aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--arch/s390/include/asm/futex.h6
-rw-r--r--arch/s390/include/asm/uaccess.h23
-rw-r--r--arch/s390/kernel/compat_signal.c14
-rw-r--r--arch/s390/kernel/signal.c8
4 files changed, 5 insertions, 46 deletions
diff --git a/arch/s390/include/asm/futex.h b/arch/s390/include/asm/futex.h
index 96bc83ea5c90..51bcaa0fdeef 100644
--- a/arch/s390/include/asm/futex.h
+++ b/arch/s390/include/asm/futex.h
@@ -16,9 +16,6 @@ static inline int futex_atomic_op_inuser (int encoded_op, u32 __user *uaddr)
16 if (encoded_op & (FUTEX_OP_OPARG_SHIFT << 28)) 16 if (encoded_op & (FUTEX_OP_OPARG_SHIFT << 28))
17 oparg = 1 << oparg; 17 oparg = 1 << oparg;
18 18
19 if (! access_ok (VERIFY_WRITE, uaddr, sizeof(u32)))
20 return -EFAULT;
21
22 pagefault_disable(); 19 pagefault_disable();
23 ret = uaccess.futex_atomic_op(op, uaddr, oparg, &oldval); 20 ret = uaccess.futex_atomic_op(op, uaddr, oparg, &oldval);
24 pagefault_enable(); 21 pagefault_enable();
@@ -40,9 +37,6 @@ static inline int futex_atomic_op_inuser (int encoded_op, u32 __user *uaddr)
40static inline int futex_atomic_cmpxchg_inatomic(u32 *uval, u32 __user *uaddr, 37static inline int futex_atomic_cmpxchg_inatomic(u32 *uval, u32 __user *uaddr,
41 u32 oldval, u32 newval) 38 u32 oldval, u32 newval)
42{ 39{
43 if (! access_ok (VERIFY_WRITE, uaddr, sizeof(u32)))
44 return -EFAULT;
45
46 return uaccess.futex_atomic_cmpxchg(uval, uaddr, oldval, newval); 40 return uaccess.futex_atomic_cmpxchg(uval, uaddr, oldval, newval);
47} 41}
48 42
diff --git a/arch/s390/include/asm/uaccess.h b/arch/s390/include/asm/uaccess.h
index 34268df959a3..9c33ed4e666f 100644
--- a/arch/s390/include/asm/uaccess.h
+++ b/arch/s390/include/asm/uaccess.h
@@ -252,9 +252,7 @@ static inline unsigned long __must_check
252copy_to_user(void __user *to, const void *from, unsigned long n) 252copy_to_user(void __user *to, const void *from, unsigned long n)
253{ 253{
254 might_fault(); 254 might_fault();
255 if (access_ok(VERIFY_WRITE, to, n)) 255 return __copy_to_user(to, from, n);
256 n = __copy_to_user(to, from, n);
257 return n;
258} 256}
259 257
260/** 258/**
@@ -315,11 +313,7 @@ copy_from_user(void *to, const void __user *from, unsigned long n)
315 copy_from_user_overflow(); 313 copy_from_user_overflow();
316 return n; 314 return n;
317 } 315 }
318 if (access_ok(VERIFY_READ, from, n)) 316 return __copy_from_user(to, from, n);
319 n = __copy_from_user(to, from, n);
320 else
321 memset(to, 0, n);
322 return n;
323} 317}
324 318
325static inline unsigned long __must_check 319static inline unsigned long __must_check
@@ -332,9 +326,7 @@ static inline unsigned long __must_check
332copy_in_user(void __user *to, const void __user *from, unsigned long n) 326copy_in_user(void __user *to, const void __user *from, unsigned long n)
333{ 327{
334 might_fault(); 328 might_fault();
335 if (__access_ok(from,n) && __access_ok(to,n)) 329 return __copy_in_user(to, from, n);
336 n = __copy_in_user(to, from, n);
337 return n;
338} 330}
339 331
340/* 332/*
@@ -343,11 +335,8 @@ copy_in_user(void __user *to, const void __user *from, unsigned long n)
343static inline long __must_check 335static inline long __must_check
344strncpy_from_user(char *dst, const char __user *src, long count) 336strncpy_from_user(char *dst, const char __user *src, long count)
