diff options
Diffstat (limited to 'arch/i386/kernel')
-rw-r--r-- | arch/i386/kernel/ptrace.c | 22 |
1 files changed, 15 insertions, 7 deletions
diff --git a/arch/i386/kernel/ptrace.c b/arch/i386/kernel/ptrace.c index 1c075f58d1f9..0c8f00e69c4d 100644 --- a/arch/i386/kernel/ptrace.c +++ b/arch/i386/kernel/ptrace.c | |||
@@ -164,14 +164,22 @@ static unsigned long convert_eip_to_linear(struct task_struct *child, struct pt_ | |||
164 | u32 *desc; | 164 | u32 *desc; |
165 | unsigned long base; | 165 | unsigned long base; |
166 | 166 | ||
167 | down(&child->mm->context.sem); | 167 | seg &= ~7UL; |
168 | desc = child->mm->context.ldt + (seg & ~7); | ||
169 | base = (desc[0] >> 16) | ((desc[1] & 0xff) << 16) | (desc[1] & 0xff000000); | ||
170 | 168 | ||
171 | /* 16-bit code segment? */ | 169 | down(&child->mm->context.sem); |
172 | if (!((desc[1] >> 22) & 1)) | 170 | if (unlikely((seg >> 3) >= child->mm->context.size)) |
173 | addr &= 0xffff; | 171 | addr = -1L; /* bogus selector, access would fault */ |
174 | addr += base; | 172 | else { |
173 | desc = child->mm->context.ldt + seg; | ||
174 | base = ((desc[0] >> 16) | | ||
175 | ((desc[1] & 0xff) << 16) | | ||
176 | (desc[1] & 0xff000000)); | ||
177 | |||
178 | /* 16-bit code segment? */ | ||
179 | if (!((desc[1] >> 22) & 1)) | ||
180 | addr &= 0xffff; | ||
181 | addr += base; | ||
182 | } | ||
175 | up(&child->mm->context.sem); | 183 | up(&child->mm->context.sem); |
176 | } | 184 | } |
177 | return addr; | 185 | return addr; |