get rid of union semop in sys_semctl(2) arguments

just have the bugger take unsigned long and deal with SETVAL
case (when we use an int member in the union) explicitly.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

7 files changed, 91 insertions, 71 deletions

diff --git a/arch/parisc/kernel/sys_parisc32.c b/arch/parisc/kernel/sys_parisc32.c
index 46bdf6080fe4..f517e08e7f0d 100644
--- a/arch/parisc/kernel/sys_parisc32.c
+++ b/arch/parisc/kernel/sys_parisc32.c
@@ -60,21 +60,6 @@ asmlinkage long sys32_unimplemented(int r26, int r25, int r24, int r23,
     return -ENOSYS;
 }
 
-asmlinkage long sys32_semctl(int semid, int semnum, int cmd, union semun arg)
-{
-        union semun u;
-        
-        if (cmd == SETVAL) {
-                /* Ugh.  arg is a union of int,ptr,ptr,ptr, so is 8 bytes.
-                 * The int should be in the first 4, but our argument
-                 * frobbing has left it in the last 4.
-                 */
-                u.val = *((int *)&arg + 1);
-                return sys_semctl (semid, semnum, cmd, u);
-        }
-        return sys_semctl (semid, semnum, cmd, arg);
-}
-
 asmlinkage long compat_sys_fanotify_mark(int fan_fd, int flags, u32 mask_hi,
                                          u32 mask_lo, int fd,
                                          const char __user *pathname)
diff --git a/arch/parisc/kernel/syscall_table.S b/arch/parisc/kernel/syscall_table.S
index 30c9a3bba1cc..0c9107285e66 100644
--- a/arch/parisc/kernel/syscall_table.S
+++ b/arch/parisc/kernel/syscall_table.S
@@ -282,7 +282,7 @@
         ENTRY_COMP(recvmsg)
         ENTRY_SAME(semop)               /* 185 */
         ENTRY_SAME(semget)
-        ENTRY_DIFF(semctl)
+        ENTRY_COMP(semctl)
         ENTRY_COMP(msgsnd)
         ENTRY_COMP(msgrcv)
         ENTRY_SAME(msgget)              /* 190 */
diff --git a/arch/sparc/kernel/sys_sparc_64.c b/arch/sparc/kernel/sys_sparc_64.c
index 42beb6fc4ad8..2daaaa6eda23 100644
--- a/arch/sparc/kernel/sys_sparc_64.c
+++ b/arch/sparc/kernel/sys_sparc_64.c
@@ -353,7 +353,7 @@ SYSCALL_DEFINE6(sparc_ipc, unsigned int, call, int, first, unsigned long, second
                 case SEMCTL: {
                         err = sys_semctl(first, second,
                                          (int)third | IPC_64,
-                                         (union semun) ptr);
+                                         (unsigned long) ptr);
                         goto out;
                 }
                 default:
diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h
index 9660a8bdcbbe..65c001f7fa0b 100644
--- a/include/linux/syscalls.h
+++ b/include/linux/syscalls.h
@@ -657,7 +657,7 @@ asmlinkage long sys_msgctl(int msqid, int cmd, struct msqid_ds __user *buf);
 asmlinkage long sys_semget(key_t key, int nsems, int semflg);
 asmlinkage long sys_semop(int semid, struct sembuf __user *sops,
                                 unsigned nsops);
-asmlinkage long sys_semctl(int semid, int semnum, int cmd, union semun arg);
+asmlinkage long sys_semctl(int semid, int semnum, int cmd, unsigned long arg);
 asmlinkage long sys_semtimedop(int semid, struct sembuf __user *sops,
                                 unsigned nsops,
                                 const struct timespec __user *timeout);
diff --git a/ipc/compat.c b/ipc/compat.c
index 6cb6a4df86e4..892f6585dd60 100644
--- a/ipc/compat.c
+++ b/ipc/compat.c
@@ -240,7 +240,7 @@ static inline int put_compat_semid_ds(struct semid64_ds *s,
 
 static long do_compat_semctl(int first, int second, int third, u32 pad)
 {
-        union semun fourth;
+        unsigned long fourth;
         int err, err2;
         struct semid64_ds s64;
         struct semid64_ds __user *up64;
@@ -249,9 +249,13 @@ static long do_compat_semctl(int first, int second, int third, u32 pad)
         memset(&s64, 0, sizeof(s64));
 
         if ((third & (~IPC_64)) == SETVAL)
-                fourth.val = (int) pad;
+#ifdef __BIG_ENDIAN
+                fourth = (unsigned long)pad << 32;
+#else
+                fourth = pad;
+#endif
         else
-                fourth.__pad = compat_ptr(pad);
+                fourth = (unsigned long)compat_ptr(pad);
         switch (third & (~IPC_64)) {
         case IPC_INFO:
         case IPC_RMID:
@@ -269,7 +273,7 @@ static long do_compat_semctl(int first, int second, int third, u32 pad)
         case IPC_STAT:
         case SEM_STAT:
                 up64 = compat_alloc_user_space(sizeof(s64));
-                fourth.__pad = up64;
+                fourth = (unsigned long)up64;
                 err = sys_semctl(first, second, third, fourth);
                 if (err < 0)
                         break;
@@ -295,7 +299,7 @@ static long do_compat_semctl(int first, int second, int third, u32 pad)
                 if (err)
                         break;
 
