aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPaolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>2005-11-13 19:07:13 -0500
committerLinus Torvalds <torvalds@g5.osdl.org>2005-11-13 21:14:15 -0500
commit7a590611c0f1e1302c58fdfdc958f2d6bdddd78a (patch)
treead57f5bda5245af1d03ba10e15308487b1aae9c7
parent55c033c1f6cdedc350c79c3198b542e3ab496899 (diff)
[PATCH] uml: fix access_ok
The access_ok_tt() macro is bogus, in that a read access is unconditionally considered valid. I couldn't find in SCM logs the introduction of this check, but I went back to 2.4.20-1um and the definition was the same. Possibly this was done to avoid problems with missing set_fs() calls, but there can't be any I think because they would fail with SKAS mode. TT-specific code is still to check. Also, this patch joins common code together, and makes the "address range wrapping" check happen for all cases, rather than for only some. This may, possibly, be reoptimized at some time, but the current code doesn't seem clever, just confused. * Important: I've also had to change references to access_ok_{tt,skas} back to access_ok - the kernel wasn't that happy otherwise. Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it> Acked-by: Jeff Dike <jdike@addtoit.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-rw-r--r--arch/um/include/um_uaccess.h19
-rw-r--r--arch/um/kernel/skas/include/uaccess-skas.h10
-rw-r--r--arch/um/kernel/skas/uaccess.c8
-rw-r--r--arch/um/kernel/tt/include/uaccess-tt.h8
-rw-r--r--arch/um/kernel/tt/uaccess.c8
5 files changed, 29 insertions, 24 deletions
diff --git a/arch/um/include/um_uaccess.h b/arch/um/include/um_uaccess.h
index 84c0868cd561..f8760a3f43b0 100644
--- a/arch/um/include/um_uaccess.h
+++ b/arch/um/include/um_uaccess.h
@@ -17,8 +17,25 @@
17#include "uaccess-skas.h" 17#include "uaccess-skas.h"
18#endif 18#endif
19 19
20#define __under_task_size(addr, size) \
21 (((unsigned long) (addr) < TASK_SIZE) && \
22 (((unsigned long) (addr) + (size)) < TASK_SIZE))
23
24#define __access_ok_vsyscall(type, addr, size) \
25 ((type == VERIFY_READ) && \
26 ((unsigned long) (addr) >= FIXADDR_USER_START) && \
27 ((unsigned long) (addr) + (size) <= FIXADDR_USER_END) && \
28 ((unsigned long) (addr) + (size) >= (unsigned long)(addr)))
29
30#define __addr_range_nowrap(addr, size) \
31 ((unsigned long) (addr) <= ((unsigned long) (addr) + (size)))
32
20#define access_ok(type, addr, size) \ 33#define access_ok(type, addr, size) \
21 CHOOSE_MODE_PROC(access_ok_tt, access_ok_skas, type, addr, size) 34 (__addr_range_nowrap(addr, size) && \
35 (__under_task_size(addr, size) || \
36 __access_ok_vsyscall(type, addr, size) || \
37 segment_eq(get_fs(), KERNEL_DS) || \
38 CHOOSE_MODE_PROC(access_ok_tt, access_ok_skas, type, addr, size)))
22 39
23static inline int copy_from_user(void *to, const void __user *from, int n) 40static inline int copy_from_user(void *to, const void __user *from, int n)
