aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHelge Deller <deller@gmx.de>2010-02-01 14:56:33 -0500
committerKyle McMartin <kyle@redhat.com>2010-03-06 17:54:09 -0500
commit888c31fc83ddc7fcd9947cb67c5718b4e3dd5e1b (patch)
tree15ef949561b6c8b319bb686eadec20c98148dfa3
parenta3bee03e718c9251456676b71a723a34c999e891 (diff)
parisc: add strict copy size checks (v2)
Add CONFIG_DEBUG_STRICT_USER_COPY_CHECKS, copied from the x86 implementation. Tested with 32 and 64bit kernel. Signed-off-by: Helge Deller <deller@gmx.de> Signed-off-by: Kyle McMartin <kyle@mcmartin.ca>
-rw-r--r--arch/parisc/Kconfig.debug14
-rw-r--r--arch/parisc/include/asm/uaccess.h27
-rw-r--r--arch/parisc/lib/memcpy.c3
3 files changed, 41 insertions, 3 deletions
diff --git a/arch/parisc/Kconfig.debug b/arch/parisc/Kconfig.debug
index bc989e522a04..7305ac8f7f5b 100644
--- a/arch/parisc/Kconfig.debug
+++ b/arch/parisc/Kconfig.debug
@@ -12,4 +12,18 @@ config DEBUG_RODATA
12 portion of the kernel code won't be covered by a TLB anymore. 12 portion of the kernel code won't be covered by a TLB anymore.
13 If in doubt, say "N". 13 If in doubt, say "N".
14 14
15config DEBUG_STRICT_USER_COPY_CHECKS
16 bool "Strict copy size checks"
17 depends on DEBUG_KERNEL && !TRACE_BRANCH_PROFILING
18 ---help---
19 Enabling this option turns a certain set of sanity checks for user
20 copy operations into compile time failures.
21
22 The copy_from_user() etc checks are there to help test if there
23 are sufficient security checks on the length argument of
24 the copy operation, by having gcc prove that the argument is
25 within bounds.
26
27 If unsure, or if you run an older (pre 4.4) gcc, say N.
28
15endmenu 29endmenu
diff --git a/arch/parisc/include/asm/uaccess.h b/arch/parisc/include/asm/uaccess.h
index 7cf799d70b4c..ff4cf9dab8d2 100644
--- a/arch/parisc/include/asm/uaccess.h
+++ b/arch/parisc/include/asm/uaccess.h
@@ -7,6 +7,7 @@
7#include <asm/page.h> 7#include <asm/page.h>
8#include <asm/system.h> 8#include <asm/system.h>
9#include <asm/cache.h> 9#include <asm/cache.h>
10#include <asm/errno.h>
10#include <asm-generic/uaccess-unaligned.h> 11#include <asm-generic/uaccess-unaligned.h>
11 12
12#define VERIFY_READ 0 13#define VERIFY_READ 0
@@ -234,13 +235,35 @@ extern long lstrnlen_user(const char __user *,long);
234 235
235unsigned long copy_to_user(void __user *dst, const void *src, unsigned long len); 236unsigned long copy_to_user(void __user *dst, const void *src, unsigned long len);
236#define __copy_to_user copy_to_user 237#define __copy_to_user copy_to_user
237unsigned long copy_from_user(void *dst, const void __user *src, unsigned long len); 238unsigned long __copy_from_user(void *dst, const void __user *src, unsigned long len);
238#define __copy_from_user copy_from_user
239unsigned long copy_in_user(void __user *dst, const void __user *src, unsigned long len); 239unsigned long copy_in_user(void __user *dst, const void __user *src, unsigned long len);
240#define __copy_in_user copy_in_user 240#define __copy_in_user copy_in_user
241#define __copy_to_user_inatomic __copy_to_user 241#define __copy_to_user_inatomic __copy_to_user
242#define __copy_from_user_inatomic __copy_from_user 242#define __copy_from_user_inatomic __copy_from_user
243 243
244extern void copy_from_user_overflow(void)
245#ifdef CONFIG_DEBUG_STRICT_USER_COPY_CHECKS
246 __compiletime_error("copy_from_user() buffer size is not provably correct")
247#else
248 __compiletime_warning("copy_from_user() buffer size is not provably correct")
249#endif
250;
251
252static inline unsigned long __must_check copy_from_user(void *to,
253 const void __user *from,
254 unsigned long n)
255{
256 int sz = __compiletime_object_size(to);
257 int ret = -EFAULT;
258
259 if (likely(sz == -1 || !__builtin_constant_p(n) || sz >= n))
260 ret = __copy_from_user(to, from, n);
261 else
262 copy_from_user_overflow();
263
264 return ret;
265}
266
244struct pt_regs; 267struct pt_regs;
245int fixup_exception(struct pt_regs *regs); 268int fixup_exception(struct pt_regs *regs);
246 269
diff --git a/arch/parisc/lib/memcpy.c b/arch/parisc/lib/memcpy.c
index abf41f4632a9..1dbca5c31b3c 100644
--- a/arch/parisc/lib/memcpy.c
+++ b/arch/parisc/lib/memcpy.c
@@ -475,7 +475,8 @@ unsigned long copy_to_user(void __user *dst, const void *src, unsigned long len)
475 return pa_memcpy((void __force *)dst, src, len); 475 return pa_memcpy((void __force *)dst, src, len);
476} 476}
477 477
478unsigned long copy_from_user(void *dst, const void __user *src, unsigned long len) 478EXPORT_SYMBOL(__copy_from_user);
479unsigned long __copy_from_user(void *dst, const void __user *src, unsigned long len)
479{ 480{
480 mtsp(get_user_space(), 1); 481 mtsp(get_user_space(), 1);
481 mtsp(get_kernel_space(), 2); 482 mtsp(get_kernel_space(), 2);