diff options
author | Andreas Schwab <schwab@suse.de> | 2008-11-05 19:49:00 -0500 |
---|---|---|
committer | Paul Mackerras <paulus@samba.org> | 2008-11-11 03:42:22 -0500 |
commit | 77eb50aefa5dd2337246dce8b66e18e837c1a8bc (patch) | |
tree | 76232c81ab3f3badfbd45b5793dc4637fd2ed0dd | |
parent | ec5d7657f746c46b5fbb3dbec6d0f7d8b6b82961 (diff) |
powerpc: Fix msr check in compat_sys_swapcontext
The new context may not be 16-byte aligned, so the real address of the
mcontext structure should be read from the uc_regs pointer instead of
directly using the (unaligned) uc_mcontext field.
Signed-off-by: Andreas Schwab <schwab@suse.de>
Signed-off-by: Paul Mackerras <paulus@samba.org>
-rw-r--r-- | arch/powerpc/kernel/signal_32.c | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/arch/powerpc/kernel/signal_32.c b/arch/powerpc/kernel/signal_32.c index a6a43103655e..b13abf305996 100644 --- a/arch/powerpc/kernel/signal_32.c +++ b/arch/powerpc/kernel/signal_32.c | |||
@@ -941,9 +941,21 @@ long sys_swapcontext(struct ucontext __user *old_ctx, | |||
941 | #ifdef CONFIG_PPC64 | 941 | #ifdef CONFIG_PPC64 |
942 | unsigned long new_msr = 0; | 942 | unsigned long new_msr = 0; |
943 | 943 | ||
944 | if (new_ctx && | 944 | if (new_ctx) { |
945 | get_user(new_msr, &new_ctx->uc_mcontext.mc_gregs[PT_MSR])) | 945 | struct mcontext __user *mcp; |
946 | return -EFAULT; | 946 | u32 cmcp; |
947 | |||
948 | /* | ||
949 | * Get pointer to the real mcontext. No need for | ||
950 | * access_ok since we are dealing with compat | ||
951 | * pointers. | ||
952 | */ | ||
953 | if (__get_user(cmcp, &new_ctx->uc_regs)) | ||
954 | return -EFAULT; | ||
955 | mcp = (struct mcontext __user *)(u64)cmcp; | ||
956 | if (__get_user(new_msr, &mcp->mc_gregs[PT_MSR])) | ||
957 | return -EFAULT; | ||
958 | } | ||
947 | /* | 959 | /* |
948 | * Check that the context is not smaller than the original | 960 | * Check that the context is not smaller than the original |
949 | * size (with VMX but without VSX) | 961 | * size (with VMX but without VSX) |