diff options
Diffstat (limited to 'arch/i386/math-emu')
-rw-r--r-- | arch/i386/math-emu/fpu_emu.h | 1 | ||||
-rw-r--r-- | arch/i386/math-emu/fpu_entry.c | 3 | ||||
-rw-r--r-- | arch/i386/math-emu/fpu_system.h | 1 | ||||
-rw-r--r-- | arch/i386/math-emu/load_store.c | 2 | ||||
-rw-r--r-- | arch/i386/math-emu/reg_ld_str.c | 15 |
5 files changed, 16 insertions, 6 deletions
diff --git a/arch/i386/math-emu/fpu_emu.h b/arch/i386/math-emu/fpu_emu.h index d62b20a3e660..65120f523853 100644 --- a/arch/i386/math-emu/fpu_emu.h +++ b/arch/i386/math-emu/fpu_emu.h | |||
@@ -57,6 +57,7 @@ | |||
57 | #define TAG_Special Const(2) /* De-normal, + or - infinity, | 57 | #define TAG_Special Const(2) /* De-normal, + or - infinity, |
58 | or Not a Number */ | 58 | or Not a Number */ |
59 | #define TAG_Empty Const(3) /* empty */ | 59 | #define TAG_Empty Const(3) /* empty */ |
60 | #define TAG_Error Const(0x80) /* probably need to abort */ | ||
60 | 61 | ||
61 | #define LOADED_DATA Const(10101) /* Special st() number to identify | 62 | #define LOADED_DATA Const(10101) /* Special st() number to identify |
62 | loaded data (not on stack). */ | 63 | loaded data (not on stack). */ |
diff --git a/arch/i386/math-emu/fpu_entry.c b/arch/i386/math-emu/fpu_entry.c index d93f16ef828f..ddf8fa3bbd01 100644 --- a/arch/i386/math-emu/fpu_entry.c +++ b/arch/i386/math-emu/fpu_entry.c | |||
@@ -742,7 +742,8 @@ int save_i387_soft(void *s387, struct _fpstate __user * buf) | |||
742 | S387->fcs &= ~0xf8000000; | 742 | S387->fcs &= ~0xf8000000; |
743 | S387->fos |= 0xffff0000; | 743 | S387->fos |= 0xffff0000; |
744 | #endif /* PECULIAR_486 */ | 744 | #endif /* PECULIAR_486 */ |
745 | __copy_to_user(d, &S387->cwd, 7*4); | 745 | if (__copy_to_user(d, &S387->cwd, 7*4)) |
746 | return -1; | ||
746 | RE_ENTRANT_CHECK_ON; | 747 | RE_ENTRANT_CHECK_ON; |
747 | 748 | ||
748 | d += 7*4; | 749 | d += 7*4; |
diff --git a/arch/i386/math-emu/fpu_system.h b/arch/i386/math-emu/fpu_system.h index bf26341c8bde..a3ae28c49ddd 100644 --- a/arch/i386/math-emu/fpu_system.h +++ b/arch/i386/math-emu/fpu_system.h | |||
@@ -68,6 +68,7 @@ | |||
68 | 68 | ||
69 | #define FPU_access_ok(x,y,z) if ( !access_ok(x,y,z) ) \ | 69 | #define FPU_access_ok(x,y,z) if ( !access_ok(x,y,z) ) \ |
70 | math_abort(FPU_info,SIGSEGV) | 70 | math_abort(FPU_info,SIGSEGV) |
71 | #define FPU_abort math_abort(FPU_info, SIGSEGV) | ||
71 | 72 | ||
72 | #undef FPU_IGNORE_CODE_SEGV | 73 | #undef FPU_IGNORE_CODE_SEGV |
73 | #ifdef FPU_IGNORE_CODE_SEGV | 74 | #ifdef FPU_IGNORE_CODE_SEGV |
diff --git a/arch/i386/math-emu/load_store.c b/arch/i386/math-emu/load_store.c index 85314be2fef8..eebd6fb1c8a8 100644 --- a/arch/i386/math-emu/load_store.c +++ b/arch/i386/math-emu/load_store.c | |||
@@ -227,6 +227,8 @@ int FPU_load_store(u_char type, fpu_addr_modes addr_modes, | |||
227 | case 027: /* fild m64int */ | 227 | case 027: /* fild m64int */ |