24{ 41{
diff --git a/arch/um/kernel/skas/include/uaccess-skas.h b/arch/um/kernel/skas/include/uaccess-skas.h
index 7da0c2def0ef..f611f83ad4ff 100644
--- a/arch/um/kernel/skas/include/uaccess-skas.h
+++ b/arch/um/kernel/skas/include/uaccess-skas.h
@@ -9,14 +9,8 @@
9#include "asm/errno.h" 9#include "asm/errno.h"
10#include "asm/fixmap.h" 10#include "asm/fixmap.h"
11 11
12#define access_ok_skas(type, addr, size) \ 12/* No SKAS-specific checking. */
13 ((segment_eq(get_fs(), KERNEL_DS)) || \ 13#define access_ok_skas(type, addr, size) 0
14 (((unsigned long) (addr) < TASK_SIZE) && \
15 ((unsigned long) (addr) + (size) <= TASK_SIZE)) || \
16 ((type == VERIFY_READ ) && \
17 ((unsigned long) (addr) >= FIXADDR_USER_START) && \
18 ((unsigned long) (addr) + (size) <= FIXADDR_USER_END) && \
19 ((unsigned long) (addr) + (size) >= (unsigned long)(addr))))
20 14
21extern int copy_from_user_skas(void *to, const void __user *from, int n); 15extern int copy_from_user_skas(void *to, const void __user *from, int n);
22extern int copy_to_user_skas(void __user *to, const void *from, int n); 16extern int copy_to_user_skas(void __user *to, const void *from, int n);
diff --git a/arch/um/kernel/skas/uaccess.c b/arch/um/kernel/skas/uaccess.c
index 75195281081e..a5a47528dec7 100644
--- a/arch/um/kernel/skas/uaccess.c
+++ b/arch/um/kernel/skas/uaccess.c
@@ -143,7 +143,7 @@ int copy_from_user_skas(void *to, const void __user *from, int n)
143 return(0); 143 return(0);
144 } 144 }
145 145
146 return(access_ok_skas(VERIFY_READ, from, n) ? 146 return(access_ok(VERIFY_READ, from, n) ?
147 buffer_op((unsigned long) from, n, 0, copy_chunk_from_user, &to): 147 buffer_op((unsigned long) from, n, 0, copy_chunk_from_user, &to):
148 n); 148 n);
149} 149}
@@ -164,7 +164,7 @@ int copy_to_user_skas(void __user *to, const void *from, int n)
164 return(0); 164 return(0);
165 } 165 }
166 166
167 return(access_ok_skas(VERIFY_WRITE, to, n) ? 167 return(access_ok(VERIFY_WRITE, to, n) ?
168 buffer_op((unsigned long) to, n, 1, copy_chunk_to_user, &from) : 168 buffer_op((unsigned long) to, n, 1, copy_chunk_to_user, &from) :
169 n); 169 n);
170} 170}
@@ -193,7 +193,7 @@ int strncpy_from_user_skas(char *dst, const char __user *src, int count)
193 return(strnlen(dst, count)); 193 return(strnlen(dst, count));
194 } 194 }
195 195
196 if(!access_ok_skas(VERIFY_READ, src, 1)) 196 if(!access_ok(VERIFY_READ, src, 1))
197 return(-EFAULT); 197 return(-EFAULT);
198 198
199 n = buffer_op((unsigned long) src, count, 0, strncpy_chunk_from_user, 199 n = buffer_op((unsigned long) src, count, 0, strncpy_chunk_from_user,
@@ -221,7 +221,7 @@ int clear_user_skas(void __user *mem, int len)
221 return(0); 221 return(0);
222 } 222 }
223 223
224 return(access_ok_skas(VERIFY_WRITE, mem, len) ? 224 return(access_ok(VERIFY_WRITE, mem, len) ?