-                fourth.__pad = up64;
+                fourth = (unsigned long)up64;
                 err = sys_semctl(first, second, third, fourth);
                 break;
 
diff --git a/ipc/sem.c b/ipc/sem.c
index e7236df7a470..5b167d00efa6 100644
--- a/ipc/sem.c
+++ b/ipc/sem.c
@@ -799,7 +799,7 @@ static unsigned long copy_semid_to_user(void __user *buf, struct semid64_ds *in,
 }
 
 static int semctl_nolock(struct ipc_namespace *ns, int semid,
-                         int cmd, int version, union semun arg)
+                         int cmd, int version, void __user *p)
 {
         int err;
         struct sem_array *sma;
@@ -834,7 +834,7 @@ static int semctl_nolock(struct ipc_namespace *ns, int semid,
                 }
                 max_id = ipc_get_maxid(&sem_ids(ns));
                 up_read(&sem_ids(ns).rw_mutex);
-                if (copy_to_user (arg.__buf, &seminfo, sizeof(struct seminfo))) 
+                if (copy_to_user(p, &seminfo, sizeof(struct seminfo))) 
                         return -EFAULT;
                 return (max_id < 0) ? 0: max_id;
         }
@@ -871,7 +871,7 @@ static int semctl_nolock(struct ipc_namespace *ns, int semid,
                 tbuf.sem_ctime  = sma->sem_ctime;
                 tbuf.sem_nsems  = sma->sem_nsems;
                 sem_unlock(sma);
-                if (copy_semid_to_user (arg.buf, &tbuf, version))
+                if (copy_semid_to_user(p, &tbuf, version))
                         return -EFAULT;
                 return id;
         }
@@ -883,8 +883,67 @@ out_unlock:
         return err;
 }
 
+static int semctl_setval(struct ipc_namespace *ns, int semid, int semnum,
+                unsigned long arg)
+{
+        struct sem_undo *un;
+        struct sem_array *sma;
+        struct sem* curr;
+        int err;
+        int nsems;
+        struct list_head tasks;
+        int val;
+#if defined(CONFIG_64BIT) && defined(__BIG_ENDIAN)
+        /* big-endian 64bit */
+        val = arg >> 32;
+#else
+        /* 32bit or little-endian 64bit */
+        val = arg;
+#endif
+
+        sma = sem_lock_check(ns, semid);
+        if (IS_ERR(sma))
+                return PTR_ERR(sma);
+
+        INIT_LIST_HEAD(&tasks);
+        nsems = sma->sem_nsems;
+
+        err = -EACCES;
+        if (ipcperms(ns, &sma->sem_perm, S_IWUGO))
+                goto out_unlock;
+
+        err = security_sem_semctl(sma, SETVAL);
+        if (err)
+                goto out_unlock;
+
+        err = -EINVAL;
+        if(semnum < 0 || semnum >= nsems)
+                goto out_unlock;
+
+        curr = &sma->sem_base[semnum];
+
+        err = -ERANGE;
+        if (val > SEMVMX || val < 0)
+                goto out_unlock;
+
+        assert_spin_locked(&sma->sem_perm.lock);
+        list_for_each_entry(un, &sma->list_id, list_id)
+                un->semadj[semnum] = 0;
+
+        curr->semval = val;
+        curr->sempid = task_tgid_vnr(current);
+        sma->sem_ctime = get_seconds();
+        /* maybe some queued-up processes were waiting for this */
+        do_smart_update(sma, NULL, 0, 0, &tasks);
+        err = 0;
+out_unlock:
+        sem_unlock(sma);
+        wake_up_sem_queue_do(&tasks);
+        return err;
+}
+
 static int semctl_main(struct ipc_namespace *ns, int semid, int semnum,
-                int cmd, int version, union semun arg)
+                int cmd, void __user *p)
 {
         struct sem_array *sma;
         struct sem* curr;
@@ -903,7 +962,7 @@ static int semctl_main(struct ipc_namespace *ns, int semid, int semnum,
 
         err = -EACCES;
         if (ipcperms(ns, &sma->sem_perm,
-                        (cmd == SETVAL || cmd == SETALL) ? S_IWUGO : S_IRUGO))
+                        cmd == SETALL ? S_IWUGO : S_IRUGO))
                 goto out_unlock;
 
         err = security_sem_semctl(sma, cmd);
@@ -914,7 +973,7 @@ static int semctl_main(struct ipc_namespace *ns, int semid, int semnum,
         switch (cmd) {
         case GETALL:
         {
-                ushort __user *array = arg.array;
+                ushort __user *array = p;
                 int i;
 
                 if(nsems > SEMMSL_FAST) {
@@ -957,7 +1016,7 @@ static int semctl_main(struct ipc_namespace *ns, int semid, int semnum,
                         }
                 }
 