345{ 337{
346 long res = -EFAULT;
347 might_fault(); 338 might_fault();
348 if (access_ok(VERIFY_READ, src, 1)) 339 return uaccess.strncpy_from_user(count, src, dst);
349 res = uaccess.strncpy_from_user(count, src, dst);
350 return res;
351} 340}
352 341
353static inline unsigned long 342static inline unsigned long
@@ -387,9 +376,7 @@ static inline unsigned long __must_check
387clear_user(void __user *to, unsigned long n) 376clear_user(void __user *to, unsigned long n)
388{ 377{
389 might_fault(); 378 might_fault();
390 if (access_ok(VERIFY_WRITE, to, n)) 379 return uaccess.clear_user(n, to);
391 n = uaccess.clear_user(n, to);
392 return n;
393} 380}
394 381
395extern int copy_to_user_real(void __user *dest, void *src, size_t count); 382extern int copy_to_user_real(void __user *dest, void *src, size_t count);
diff --git a/arch/s390/kernel/compat_signal.c b/arch/s390/kernel/compat_signal.c
index 3e71194c1902..6de049fbe62d 100644
--- a/arch/s390/kernel/compat_signal.c
+++ b/arch/s390/kernel/compat_signal.c
@@ -53,9 +53,6 @@ int copy_siginfo_to_user32(compat_siginfo_t __user *to, siginfo_t *from)
53{ 53{
54 int err; 54 int err;
55 55
56 if (!access_ok (VERIFY_WRITE, to, sizeof(compat_siginfo_t)))
57 return -EFAULT;
58
59 /* If you change siginfo_t structure, please be sure 56 /* If you change siginfo_t structure, please be sure
60 this code is fixed accordingly. 57 this code is fixed accordingly.
61 It should never copy any pad contained in the structure 58 It should never copy any pad contained in the structure
@@ -110,9 +107,6 @@ int copy_siginfo_from_user32(siginfo_t *to, compat_siginfo_t __user *from)
110 int err; 107 int err;
111 u32 tmp; 108 u32 tmp;
112 109
113 if (!access_ok (VERIFY_READ, from, sizeof(compat_siginfo_t)))
114 return -EFAULT;
115
116 err = __get_user(to->si_signo, &from->si_signo); 110 err = __get_user(to->si_signo, &from->si_signo);
117 err |= __get_user(to->si_errno, &from->si_errno); 111 err |= __get_user(to->si_errno, &from->si_errno);
118 err |= __get_user(to->si_code, &from->si_code); 112 err |= __get_user(to->si_code, &from->si_code);
@@ -244,8 +238,6 @@ asmlinkage long sys32_sigreturn(void)
244 sigframe32 __user *frame = (sigframe32 __user *)regs->gprs[15]; 238 sigframe32 __user *frame = (sigframe32 __user *)regs->gprs[15];
245 sigset_t set; 239 sigset_t set;
246 240
247 if (!access_ok(VERIFY_READ, frame, sizeof(*frame)))
248 goto badframe;
249 if (__copy_from_user(&set.sig, &frame->sc.oldmask, _SIGMASK_COPY_SIZE32)) 241 if (__copy_from_user(&set.sig, &frame->sc.oldmask, _SIGMASK_COPY_SIZE32))
250 goto badframe; 242 goto badframe;
251 set_current_blocked(&set); 243 set_current_blocked(&set);
@@ -265,8 +257,6 @@ asmlinkage long sys32_rt_sigreturn(void)
265 rt_sigframe32 __user *frame = (rt_sigframe32 __user *)regs->gprs[15]; 257 rt_sigframe32 __user *frame = (rt_sigframe32 __user *)regs->gprs[15];
266 sigset_t set; 258 sigset_t set;
267 259
268 if (!access_ok(VERIFY_READ, frame, sizeof(*frame)))
269 goto badframe;
270 if (__copy_from_user(&set, &frame->uc.uc_sigmask, sizeof(set))) 260 if (__copy_from_user(&set, &frame->uc.uc_sigmask, sizeof(set)))
271 goto badframe; 261 goto badframe;
272 set_current_blocked(&set); 262 set_current_blocked(&set);
