6 files changed, 171 insertions, 23 deletions
diff --git a/include/linux/compat.h b/include/linux/compat.h
index 24d659cdbafe..6d3a654be1ae 100644
--- a/include/linux/compat.h
+++ b/include/linux/compat.h
@@ -147,6 +147,24 @@ typedef struct compat_sigevent {
        } _sigev_un;
 } compat_sigevent_t;
+struct compat_robust_list {
+        compat_uptr_t                   next;
+};
+struct compat_robust_list_head {
+        struct compat_robust_list       list;
+        compat_long_t                   futex_offset;
+        compat_uptr_t                   list_op_pending;
+};
+extern void compat_exit_robust_list(struct task_struct *curr);
+asmlinkage long
+compat_sys_set_robust_list(struct compat_robust_list_head __user *head,
+                           compat_size_t len);
+asmlinkage long
+compat_sys_get_robust_list(int pid, compat_uptr_t *head_ptr,
+                           compat_size_t __user *len_ptr);
 long compat_sys_semctl(int first, int second, int third, void __user *uptr);
 long compat_sys_msgsnd(int first, int second, int third, void __user *uptr);
diff --git a/include/linux/sched.h b/include/linux/sched.h
index fd4848f2d750..20b4f0372e44 100644
--- a/include/linux/sched.h
+++ b/include/linux/sched.h
@@ -874,6 +874,9 @@ struct task_struct {
        int cpuset_mem_spread_rotor;
 #endif
        struct robust_list_head __user *robust_list;
+#ifdef CONFIG_COMPAT
+        struct compat_robust_list_head __user *compat_robust_list;
+#endif
        atomic_t fs_excl;       /* holding fs exclusive resources */
        struct rcu_head rcu;
diff --git a/kernel/Makefile b/kernel/Makefile
index ff1c11dc12cf..58908f9d156a 100644
--- a/kernel/Makefile
+++ b/kernel/Makefile
@@ -12,6 +12,9 @@ obj-y     = sched.o fork.o exec_domain.o panic.o printk.o profile.o \
 obj-$(CONFIG_DEBUG_MUTEXES) += mutex-debug.o
 obj-$(CONFIG_FUTEX) += futex.o
+ifeq ($(CONFIG_COMPAT),y)
+obj-$(CONFIG_FUTEX) += futex_compat.o
+endif
 obj-$(CONFIG_GENERIC_ISA_DMA) += dma.o
 obj-$(CONFIG_SMP) += cpu.o spinlock.o
 obj-$(CONFIG_DEBUG_SPINLOCK) += spinlock.o
diff --git a/kernel/compat.c b/kernel/compat.c
index b9bdd1271f44..c1601a84f8d8 100644
--- a/kernel/compat.c
+++ b/kernel/compat.c
@@ -17,7 +17,6 @@
 #include <linux/time.h>
 #include <linux/signal.h>
 #include <linux/sched.h>        /* for MAX_SCHEDULE_TIMEOUT */
-#include <linux/futex.h>        /* for FUTEX_WAIT */
 #include <linux/syscalls.h>
 #include <linux/unistd.h>
 #include <linux/security.h>
@@ -239,28 +238,6 @@ asmlinkage long compat_sys_sigprocmask(int how, compat_old_sigset_t __user *set,
        return ret;
 }
-#ifdef CONFIG_FUTEX
-asmlinkage long compat_sys_futex(u32 __user *uaddr, int op, int val,
-                struct compat_timespec __user *utime, u32 __user *uaddr2,
-                int val3)
-{
-        struct timespec t;
-        unsigned long timeout = MAX_SCHEDULE_TIMEOUT;
-        int val2 = 0;
-        if ((op == FUTEX_WAIT) && utime) {
-                if (get_compat_timespec(&t, utime))
-                        return -EFAULT;
-                timeout = timespec_to_jiffies(&t) + 1;
-        }
-        if (op >= FUTEX_REQUEUE)
-                val2 = (int) (unsigned long) utime;
-        return do_futex((unsigned long)uaddr, op, val, timeout,
-                        (unsigned long)uaddr2, val2, val3);
-}
-#endif
 asmlinkage long compat_sys_setrlimit(unsigned int resource,
                struct compat_rlimit __user *rlim)
 {
diff --git a/kernel/exit.c b/kernel/exit.c
index aecb48ca7370..a8c7efc7a681 100644
--- a/kernel/exit.c
+++ b/kernel/exit.c
@@ -32,6 +32,7 @@
 #include <linux/cn_proc.h>
 #include <linux/mutex.h>
 #include <linux/futex.h>
+#include <linux/compat.h>
 #include <asm/uaccess.h>
 #include <asm/unistd.h>
@@ -855,6 +856,10 @@ fastcall NORET_TYPE void do_exit(long code)
        }
        if (unlikely(tsk->robust_list))
                exit_robust_list(tsk);
+#ifdef CONFIG_COMPAT
+        if (unlikely(tsk->compat_robust_list))
+                compat_exit_robust_list(tsk);
+#endif
        exit_mm(tsk);
        exit_sem(tsk);
diff --git a/kernel/futex_compat.c b/kernel/futex_compat.c
new file mode 100644
index 000000000000..c153559ef289
--- /dev/null
+++ b/kernel/futex_compat.c
@@ -0,0 +1,142 @@
+/*
+ * linux/kernel/futex_compat.c
+ *
+ * Futex compatibililty routines.
