aboutsummaryrefslogtreecommitdiffstats
path: root/arch
diff options
context:
space:
mode:
authorYong Zhang <yong.zhang@windriver.com>2011-08-15 21:54:54 -0400
committerRalf Baechle <ralf@linux-mips.org>2011-09-21 11:53:44 -0400
commit1eec6cd08b4feb72a73aff468ab72bdd21e1dc61 (patch)
tree70278d81550236b2dc57ddb52b3fc3380fe0c5d9 /arch
parentb8ecf341f1b7ca7bf3cb80c48cbbae33b79947d0 (diff)
MIPS: Compat: Use 32-bit wrapper for compat_sys_futex.
We can't trust userspace to pass signed-extend arguments. Not correctly sign-extended arguments to futex-wait result in architecturally undefined operation of 32-bit arithmetic instructions. For example, if 'val' is too big and bit-31 is 1, the caller may enter endless loop at: futex_wait_setup() { ... if (uval != val) { queue_unlock(q, *hb); ret = -EWOULDBLOCK; ... } Signed-off-by: Yong Zhang <yong.zhang@windriver.com> To: linux-mips@linux-mips.org To: linux-kernel@vger.kernel.org Patchwork: https://patchwork.linux-mips.org/patch/2714/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Diffstat (limited to 'arch')
-rw-r--r--arch/mips/kernel/linux32.c7
-rw-r--r--arch/mips/kernel/scall64-n32.S2
-rw-r--r--arch/mips/kernel/scall64-o32.S2
3 files changed, 9 insertions, 2 deletions
diff --git a/arch/mips/kernel/linux32.c b/arch/mips/kernel/linux32.c
index 876a75cc376f..922a554cd108 100644
--- a/arch/mips/kernel/linux32.c
+++ b/arch/mips/kernel/linux32.c
@@ -349,3 +349,10 @@ SYSCALL_DEFINE6(32_fanotify_mark, int, fanotify_fd, unsigned int, flags,
349 return sys_fanotify_mark(fanotify_fd, flags, merge_64(a3, a4), 349 return sys_fanotify_mark(fanotify_fd, flags, merge_64(a3, a4),
350 dfd, pathname); 350 dfd, pathname);
351} 351}
352
353SYSCALL_DEFINE6(32_futex, u32 __user *, uaddr, int, op, u32, val,
354 struct compat_timespec __user *, utime, u32 __user *, uaddr2,
355 u32, val3)
356{
357 return compat_sys_futex(uaddr, op, val, utime, uaddr2, val3);
358}
diff --git a/arch/mips/kernel/scall64-n32.S b/arch/mips/kernel/scall64-n32.S
index f9296e894e46..6de1f598346e 100644
--- a/arch/mips/kernel/scall64-n32.S
+++ b/arch/mips/kernel/scall64-n32.S
@@ -315,7 +315,7 @@ EXPORT(sysn32_call_table)
315 PTR sys_fremovexattr 315 PTR sys_fremovexattr
316 PTR sys_tkill 316 PTR sys_tkill
317 PTR sys_ni_syscall 317 PTR sys_ni_syscall
318 PTR compat_sys_futex 318 PTR sys_32_futex
319 PTR compat_sys_sched_setaffinity /* 6195 */ 319 PTR compat_sys_sched_setaffinity /* 6195 */
320 PTR compat_sys_sched_getaffinity 320 PTR compat_sys_sched_getaffinity
321 PTR sys_cacheflush 321 PTR sys_cacheflush
diff --git a/arch/mips/kernel/scall64-o32.S b/arch/mips/kernel/scall64-o32.S
index 4d7c9827706f..1d813169e453 100644
--- a/arch/mips/kernel/scall64-o32.S
+++ b/arch/mips/kernel/scall64-o32.S
@@ -441,7 +441,7 @@ sys_call_table:
441 PTR sys_fremovexattr /* 4235 */ 441 PTR sys_fremovexattr /* 4235 */
442 PTR sys_tkill 442 PTR sys_tkill
443 PTR sys_sendfile64 443 PTR sys_sendfile64
444 PTR compat_sys_futex 444 PTR sys_32_futex
445 PTR compat_sys_sched_setaffinity 445 PTR compat_sys_sched_setaffinity
446 PTR compat_sys_sched_getaffinity /* 4240 */ 446 PTR compat_sys_sched_getaffinity /* 4240 */
447 PTR compat_sys_io_setup 447 PTR compat_sys_io_setup