aboutsummaryrefslogtreecommitdiffstats
path: root/arch/mips/kernel/linux32.c
diff options
context:
space:
mode:
Diffstat (limited to 'arch/mips/kernel/linux32.c')
-rw-r--r--arch/mips/kernel/linux32.c180
1 files changed, 91 insertions, 89 deletions
diff --git a/arch/mips/kernel/linux32.c b/arch/mips/kernel/linux32.c
index e00e5f6e7fdd..013bc93688e8 100644
--- a/arch/mips/kernel/linux32.c
+++ b/arch/mips/kernel/linux32.c
@@ -69,7 +69,7 @@
69 * Revalidate the inode. This is required for proper NFS attribute caching. 69 * Revalidate the inode. This is required for proper NFS attribute caching.
70 */ 70 */
71 71
72int cp_compat_stat(struct kstat *stat, struct compat_stat *statbuf) 72int cp_compat_stat(struct kstat *stat, struct compat_stat __user *statbuf)
73{ 73{
74 struct compat_stat tmp; 74 struct compat_stat tmp;
75 75
@@ -106,6 +106,10 @@ sys32_mmap2(unsigned long addr, unsigned long len, unsigned long prot,
106 unsigned long error; 106 unsigned long error;
107 107
108 error = -EINVAL; 108 error = -EINVAL;
109 if (pgoff & (~PAGE_MASK >> 12))
110 goto out;
111 pgoff >>= PAGE_SHIFT-12;
112
109 if (!(flags & MAP_ANONYMOUS)) { 113 if (!(flags & MAP_ANONYMOUS)) {
110 error = -EBADF; 114 error = -EBADF;
111 file = fget(fd); 115 file = fget(fd);
@@ -125,7 +129,7 @@ out:
125} 129}
126 130
127 131
128asmlinkage int sys_truncate64(const char *path, unsigned int high, 132asmlinkage int sys_truncate64(const char __user *path, unsigned int high,
129 unsigned int low) 133 unsigned int low)
130{ 134{
131 if ((int)high < 0) 135 if ((int)high < 0)
@@ -161,12 +165,6 @@ out:
161 return error; 165 return error;
162} 166}
163 167
164asmlinkage int
165sys32_waitpid(compat_pid_t pid, unsigned int *stat_addr, int options)
166{
167 return compat_sys_wait4(pid, stat_addr, options, NULL);
168}
169
170asmlinkage long 168asmlinkage long
171sysn32_waitid(int which, compat_pid_t pid, 169sysn32_waitid(int which, compat_pid_t pid,
172 siginfo_t __user *uinfo, int options, 170 siginfo_t __user *uinfo, int options,
@@ -175,6 +173,7 @@ sysn32_waitid(int which, compat_pid_t pid,
175 struct rusage ru; 173 struct rusage ru;
176 long ret; 174 long ret;
177 mm_segment_t old_fs = get_fs(); 175 mm_segment_t old_fs = get_fs();
176 int si_signo;
178 177
179 if (!access_ok(VERIFY_WRITE, uinfo, sizeof(*uinfo))) 178 if (!access_ok(VERIFY_WRITE, uinfo, sizeof(*uinfo)))
180 return -EFAULT; 179 return -EFAULT;
@@ -184,7 +183,9 @@ sysn32_waitid(int which, compat_pid_t pid,
184 uru ? (struct rusage __user *) &ru : NULL); 183 uru ? (struct rusage __user *) &ru : NULL);
185 set_fs (old_fs); 184 set_fs (old_fs);
186 185
187 if (ret < 0 || uinfo->si_signo == 0) 186 if (__get_user(si_signo, &uinfo->si_signo))
187 return -EFAULT;
188 if (ret < 0 || si_signo == 0)
188 return ret; 189 return ret;
189 190
190 if (uru) 191 if (uru)
@@ -208,14 +209,14 @@ struct sysinfo32 {
208 char _f[8]; 209 char _f[8];
209}; 210};
210 211
211asmlinkage int sys32_sysinfo(struct sysinfo32 *info) 212asmlinkage int sys32_sysinfo(struct sysinfo32 __user *info)
212{ 213{
213 struct sysinfo s; 214 struct sysinfo s;
214 int ret, err; 215 int ret, err;
215 mm_segment_t old_fs = get_fs (); 216 mm_segment_t old_fs = get_fs ();
216 217
217 set_fs (KERNEL_DS); 218 set_fs (KERNEL_DS);
218 ret = sys_sysinfo(&s); 219 ret = sys_sysinfo((struct sysinfo __user *)&s);