@@ -325,8 +315,6 @@ static int setup_frame32(int sig, struct k_sigaction *ka,
325 sigset_t *set, struct pt_regs * regs) 315 sigset_t *set, struct pt_regs * regs)
326{ 316{
327 sigframe32 __user *frame = get_sigframe(ka, regs, sizeof(sigframe32)); 317 sigframe32 __user *frame = get_sigframe(ka, regs, sizeof(sigframe32));
328 if (!access_ok(VERIFY_WRITE, frame, sizeof(sigframe32)))
329 goto give_sigsegv;
330 318
331 if (frame == (void __user *) -1UL) 319 if (frame == (void __user *) -1UL)
332 goto give_sigsegv; 320 goto give_sigsegv;
@@ -391,8 +379,6 @@ static int setup_rt_frame32(int sig, struct k_sigaction *ka, siginfo_t *info,
391{ 379{
392 int err = 0; 380 int err = 0;
393 rt_sigframe32 __user *frame = get_sigframe(ka, regs, sizeof(rt_sigframe32)); 381 rt_sigframe32 __user *frame = get_sigframe(ka, regs, sizeof(rt_sigframe32));
394 if (!access_ok(VERIFY_WRITE, frame, sizeof(rt_sigframe32)))
395 goto give_sigsegv;
396 382
397 if (frame == (void __user *) -1UL) 383 if (frame == (void __user *) -1UL)
398 goto give_sigsegv; 384 goto give_sigsegv;
diff --git a/arch/s390/kernel/signal.c b/arch/s390/kernel/signal.c
index 9c6e747a5e1e..c45becf82e01 100644
--- a/arch/s390/kernel/signal.c
+++ b/arch/s390/kernel/signal.c
@@ -116,8 +116,6 @@ SYSCALL_DEFINE0(sigreturn)
116 sigframe __user *frame = (sigframe __user *)regs->gprs[15]; 116 sigframe __user *frame = (sigframe __user *)regs->gprs[15];
117 sigset_t set; 117 sigset_t set;
118 118
119 if (!access_ok(VERIFY_READ, frame, sizeof(*frame)))
120 goto badframe;
121 if (__copy_from_user(&set.sig, &frame->sc.oldmask, _SIGMASK_COPY_SIZE)) 119 if (__copy_from_user(&set.sig, &frame->sc.oldmask, _SIGMASK_COPY_SIZE))
122 goto badframe; 120 goto badframe;
123 set_current_blocked(&set); 121 set_current_blocked(&set);
@@ -135,8 +133,6 @@ SYSCALL_DEFINE0(rt_sigreturn)
135 rt_sigframe __user *frame = (rt_sigframe __user *)regs->gprs[15]; 133 rt_sigframe __user *frame = (rt_sigframe __user *)regs->gprs[15];
136 sigset_t set; 134 sigset_t set;
137 135
138 if (!access_ok(VERIFY_READ, frame, sizeof(*frame)))
139 goto badframe;
140 if (__copy_from_user(&set.sig, &frame->uc.uc_sigmask, sizeof(set))) 136 if (__copy_from_user(&set.sig, &frame->uc.uc_sigmask, sizeof(set)))
141 goto badframe; 137 goto badframe;
142 set_current_blocked(&set); 138 set_current_blocked(&set);
@@ -195,8 +191,6 @@ static int setup_frame(int sig, struct k_sigaction *ka,
195 sigframe __user *frame; 191 sigframe __user *frame;
196 192
197 frame = get_sigframe(ka, regs, sizeof(sigframe)); 193 frame = get_sigframe(ka, regs, sizeof(sigframe));
198 if (!access_ok(VERIFY_WRITE, frame, sizeof(sigframe)))
199 goto give_sigsegv;
200 194
201 if (frame == (void __user *) -1UL) 195 if (frame == (void __user *) -1UL)
202 goto give_sigsegv; 196 goto give_sigsegv;
@@ -264,8 +258,6 @@ static int setup_rt_frame(int sig, struct k_sigaction *ka, siginfo_t *info,
264 rt_sigframe __user *frame; 258 rt_sigframe __user *frame;
265 259
266 frame = get_sigframe(ka, regs, sizeof(rt_sigframe)); 260 frame = get_sigframe(ka, regs, sizeof(rt_sigframe));
267 if (!access_ok(VERIFY_WRITE, frame, sizeof(rt_sigframe)))
268 goto give_sigsegv;
269 261
270 if (frame == (void __user *) -1UL) 262 if (frame == (void __user *) -1UL)
271 goto give_sigsegv; 263 goto give_sigsegv;