4 files changed, 21 insertions, 10 deletions

diff --git a/include/linux/kernel.h b/include/linux/kernel.h
index 2651f805ba6d..4e1366b552ae 100644
--- a/include/linux/kernel.h
+++ b/include/linux/kernel.h
@@ -187,6 +187,9 @@ extern unsigned long long memparse(char *ptr, char **retptr);
 extern int core_kernel_text(unsigned long addr);
 extern int __kernel_text_address(unsigned long addr);
 extern int kernel_text_address(unsigned long addr);
+extern int func_ptr_is_kernel_text(void *ptr);
+extern void *dereference_function_descriptor(void *ptr);
+
 struct pid;
 extern struct pid *session_of_pgrp(struct pid *pgrp);
 
diff --git a/kernel/extable.c b/kernel/extable.c
index a26cb2e17023..adf0cc9c02d6 100644
--- a/kernel/extable.c
+++ b/kernel/extable.c
@@ -66,3 +66,19 @@ int kernel_text_address(unsigned long addr)
                 return 1;
         return module_text_address(addr) != NULL;
 }
+
+/*
+ * On some architectures (PPC64, IA64) function pointers
+ * are actually only tokens to some data that then holds the
+ * real function address. As a result, to find if a function
+ * pointer is part of the kernel text, we need to do some
+ * special dereferencing first.
+ */
+int func_ptr_is_kernel_text(void *ptr)
+{
+        unsigned long addr;
+        addr = (unsigned long) dereference_function_descriptor(ptr);
+        if (core_kernel_text(addr))
+                return 1;
+        return module_text_address(addr) != NULL;
+}
diff --git a/kernel/notifier.c b/kernel/notifier.c
index 143fdd77dbf7..0f39e398ef60 100644
--- a/kernel/notifier.c
+++ b/kernel/notifier.c
@@ -21,10 +21,6 @@ BLOCKING_NOTIFIER_HEAD(reboot_notifier_list);
 static int notifier_chain_register(struct notifier_block **nl,
                 struct notifier_block *n)
 {
-        if (!kernel_text_address((unsigned long)n->notifier_call)) {
-                WARN(1, "Invalid notifier registered!");
-                return 0;
-        }
         while ((*nl) != NULL) {
                 if (n->priority > (*nl)->priority)
                         break;
@@ -38,10 +34,6 @@ static int notifier_chain_register(struct notifier_block **nl,
 static int notifier_chain_cond_register(struct notifier_block **nl,
                 struct notifier_block *n)
 {
-        if (!kernel_text_address((unsigned long)n->notifier_call)) {
-                WARN(1, "Invalid notifier registered!");
-                return 0;
-        }
         while ((*nl) != NULL) {
                 if ((*nl) == n)
                         return 0;
@@ -92,7 +84,7 @@ static int __kprobes notifier_call_chain(struct notifier_block **nl,
                 next_nb = rcu_dereference(nb->next);
 
 #ifdef CONFIG_DEBUG_NOTIFIERS
-                if (!kernel_text_address((unsigned long)nb->notifier_call)) {
+                if (unlikely(!func_ptr_is_kernel_text(nb->notifier_call))) {
                         WARN(1, "Invalid notifier called!");
                         nb = next_nb;
                         continue;
diff --git a/lib/vsprintf.c b/lib/vsprintf.c
index d8d1d1142248..f5e5ffb9942f 100644
--- a/lib/vsprintf.c
+++ b/lib/vsprintf.c
@@ -513,7 +513,7 @@ static char *string(char *buf, char *end, char *s, int field_width, int precisio
         return buf;
 }
 
-static inline void *dereference_function_descriptor(void *ptr)
+void *dereference_function_descriptor(void *ptr)
 {
 #if defined(CONFIG_IA64) || defined(CONFIG_PPC64)
         void *p;