219 set_fs (old_fs); 220 set_fs (old_fs);
220 err = put_user (s.uptime, &info->uptime); 221 err = put_user (s.uptime, &info->uptime);
221 err |= __put_user (s.loads[0], &info->loads[0]); 222 err |= __put_user (s.loads[0], &info->loads[0]);
@@ -245,11 +246,11 @@ struct rlimit32 {
245}; 246};
246 247
247#ifdef __MIPSEB__ 248#ifdef __MIPSEB__
248asmlinkage long sys32_truncate64(const char * path, unsigned long __dummy, 249asmlinkage long sys32_truncate64(const char __user * path, unsigned long __dummy,
249 int length_hi, int length_lo) 250 int length_hi, int length_lo)
250#endif 251#endif
251#ifdef __MIPSEL__ 252#ifdef __MIPSEL__
252asmlinkage long sys32_truncate64(const char * path, unsigned long __dummy, 253asmlinkage long sys32_truncate64(const char __user * path, unsigned long __dummy,
253 int length_lo, int length_hi) 254 int length_lo, int length_hi)
254#endif 255#endif
255{ 256{
@@ -277,7 +278,7 @@ asmlinkage long sys32_ftruncate64(unsigned int fd, unsigned long __dummy,
277} 278}
278 279
279static inline long 280static inline long
280get_tv32(struct timeval *o, struct compat_timeval *i) 281get_tv32(struct timeval *o, struct compat_timeval __user *i)
281{ 282{
282 return (!access_ok(VERIFY_READ, i, sizeof(*i)) || 283 return (!access_ok(VERIFY_READ, i, sizeof(*i)) ||
283 (__get_user(o->tv_sec, &i->tv_sec) | 284 (__get_user(o->tv_sec, &i->tv_sec) |
@@ -285,7 +286,7 @@ get_tv32(struct timeval *o, struct compat_timeval *i)
285} 286}
286 287
287static inline long 288static inline long
288put_tv32(struct compat_timeval *o, struct timeval *i) 289put_tv32(struct compat_timeval __user *o, struct timeval *i)
289{ 290{
290 return (!access_ok(VERIFY_WRITE, o, sizeof(*o)) || 291 return (!access_ok(VERIFY_WRITE, o, sizeof(*o)) ||
291 (__put_user(i->tv_sec, &o->tv_sec) | 292 (__put_user(i->tv_sec, &o->tv_sec) |
@@ -295,7 +296,7 @@ put_tv32(struct compat_timeval *o, struct timeval *i)
295extern struct timezone sys_tz; 296extern struct timezone sys_tz;
296 297
297asmlinkage int 298asmlinkage int
298sys32_gettimeofday(struct compat_timeval *tv, struct timezone *tz) 299sys32_gettimeofday(struct compat_timeval __user *tv, struct timezone __user *tz)
299{ 300{
300 if (tv) { 301 if (tv) {
301 struct timeval ktv; 302 struct timeval ktv;
@@ -310,7 +311,7 @@ sys32_gettimeofday(struct compat_timeval *tv, struct timezone *tz)
310 return 0; 311 return 0;
311} 312}
312 313
313static inline long get_ts32(struct timespec *o, struct compat_timeval *i) 314static inline long get_ts32(struct timespec *o, struct compat_timeval __user *i)
314{ 315{
315 long usec; 316 long usec;
316 317
@@ -325,7 +326,7 @@ static inline long get_ts32(struct timespec *o, struct compat_timeval *i)
325} 326}
326 327
327asmlinkage int 328asmlinkage int
328sys32_settimeofday(struct compat_timeval *tv, struct timezone *tz) 329sys32_settimeofday(struct compat_timeval __user *tv, struct timezone __user *tz)
329{ 330{
330 struct timespec kts; 331 struct timespec kts;
331 struct timezone ktz; 332 struct timezone ktz;
@@ -343,7 +344,7 @@ sys32_settimeofday(struct compat_timeval *tv, struct timezone *tz)
343} 344}
344 345
345asmlinkage int sys32_llseek(unsigned int fd, unsigned int offset_high, 346asmlinkage int sys32_llseek(unsigned int fd, unsigned int offset_high,