+ *
+ * Copyright 2006, Red Hat, Inc., Ingo Molnar
+ */
+#include <linux/linkage.h>
+#include <linux/compat.h>
+#include <linux/futex.h>
+#include <asm/uaccess.h>
+/*
+ * Walk curr->robust_list (very carefully, it's a userspace list!)
+ * and mark any locks found there dead, and notify any waiters.
+ *
+ * We silently return on any sign of list-walking problem.
+ */
+void compat_exit_robust_list(struct task_struct *curr)
+{
+        struct compat_robust_list_head __user *head = curr->compat_robust_list;
+        struct robust_list __user *entry, *pending;
+        compat_uptr_t uentry, upending;
+        unsigned int limit = ROBUST_LIST_LIMIT;
+        compat_long_t futex_offset;
+        /*
+         * Fetch the list head (which was registered earlier, via
+         * sys_set_robust_list()):
+         */
+        if (get_user(uentry, &head->list.next))
+                return;
+        entry = compat_ptr(uentry);
+        /*
+         * Fetch the relative futex offset:
+         */
+        if (get_user(futex_offset, &head->futex_offset))
+                return;
+        /*
+         * Fetch any possibly pending lock-add first, and handle it
+         * if it exists:
+         */
+        if (get_user(upending, &head->list_op_pending))
+                return;
+        pending = compat_ptr(upending);
+        if (upending)
+                handle_futex_death((void *)pending + futex_offset, curr);
+        while (compat_ptr(uentry) != &head->list) {
+                /*
+                 * A pending lock might already be on the list, so
+                 * dont process it twice:
+                 */
+                if (entry != pending)
+                        if (handle_futex_death((void *)entry + futex_offset,
+                                                curr))
+                                return;
+                /*
+                 * Fetch the next entry in the list:
+                 */
+                if (get_user(uentry, (compat_uptr_t *)&entry->next))
+                        return;
+                entry = compat_ptr(uentry);
+                /*
+                 * Avoid excessively long or circular lists:
+                 */
+                if (!--limit)
+                        break;
+                cond_resched();
+        }
+}
+asmlinkage long
+compat_sys_set_robust_list(struct compat_robust_list_head __user *head,
+                           compat_size_t len)
+{
+        if (unlikely(len != sizeof(*head)))
+                return -EINVAL;
+        current->compat_robust_list = head;
+        return 0;
+}
+asmlinkage long
+compat_sys_get_robust_list(int pid, compat_uptr_t *head_ptr,
+                           compat_size_t __user *len_ptr)
+{
+        struct compat_robust_list_head *head;
+        unsigned long ret;
+        if (!pid)
+                head = current->compat_robust_list;
+        else {
+                struct task_struct *p;
+                ret = -ESRCH;
+                read_lock(&tasklist_lock);
+                p = find_task_by_pid(pid);
+                if (!p)
+                        goto err_unlock;
+                ret = -EPERM;
+                if ((current->euid != p->euid) && (current->euid != p->uid) &&
+                                !capable(CAP_SYS_PTRACE))
+                        goto err_unlock;
