[PATCH 4.7 176/184] openrisc: fix copy_from_user()

From: Greg Kroah-Hartman
Date: Thu Sep 22 2016 - 13:50:12 EST

Next message: Greg Kroah-Hartman: "[PATCH 4.7 180/184] ppc32: fix copy_from_user()"
Previous message: Greg Kroah-Hartman: "[PATCH 4.7 172/184] asm-generic: make copy_from_user() zero the destination properly"
In reply to: Greg Kroah-Hartman: "[PATCH 4.7 172/184] asm-generic: make copy_from_user() zero the destination properly"
Next in thread: Greg Kroah-Hartman: "[PATCH 4.7 180/184] ppc32: fix copy_from_user()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

4.7-stable review patch. If anyone has any objections, please let me know.

------------------

From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>

commit acb2505d0119033a80c85ac8d02dccae41271667 upstream.

... that should zero on faults. Also remove the <censored> helpful
logics wrt range truncation copied from ppc32. Where it had ever
been needed only in case of copy_from_user() *and* had not been merged
into the mainline until a month after the need had disappeared.
A decade before openrisc went into mainline, I might add...

Signed-off-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
arch/openrisc/include/asm/uaccess.h | 33 ++++++++++-----------------------
1 file changed, 10 insertions(+), 23 deletions(-)

--- a/arch/openrisc/include/asm/uaccess.h
+++ b/arch/openrisc/include/asm/uaccess.h
@@ -273,28 +273,20 @@ __copy_tofrom_user(void *to, const void
static inline unsigned long
copy_from_user(void *to, const void *from, unsigned long n)
{
- unsigned long over;
+ unsigned long res = n;

- if (access_ok(VERIFY_READ, from, n))
- return __copy_tofrom_user(to, from, n);
- if ((unsigned long)from < TASK_SIZE) {
- over = (unsigned long)from + n - TASK_SIZE;
- return __copy_tofrom_user(to, from, n - over) + over;
- }
- return n;
+ if (likely(access_ok(VERIFY_READ, from, n)))
+ n = __copy_tofrom_user(to, from, n);
+ if (unlikely(res))
+ memset(to + (n - res), 0, res);
+ return res;
}

static inline unsigned long
copy_to_user(void *to, const void *from, unsigned long n)
{
- unsigned long over;
-
- if (access_ok(VERIFY_WRITE, to, n))
- return __copy_tofrom_user(to, from, n);
- if ((unsigned long)to < TASK_SIZE) {
- over = (unsigned long)to + n - TASK_SIZE;
- return __copy_tofrom_user(to, from, n - over) + over;
- }
+ if (likely(access_ok(VERIFY_WRITE, to, n)))
+ n = __copy_tofrom_user(to, from, n);
return n;
}

@@ -303,13 +295,8 @@ extern unsigned long __clear_user(void *
static inline __must_check unsigned long
clear_user(void *addr, unsigned long size)
{
-
- if (access_ok(VERIFY_WRITE, addr, size))
- return __clear_user(addr, size);
- if ((unsigned long)addr < TASK_SIZE) {
- unsigned long over = (unsigned long)addr + size - TASK_SIZE;
- return __clear_user(addr, size - over) + over;
- }
+ if (likely(access_ok(VERIFY_WRITE, addr, size)))
+ size = __clear_user(addr, size);
return size;
}

Next message: Greg Kroah-Hartman: "[PATCH 4.7 180/184] ppc32: fix copy_from_user()"
Previous message: Greg Kroah-Hartman: "[PATCH 4.7 172/184] asm-generic: make copy_from_user() zero the destination properly"
In reply to: Greg Kroah-Hartman: "[PATCH 4.7 172/184] asm-generic: make copy_from_user() zero the destination properly"
Next in thread: Greg Kroah-Hartman: "[PATCH 4.7 180/184] ppc32: fix copy_from_user()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]