346 unsigned int offset_low, loff_t * result, 347 unsigned int offset_low, loff_t __user * result,
347 unsigned int origin) 348 unsigned int origin)
348{ 349{
349 return sys_llseek(fd, offset_high, offset_low, result, origin); 350 return sys_llseek(fd, offset_high, offset_low, result, origin);
@@ -353,12 +354,12 @@ asmlinkage int sys32_llseek(unsigned int fd, unsigned int offset_high,
353 lseek back to original location. They fail just like lseek does on 354 lseek back to original location. They fail just like lseek does on
354 non-seekable files. */ 355 non-seekable files. */
355 356
356asmlinkage ssize_t sys32_pread(unsigned int fd, char * buf, 357asmlinkage ssize_t sys32_pread(unsigned int fd, char __user * buf,
357 size_t count, u32 unused, u64 a4, u64 a5) 358 size_t count, u32 unused, u64 a4, u64 a5)
358{ 359{
359 ssize_t ret; 360 ssize_t ret;
360 struct file * file; 361 struct file * file;
361 ssize_t (*read)(struct file *, char *, size_t, loff_t *); 362 ssize_t (*read)(struct file *, char __user *, size_t, loff_t *);
362 loff_t pos; 363 loff_t pos;
363 364
364 ret = -EBADF; 365 ret = -EBADF;
@@ -388,12 +389,12 @@ bad_file:
388 return ret; 389 return ret;
389} 390}
390 391
391asmlinkage ssize_t sys32_pwrite(unsigned int fd, const char * buf, 392asmlinkage ssize_t sys32_pwrite(unsigned int fd, const char __user * buf,
392 size_t count, u32 unused, u64 a4, u64 a5) 393 size_t count, u32 unused, u64 a4, u64 a5)
393{ 394{
394 ssize_t ret; 395 ssize_t ret;
395 struct file * file; 396 struct file * file;
396 ssize_t (*write)(struct file *, const char *, size_t, loff_t *); 397 ssize_t (*write)(struct file *, const char __user *, size_t, loff_t *);
397 loff_t pos; 398 loff_t pos;
398 399
399 ret = -EBADF; 400 ret = -EBADF;
@@ -426,14 +427,14 @@ bad_file:
426} 427}
427 428
428asmlinkage int sys32_sched_rr_get_interval(compat_pid_t pid, 429asmlinkage int sys32_sched_rr_get_interval(compat_pid_t pid,
429 struct compat_timespec *interval) 430 struct compat_timespec __user *interval)
430{ 431{
431 struct timespec t; 432 struct timespec t;
432 int ret; 433 int ret;
433 mm_segment_t old_fs = get_fs (); 434 mm_segment_t old_fs = get_fs ();
434 435
435 set_fs (KERNEL_DS); 436 set_fs (KERNEL_DS);
436 ret = sys_sched_rr_get_interval(pid, &t); 437 ret = sys_sched_rr_get_interval(pid, (struct timespec __user *)&t);
437 set_fs (old_fs); 438 set_fs (old_fs);
438 if (put_user (t.tv_sec, &interval->tv_sec) || 439 if (put_user (t.tv_sec, &interval->tv_sec) ||
439 __put_user (t.tv_nsec, &interval->tv_nsec)) 440 __put_user (t.tv_nsec, &interval->tv_nsec))
@@ -551,7 +552,7 @@ struct ipc_kludge32 {
551}; 552};
552 553
553static int 554static int
554do_sys32_semctl(int first, int second, int third, void *uptr) 555do_sys32_semctl(int first, int second, int third, void __user *uptr)
555{ 556{
556 union semun fourth; 557 union semun fourth;
557 u32 pad; 558 u32 pad;
@@ -562,12 +563,12 @@ do_sys32_semctl(int first, int second, int third, void *uptr)
562 if (!uptr) 563 if (!uptr)
563 return -EINVAL; 564 return -EINVAL;
564 err = -EFAULT; 565 err = -EFAULT;
565 if (get_user (pad, (u32 *)uptr)) 566 if (get_user (pad, (u32 __user *)uptr))
566 return err; 567 return err;
567 if ((third & ~IPC_64) == SETVAL) 568 if ((third & ~IPC_64) == SETVAL)
568 fourth.val = (int)pad; 569 fourth.val = (int)pad;
569 else 570 else