+                head = p->compat_robust_list;
+                read_unlock(&tasklist_lock);
+        }
+        if (put_user(sizeof(*head), len_ptr))
+                return -EFAULT;
+        return put_user(ptr_to_compat(head), head_ptr);
+err_unlock:
+        read_unlock(&tasklist_lock);
+        return ret;
+}
+asmlinkage long compat_sys_futex(u32 __user *uaddr, int op, int val,
+                struct compat_timespec __user *utime, u32 __user *uaddr2,
+                int val3)
+{
+        struct timespec t;
+        unsigned long timeout = MAX_SCHEDULE_TIMEOUT;
+        int val2 = 0;
+        if ((op == FUTEX_WAIT) && utime) {
+                if (get_compat_timespec(&t, utime))
+                        return -EFAULT;
+                timeout = timespec_to_jiffies(&t) + 1;
+        }
+        if (op >= FUTEX_REQUEUE)
+                val2 = (int) (unsigned long) utime;
+        return do_futex((unsigned long)uaddr, op, val, timeout,
+                        (unsigned long)uaddr2, val2, val3);
+}

diff --git a/include/linux/compat.h b/include/linux/compat.h index 24d659cdbafe..6d3a654be1ae 100644 --- a/include/linux/compat.h +++ b/include/linux/compat.h
@@ -147,6 +147,24 @@ typedef struct compat_sigevent {
147	} _sigev_un;	147	} _sigev_un;
148	} compat_sigevent_t;	148	} compat_sigevent_t;
149		149
		150	struct compat_robust_list {
		151	compat_uptr_t next;
		152	};
		153
		154	struct compat_robust_list_head {
		155	struct compat_robust_list list;
		156	compat_long_t futex_offset;
		157	compat_uptr_t list_op_pending;
		158	};
		159
		160	extern void compat_exit_robust_list(struct task_struct *curr);
		161
		162	asmlinkage long
		163	compat_sys_set_robust_list(struct compat_robust_list_head __user *head,
		164	compat_size_t len);
		165	asmlinkage long
		166	compat_sys_get_robust_list(int pid, compat_uptr_t *head_ptr,
		167	compat_size_t __user *len_ptr);
150		168
151	long compat_sys_semctl(int first, int second, int third, void __user *uptr);	169	long compat_sys_semctl(int first, int second, int third, void __user *uptr);
152	long compat_sys_msgsnd(int first, int second, int third, void __user *uptr);	170	long compat_sys_msgsnd(int first, int second, int third, void __user *uptr);


diff --git a/include/linux/sched.h b/include/linux/sched.h index fd4848f2d750..20b4f0372e44 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h
@@ -874,6 +874,9 @@ struct task_struct {
874	int cpuset_mem_spread_rotor;	874	int cpuset_mem_spread_rotor;
875	#endif	875	#endif
876	struct robust_list_head __user *robust_list;	876	struct robust_list_head __user *robust_list;
		877	#ifdef CONFIG_COMPAT
		878	struct compat_robust_list_head __user *compat_robust_list;
		879	#endif
877		880
878	atomic_t fs_excl; /* holding fs exclusive resources */	881	atomic_t fs_excl; /* holding fs exclusive resources */
879	struct rcu_head rcu;	882	struct rcu_head rcu;


diff --git a/kernel/Makefile b/kernel/Makefile index ff1c11dc12cf..58908f9d156a 100644 --- a/kernel/Makefile +++ b/kernel/Makefile
@@ -12,6 +12,9 @@ obj-y = sched.o fork.o exec_domain.o panic.o printk.o profile.o \
12		12
13	obj-$(CONFIG_DEBUG_MUTEXES) += mutex-debug.o	13	obj-$(CONFIG_DEBUG_MUTEXES) += mutex-debug.o
14	obj-$(CONFIG_FUTEX) += futex.o	14	obj-$(CONFIG_FUTEX) += futex.o
		15	ifeq ($(CONFIG_COMPAT),y)
