arch/x86_64/ia32/sys_ia32.c	2004-10-08 12:09:03.000000000
+0800
+++ b/arch/x86_64/ia32/sys_ia32.c	2004-10-10 18:59:38.296452688
+0800
@@ -1185,21 +1185,6 @@ long sys32_kill(int pid, int sig)
 {
 	return sys_kill(pid, sig);
 }
- 
-
-long sys32_io_setup(unsigned nr_reqs, u32 __user *ctx32p)
-{ 
-	long ret; 
-	aio_context_t ctx64;
-	mm_segment_t oldfs = get_fs(); 	
-	set_fs(KERNEL_DS); 
-	ret = sys_io_setup(nr_reqs, &ctx64); 
-	set_fs(oldfs); 
-	/* truncating is ok because it's a user address */
-	if (!ret) 
-		ret = put_user((u32)ctx64, ctx32p);
-	return ret;
-} 
 
 asmlinkage long sys32_io_submit(aio_context_t ctx_id, int nr,
 		   compat_uptr_t __user *iocbpp)


 <<sys32_io_setup_initiate.2.6.9.rc3.mm3.patch.diff>>

Attachment: sys32_io_setup_initiate.2.6.9.rc3.mm3.patch.diff
Description: sys32_io_setup_initiate.2.6.9.rc3.mm3.patch.diff