225 buffer_op((unsigned long) mem, len, 1, clear_chunk, NULL) : len); 225 buffer_op((unsigned long) mem, len, 1, clear_chunk, NULL) : len);
226} 226}
227 227
diff --git a/arch/um/kernel/tt/include/uaccess-tt.h b/arch/um/kernel/tt/include/uaccess-tt.h
index dc2ebfa8c54f..b9bfe9c481c4 100644
--- a/arch/um/kernel/tt/include/uaccess-tt.h
+++ b/arch/um/kernel/tt/include/uaccess-tt.h
@@ -19,19 +19,13 @@
19extern unsigned long end_vm; 19extern unsigned long end_vm;
20extern unsigned long uml_physmem; 20extern unsigned long uml_physmem;
21 21
22#define under_task_size(addr, size) \
23 (((unsigned long) (addr) < TASK_SIZE) && \
24 (((unsigned long) (addr) + (size)) < TASK_SIZE))
25
26#define is_stack(addr, size) \ 22#define is_stack(addr, size) \
27 (((unsigned long) (addr) < STACK_TOP) && \ 23 (((unsigned long) (addr) < STACK_TOP) && \
28 ((unsigned long) (addr) >= STACK_TOP - ABOVE_KMEM) && \ 24 ((unsigned long) (addr) >= STACK_TOP - ABOVE_KMEM) && \
29 (((unsigned long) (addr) + (size)) <= STACK_TOP)) 25 (((unsigned long) (addr) + (size)) <= STACK_TOP))
30 26
31#define access_ok_tt(type, addr, size) \ 27#define access_ok_tt(type, addr, size) \
32 ((type == VERIFY_READ) || (segment_eq(get_fs(), KERNEL_DS)) || \ 28 (is_stack(addr, size))
33 (((unsigned long) (addr) <= ((unsigned long) (addr) + (size))) && \
34 (under_task_size(addr, size) || is_stack(addr, size))))
35 29
36extern unsigned long get_fault_addr(void); 30extern unsigned long get_fault_addr(void);
37 31
diff --git a/arch/um/kernel/tt/uaccess.c b/arch/um/kernel/tt/uaccess.c
index a72aa632972f..1cb60726567e 100644
--- a/arch/um/kernel/tt/uaccess.c
+++ b/arch/um/kernel/tt/uaccess.c
@@ -8,7 +8,7 @@
8 8
9int copy_from_user_tt(void *to, const void __user *from, int n) 9int copy_from_user_tt(void *to, const void __user *from, int n)
10{ 10{
11 if(!access_ok_tt(VERIFY_READ, from, n)) 11 if(!access_ok(VERIFY_READ, from, n))
12 return(n); 12 return(n);
13 13
14 return(__do_copy_from_user(to, from, n, &current->thread.fault_addr, 14 return(__do_copy_from_user(to, from, n, &current->thread.fault_addr,
@@ -17,7 +17,7 @@ int copy_from_user_tt(void *to, const void __user *from, int n)
17 17
18int copy_to_user_tt(void __user *to, const void *from, int n) 18int copy_to_user_tt(void __user *to, const void *from, int n)
19{ 19{
20 if(!access_ok_tt(VERIFY_WRITE, to, n)) 20 if(!access_ok(VERIFY_WRITE, to, n))
21 return(n); 21 return(n);
22 22
23 return(__do_copy_to_user(to, from, n, &current->thread.fault_addr, 23 return(__do_copy_to_user(to, from, n, &current->thread.fault_addr,
@@ -28,7 +28,7 @@ int strncpy_from_user_tt(char *dst, const char __user *src, int count)
28{ 28{
29 int n; 29 int n;
30 30
31 if(!access_ok_tt(VERIFY_READ, src, 1)) 31 if(!access_ok(VERIFY_READ, src, 1))
32 return(-EFAULT); 32 return(-EFAULT);
33 33
34 n = __do_strncpy_from_user(dst, src, count, 34 n = __do_strncpy_from_user(dst, src, count,
@@ -47,7 +47,7 @@ int __clear_user_tt(void __user *mem, int len)
47 47
48int clear_user_tt(void __user *mem, int len) 48int clear_user_tt(void __user *mem, int len)
49{ 49{
50 if(!access_ok_tt(VERIFY_WRITE, mem, len)) 50 if(!access_ok(VERIFY_WRITE, mem, len))
51 return(len); 51 return(len);
52 52
53 return(__do_clear_user(mem, len, &current->thread.fault_addr, 53 return(__do_clear_user(mem, len, &current->thread.fault_addr,