		16	obj-$(CONFIG_FUTEX) += futex_compat.o
		17	endif
15	obj-$(CONFIG_GENERIC_ISA_DMA) += dma.o	18	obj-$(CONFIG_GENERIC_ISA_DMA) += dma.o
16	obj-$(CONFIG_SMP) += cpu.o spinlock.o	19	obj-$(CONFIG_SMP) += cpu.o spinlock.o
17	obj-$(CONFIG_DEBUG_SPINLOCK) += spinlock.o	20	obj-$(CONFIG_DEBUG_SPINLOCK) += spinlock.o


diff --git a/kernel/compat.c b/kernel/compat.c index b9bdd1271f44..c1601a84f8d8 100644 --- a/kernel/compat.c +++ b/kernel/compat.c
@@ -17,7 +17,6 @@
17	#include <linux/time.h>	17	#include <linux/time.h>
18	#include <linux/signal.h>	18	#include <linux/signal.h>
19	#include <linux/sched.h> /* for MAX_SCHEDULE_TIMEOUT */	19	#include <linux/sched.h> /* for MAX_SCHEDULE_TIMEOUT */
20	#include <linux/futex.h> /* for FUTEX_WAIT */
21	#include <linux/syscalls.h>	20	#include <linux/syscalls.h>
22	#include <linux/unistd.h>	21	#include <linux/unistd.h>
23	#include <linux/security.h>	22	#include <linux/security.h>
@@ -239,28 +238,6 @@ asmlinkage long compat_sys_sigprocmask(int how, compat_old_sigset_t __user *set,
239	return ret;	238	return ret;
240	}	239	}
241		240
242	#ifdef CONFIG_FUTEX
243	asmlinkage long compat_sys_futex(u32 __user *uaddr, int op, int val,
244	struct compat_timespec __user utime, u32 __user uaddr2,
245	int val3)
246	{
247	struct timespec t;
248	unsigned long timeout = MAX_SCHEDULE_TIMEOUT;
249	int val2 = 0;
250
251	if ((op == FUTEX_WAIT) && utime) {
252	if (get_compat_timespec(&t, utime))
253	return -EFAULT;
254	timeout = timespec_to_jiffies(&t) + 1;
255	}
256	if (op >= FUTEX_REQUEUE)
257	val2 = (int) (unsigned long) utime;
258
259	return do_futex((unsigned long)uaddr, op, val, timeout,
260	(unsigned long)uaddr2, val2, val3);
261	}
262	#endif
263
264	asmlinkage long compat_sys_setrlimit(unsigned int resource,	241	asmlinkage long compat_sys_setrlimit(unsigned int resource,
265	struct compat_rlimit __user *rlim)	242	struct compat_rlimit __user *rlim)
266	{	243	{


diff --git a/kernel/exit.c b/kernel/exit.c index aecb48ca7370..a8c7efc7a681 100644 --- a/kernel/exit.c +++ b/kernel/exit.c
@@ -32,6 +32,7 @@
32	#include <linux/cn_proc.h>	32	#include <linux/cn_proc.h>
33	#include <linux/mutex.h>	33	#include <linux/mutex.h>
34	#include <linux/futex.h>	34	#include <linux/futex.h>
		35	#include <linux/compat.h>
35		36
36	#include <asm/uaccess.h>	37	#include <asm/uaccess.h>
37	#include <asm/unistd.h>	38	#include <asm/unistd.h>
@@ -855,6 +856,10 @@ fastcall NORET_TYPE void do_exit(long code)
855	}	856	}
856	if (unlikely(tsk->robust_list))	857	if (unlikely(tsk->robust_list))
857	exit_robust_list(tsk);	858	exit_robust_list(tsk);
		859	#ifdef CONFIG_COMPAT
		860	if (unlikely(tsk->compat_robust_list))
		861	compat_exit_robust_list(tsk);
		862	#endif
858	exit_mm(tsk);	863	exit_mm(tsk);
859		864
860	exit_sem(tsk);	865	exit_sem(tsk);


diff --git a/kernel/futex_compat.c b/kernel/futex_compat.c new file mode 100644 index 000000000000..c153559ef289 --- /dev/null +++ b/kernel/futex_compat.c
@@ -0,0 +1,142 @@
		1	/*
		2	* linux/kernel/futex_compat.c
		3	*
		4	* Futex compatibililty routines.
		5	*
		6	* Copyright 2006, Red Hat, Inc., Ingo Molnar
		7	*/
		8
		9	#include <linux/linkage.h>
		10	#include <linux/compat.h>
		11	#include <linux/futex.h>
		12
		13	#include <asm/uaccess.h>
		14
		15	/*
		16	* Walk curr->robust_list (very carefully, it's a userspace list!)