-                if (copy_from_user (sem_io, arg.array, nsems*sizeof(ushort))) {
+                if (copy_from_user (sem_io, p, nsems*sizeof(ushort))) {
                         sem_putref(sma);
                         err = -EFAULT;
                         goto out_free;
@@ -991,7 +1050,7 @@ static int semctl_main(struct ipc_namespace *ns, int semid, int semnum,
                 err = 0;
                 goto out_unlock;
         }
-        /* GETVAL, GETPID, GETNCTN, GETZCNT, SETVAL: fall-through */
+        /* GETVAL, GETPID, GETNCTN, GETZCNT: fall-through */
         }
         err = -EINVAL;
         if(semnum < 0 || semnum >= nsems)
@@ -1012,27 +1071,6 @@ static int semctl_main(struct ipc_namespace *ns, int semid, int semnum,
         case GETZCNT:
                 err = count_semzcnt(sma,semnum);
                 goto out_unlock;
-        case SETVAL:
-        {
-                int val = arg.val;
-                struct sem_undo *un;
-
-                err = -ERANGE;
-                if (val > SEMVMX || val < 0)
-                        goto out_unlock;
-
-                assert_spin_locked(&sma->sem_perm.lock);
-                list_for_each_entry(un, &sma->list_id, list_id)
-                        un->semadj[semnum] = 0;
-
-                curr->semval = val;
-                curr->sempid = task_tgid_vnr(current);
-                sma->sem_ctime = get_seconds();
-                /* maybe some queued-up processes were waiting for this */
-                do_smart_update(sma, NULL, 0, 0, &tasks);
-                err = 0;
-                goto out_unlock;
-        }
         }
 out_unlock:
         sem_unlock(sma);
@@ -1076,7 +1114,7 @@ copy_semid_from_user(struct semid64_ds *out, void __user *buf, int version)
  * NOTE: no locks must be held, the rw_mutex is taken inside this function.
  */
 static int semctl_down(struct ipc_namespace *ns, int semid,
-                       int cmd, int version, union semun arg)
+                       int cmd, int version, void __user *p)
 {
         struct sem_array *sma;
         int err;
@@ -1084,7 +1122,7 @@ static int semctl_down(struct ipc_namespace *ns, int semid,
         struct kern_ipc_perm *ipcp;
 
         if(cmd == IPC_SET) {
-                if (copy_semid_from_user(&semid64, arg.buf, version))
+                if (copy_semid_from_user(&semid64, p, version))
                         return -EFAULT;
         }
 
@@ -1120,11 +1158,11 @@ out_up:
         return err;
 }
 
-SYSCALL_DEFINE(semctl)(int semid, int semnum, int cmd, union semun arg)
+SYSCALL_DEFINE4(semctl, int, semid, int, semnum, int, cmd, unsigned long, arg)
 {
-        int err = -EINVAL;
         int version;
         struct ipc_namespace *ns;
+        void __user *p = (void __user *)arg;
 
         if (semid < 0)
                 return -EINVAL;
@@ -1137,30 +1175,23 @@ SYSCALL_DEFINE(semctl)(int semid, int semnum, int cmd, union semun arg)
         case SEM_INFO:
         case IPC_STAT:
         case SEM_STAT:
-                err = semctl_nolock(ns, semid, cmd, version, arg);
-                return err;
+                return semctl_nolock(ns, semid, cmd, version, p);
         case GETALL:
         case GETVAL:
         case GETPID:
         case GETNCNT:
         case GETZCNT:
-        case SETVAL:
         case SETALL:
-                err = semctl_main(ns,semid,semnum,cmd,version,arg);
-                return err;
+                return semctl_main(ns, semid, semnum, cmd, p);
+        case SETVAL:
+                return semctl_setval(ns, semid, semnum, arg);
         case IPC_RMID:
         case IPC_SET:
-                err = semctl_down(ns, semid, cmd, version, arg);
-                return err;
+                return semctl_down(ns, semid, cmd, version, p);
         default:
                 return -EINVAL;
         }
 }
-asmlinkage long SyS_semctl(int semid, int semnum, int cmd, union semun arg)
-{
-        return SYSC_semctl((int) semid, (int) semnum, (int) cmd, arg);
-}
-SYSCALL_ALIAS(sys_semctl, SyS_semctl);
 
 /* If the task doesn't already have a undo_list, then allocate one
  * here.  We guarantee there is only one thread using this undo list,
diff --git a/ipc/syscall.c b/ipc/syscall.c
index 0d1e32ce048e..52429489cde0 100644
--- a/ipc/syscall.c
+++ b/ipc/syscall.c
@@ -33,12 +33,12 @@ SYSCALL_DEFINE6(ipc, unsigned int, call, int, first, unsigned long, second,
         case SEMGET:
                 return sys_semget(first, second, third);
         case SEMCTL: {
-                union semun fourth;
+                unsigned long arg;
                 if (!ptr)
                         return -EINVAL;
-                if (get_user(fourth.__pad, (void __user * __user *) ptr))
+                if (get_user(arg, (unsigned long __user *) ptr))
                         return -EFAULT;
-                return sys_semctl(first, second, third, fourth);
+                return sys_semctl(first, second, third, arg);
         }
 
         case MSGSND: