[PATCH 1/4] UML - Fix signal frame copy_user

Jeff Dike Mon, 15 Aug 2005 16:38:28 -0700

>From Al Viro:

The copy_user stuff in the signal frame code was broke.


Signed-off-by: Jeff Dike <[EMAIL PROTECTED]>

Index: linux-2.6.13-rc6/arch/um/sys-i386/signal.c
===================================================================
--- linux-2.6.13-rc6.orig/arch/um/sys-i386/signal.c     2005-08-15 
12:03:10.000000000 -0400
+++ linux-2.6.13-rc6/arch/um/sys-i386/signal.c  2005-08-15 12:04:08.000000000 
-0400
@@ -122,9 +122,9 @@
        int err;
 
        to_fp = to->fpstate;
-       from_fp = from->fpstate;
        sigs = to->oldmask;
        err = copy_from_user(to, from, sizeof(*to));
+       from_fp = to->fpstate;
        to->oldmask = sigs;
        to->fpstate = to_fp;
        if(to_fp != NULL)
Index: linux-2.6.13-rc6/arch/um/sys-x86_64/signal.c
===================================================================
--- linux-2.6.13-rc6.orig/arch/um/sys-x86_64/signal.c   2005-08-15 
12:03:10.000000000 -0400
+++ linux-2.6.13-rc6/arch/um/sys-x86_64/signal.c        2005-08-15 
12:04:08.000000000 -0400
@@ -104,28 +104,35 @@
 int copy_sc_from_user_tt(struct sigcontext *to, struct sigcontext *from,
                         int fpsize)
 {
-       struct _fpstate *to_fp, *from_fp;
-       unsigned long sigs;
-       int err;
-
-       to_fp = to->fpstate;
-       from_fp = from->fpstate;
-       sigs = to->oldmask;
-       err = copy_from_user(to, from, sizeof(*to));
-       to->oldmask = sigs;
-       return(err);
+       struct _fpstate *to_fp, *from_fp;
+       unsigned long sigs;
+       int err;
+
+       to_fp = to->fpstate;
+       sigs = to->oldmask;
+       err = copy_from_user(to, from, sizeof(*to));
+       from_fp = to->fpstate;
+       to->fpstate = to_fp;
+       to->oldmask = sigs;
+       if(to_fp != NULL)
+               err |= copy_from_user(to_fp, from_fp, fpsize);
+       return(err);
 }
 
 int copy_sc_to_user_tt(struct sigcontext *to, struct _fpstate *fp,
                       struct sigcontext *from, int fpsize)
 {
-       struct _fpstate *to_fp, *from_fp;
-       int err;
+       struct _fpstate *to_fp, *from_fp;
+       int err;
 
-       to_fp = (fp ? fp : (struct _fpstate *) (to + 1));
-       from_fp = from->fpstate;
-       err = copy_to_user(to, from, sizeof(*to));
-       return(err);
+       to_fp = (fp ? fp : (struct _fpstate *) (to + 1));
+       from_fp = from->fpstate;
+       err = copy_to_user(to, from, sizeof(*to));
+       if(from_fp != NULL){
+               err |= copy_to_user(&to->fpstate, &to_fp, sizeof(to->fpstate));
+               err |= copy_to_user(to_fp, from_fp, fpsize);
+       }
+       return(err);
 }
 
 #endif

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[PATCH 1/4] UML - Fix signal frame copy_user

Reply via email to