		17	* and mark any locks found there dead, and notify any waiters.
		18	*
		19	* We silently return on any sign of list-walking problem.
		20	*/
		21	void compat_exit_robust_list(struct task_struct *curr)
		22	{
		23	struct compat_robust_list_head __user *head = curr->compat_robust_list;
		24	struct robust_list __user entry, pending;
		25	compat_uptr_t uentry, upending;
		26	unsigned int limit = ROBUST_LIST_LIMIT;
		27	compat_long_t futex_offset;
		28
		29	/*
		30	* Fetch the list head (which was registered earlier, via
		31	* sys_set_robust_list()):
		32	*/
		33	if (get_user(uentry, &head->list.next))
		34	return;
		35	entry = compat_ptr(uentry);
		36	/*
		37	* Fetch the relative futex offset:
		38	*/
		39	if (get_user(futex_offset, &head->futex_offset))
		40	return;
		41	/*
		42	* Fetch any possibly pending lock-add first, and handle it
		43	* if it exists:
		44	*/
		45	if (get_user(upending, &head->list_op_pending))
		46	return;
		47	pending = compat_ptr(upending);
		48	if (upending)
		49	handle_futex_death((void *)pending + futex_offset, curr);
		50
		51	while (compat_ptr(uentry) != &head->list) {
		52	/*
		53	* A pending lock might already be on the list, so
		54	* dont process it twice:
		55	*/
		56	if (entry != pending)
		57	if (handle_futex_death((void *)entry + futex_offset,
		58	curr))
		59	return;
		60
		61	/*
		62	* Fetch the next entry in the list:
		63	*/
		64	if (get_user(uentry, (compat_uptr_t *)&entry->next))
		65	return;
		66	entry = compat_ptr(uentry);
		67	/*
		68	* Avoid excessively long or circular lists:
		69	*/
		70	if (!--limit)
		71	break;
		72
		73	cond_resched();
		74	}
		75	}
		76
		77	asmlinkage long
		78	compat_sys_set_robust_list(struct compat_robust_list_head __user *head,
		79	compat_size_t len)
		80	{
		81	if (unlikely(len != sizeof(*head)))
		82	return -EINVAL;
		83
		84	current->compat_robust_list = head;
		85
		86	return 0;
		87	}
		88
		89	asmlinkage long
		90	compat_sys_get_robust_list(int pid, compat_uptr_t *head_ptr,
		91	compat_size_t __user *len_ptr)
		92	{
		93	struct compat_robust_list_head *head;
		94	unsigned long ret;
		95
		96	if (!pid)
		97	head = current->compat_robust_list;
		98	else {
		99	struct task_struct *p;
		100
		101	ret = -ESRCH;
		102	read_lock(&tasklist_lock);
		103	p = find_task_by_pid(pid);
		104	if (!p)
		105	goto err_unlock;
		106	ret = -EPERM;
		107	if ((current->euid != p->euid) && (current->euid != p->uid) &&
		108	!capable(CAP_SYS_PTRACE))
		109	goto err_unlock;
		110	head = p->compat_robust_list;
		111	read_unlock(&tasklist_lock);
		112	}
		113
		114	if (put_user(sizeof(*head), len_ptr))
		115	return -EFAULT;
		116	return put_user(ptr_to_compat(head), head_ptr);
		117
		118	err_unlock:
		119	read_unlock(&tasklist_lock);
		120
		121	return ret;
		122	}
		123
		124	asmlinkage long compat_sys_futex(u32 __user *uaddr, int op, int val,
		125	struct compat_timespec __user utime, u32 __user uaddr2,
		126	int val3)
		127	{
		128	struct timespec t;
		129	unsigned long timeout = MAX_SCHEDULE_TIMEOUT;
		130	int val2 = 0;
		131
		132	if ((op == FUTEX_WAIT) && utime) {
		133	if (get_compat_timespec(&t, utime))
		134	return -EFAULT;
		135	timeout = timespec_to_jiffies(&t) + 1;
		136	}
		137	if (op >= FUTEX_REQUEUE)
		138	val2 = (int) (unsigned long) utime;
		139
		140	return do_futex((unsigned long)uaddr, op, val, timeout,
		141	(unsigned long)uaddr2, val2, val3);
		142	}