228 | clear_C1(); | 228 | clear_C1(); |
229 | loaded_tag = FPU_load_int64((long long __user *)data_address); | 229 | loaded_tag = FPU_load_int64((long long __user *)data_address); |
230 | if (loaded_tag == TAG_Error) | ||
231 | return 0; | ||
230 | FPU_settag0(loaded_tag); | 232 | FPU_settag0(loaded_tag); |
231 | break; | 233 | break; |
232 | case 030: /* fstenv m14/28byte */ | 234 | case 030: /* fstenv m14/28byte */ |
diff --git a/arch/i386/math-emu/reg_ld_str.c b/arch/i386/math-emu/reg_ld_str.c index f06ed41d191d..e976caef6498 100644 --- a/arch/i386/math-emu/reg_ld_str.c +++ b/arch/i386/math-emu/reg_ld_str.c | |||
@@ -244,7 +244,8 @@ int FPU_load_int64(long long __user *_s) | |||
244 | 244 | ||
245 | RE_ENTRANT_CHECK_OFF; | 245 | RE_ENTRANT_CHECK_OFF; |
246 | FPU_access_ok(VERIFY_READ, _s, 8); | 246 | FPU_access_ok(VERIFY_READ, _s, 8); |
247 | copy_from_user(&s,_s,8); | 247 | if (copy_from_user(&s,_s,8)) |
248 | FPU_abort; | ||
248 | RE_ENTRANT_CHECK_ON; | 249 | RE_ENTRANT_CHECK_ON; |
249 | 250 | ||
250 | if (s == 0) | 251 | if (s == 0) |
@@ -907,7 +908,8 @@ int FPU_store_int64(FPU_REG *st0_ptr, u_char st0_tag, long long __user *d) | |||
907 | 908 | ||
908 | RE_ENTRANT_CHECK_OFF; | 909 | RE_ENTRANT_CHECK_OFF; |
909 | FPU_access_ok(VERIFY_WRITE,d,8); | 910 | FPU_access_ok(VERIFY_WRITE,d,8); |
910 | copy_to_user(d, &tll, 8); | 911 | if (copy_to_user(d, &tll, 8)) |
912 | FPU_abort; | ||
911 | RE_ENTRANT_CHECK_ON; | 913 | RE_ENTRANT_CHECK_ON; |
912 | 914 | ||
913 | return 1; | 915 | return 1; |
@@ -1336,7 +1338,8 @@ u_char __user *fstenv(fpu_addr_modes addr_modes, u_char __user *d) | |||
1336 | I387.soft.fcs &= ~0xf8000000; | 1338 | I387.soft.fcs &= ~0xf8000000; |
1337 | I387.soft.fos |= 0xffff0000; | 1339 | I387.soft.fos |= 0xffff0000; |
1338 | #endif /* PECULIAR_486 */ | 1340 | #endif /* PECULIAR_486 */ |
1339 | __copy_to_user(d, &control_word, 7*4); | 1341 | if (__copy_to_user(d, &control_word, 7*4)) |
1342 | FPU_abort; | ||
1340 | RE_ENTRANT_CHECK_ON; | 1343 | RE_ENTRANT_CHECK_ON; |
1341 | d += 0x1c; | 1344 | d += 0x1c; |
1342 | } | 1345 | } |
@@ -1359,9 +1362,11 @@ void fsave(fpu_addr_modes addr_modes, u_char __user *data_address) | |||
1359 | FPU_access_ok(VERIFY_WRITE,d,80); | 1362 | FPU_access_ok(VERIFY_WRITE,d,80); |
1360 | 1363 | ||
1361 | /* Copy all registers in stack order. */ | 1364 | /* Copy all registers in stack order. */ |
1362 | __copy_to_user(d, register_base+offset, other); | 1365 | if (__copy_to_user(d, register_base+offset, other)) |
1366 | FPU_abort; | ||
1363 | if ( offset ) | 1367 | if ( offset ) |
1364 | __copy_to_user(d+other, register_base, offset); | 1368 | if (__copy_to_user(d+other, register_base, offset)) |
1369 | FPU_abort; | ||
1365 | RE_ENTRANT_CHECK_ON; | 1370 | RE_ENTRANT_CHECK_ON; |
1366 | 1371 | ||
1367 | finit(); | 1372 | finit(); |