570 fourth.__pad = (void *)A(pad); 571 fourth.__pad = (void __user *)A(pad);
571 switch (third & ~IPC_64) { 572 switch (third & ~IPC_64) {
572 case IPC_INFO: 573 case IPC_INFO:
573 case IPC_RMID: 574 case IPC_RMID:
@@ -585,14 +586,14 @@ do_sys32_semctl(int first, int second, int third, void *uptr)
585 586
586 case IPC_STAT: 587 case IPC_STAT:
587 case SEM_STAT: 588 case SEM_STAT:
588 fourth.__pad = &s; 589 fourth.__pad = (struct semid64_ds __user *)&s;
589 old_fs = get_fs(); 590 old_fs = get_fs();
590 set_fs(KERNEL_DS); 591 set_fs(KERNEL_DS);
591 err = sys_semctl(first, second, third | IPC_64, fourth); 592 err = sys_semctl(first, second, third | IPC_64, fourth);
592 set_fs(old_fs); 593 set_fs(old_fs);
593 594
594 if (third & IPC_64) { 595 if (third & IPC_64) {
595 struct semid64_ds32 *usp64 = (struct semid64_ds32 *) A(pad); 596 struct semid64_ds32 __user *usp64 = (struct semid64_ds32 __user *) A(pad);
596 597
597 if (!access_ok(VERIFY_WRITE, usp64, sizeof(*usp64))) { 598 if (!access_ok(VERIFY_WRITE, usp64, sizeof(*usp64))) {
598 err = -EFAULT; 599 err = -EFAULT;
@@ -609,7 +610,7 @@ do_sys32_semctl(int first, int second, int third, void *uptr)
609 err2 |= __put_user(s.sem_ctime, &usp64->sem_ctime); 610 err2 |= __put_user(s.sem_ctime, &usp64->sem_ctime);
610 err2 |= __put_user(s.sem_nsems, &usp64->sem_nsems); 611 err2 |= __put_user(s.sem_nsems, &usp64->sem_nsems);
611 } else { 612 } else {
612 struct semid_ds32 *usp32 = (struct semid_ds32 *) A(pad); 613 struct semid_ds32 __user *usp32 = (struct semid_ds32 __user *) A(pad);
613 614
614 if (!access_ok(VERIFY_WRITE, usp32, sizeof(*usp32))) { 615 if (!access_ok(VERIFY_WRITE, usp32, sizeof(*usp32))) {
615 err = -EFAULT; 616 err = -EFAULT;
@@ -639,9 +640,9 @@ do_sys32_semctl(int first, int second, int third, void *uptr)
639} 640}
640 641
641static int 642static int
642do_sys32_msgsnd (int first, int second, int third, void *uptr) 643do_sys32_msgsnd (int first, int second, int third, void __user *uptr)
643{ 644{
644 struct msgbuf32 *up = (struct msgbuf32 *)uptr; 645 struct msgbuf32 __user *up = (struct msgbuf32 __user *)uptr;
645 struct msgbuf *p; 646 struct msgbuf *p;
646 mm_segment_t old_fs; 647 mm_segment_t old_fs;
647 int err; 648 int err;
@@ -660,7 +661,7 @@ do_sys32_msgsnd (int first, int second, int third, void *uptr)
660 goto out; 661 goto out;
661 old_fs = get_fs (); 662 old_fs = get_fs ();
662 set_fs (KERNEL_DS); 663 set_fs (KERNEL_DS);
663 err = sys_msgsnd (first, p, second, third); 664 err = sys_msgsnd (first, (struct msgbuf __user *)p, second, third);
664 set_fs (old_fs); 665 set_fs (old_fs);
665out: 666out:
666 kfree (p); 667 kfree (p);
@@ -670,15 +671,15 @@ out:
670 671
671static int 672static int
672do_sys32_msgrcv (int first, int second, int msgtyp, int third, 673do_sys32_msgrcv (int first, int second, int msgtyp, int third,
673 int version, void *uptr) 674 int version, void __user *uptr)
674{ 675{
675 struct msgbuf32 *up; 676 struct msgbuf32 __user *up;
676 struct msgbuf *p; 677 struct msgbuf *p;
677 mm_segment_t old_fs; 678 mm_segment_t old_fs;
678 int err; 679 int err;
679 680
680 if (!version) { 681 if (!version) {
681 struct ipc_kludge32 *uipck = (struct ipc_kludge32 *)uptr; 682 struct ipc_kludge32 __user *uipck = (struct ipc_kludge32 __user *)uptr;
682 struct ipc_kludge32 ipck; 683 struct ipc_kludge32 ipck;
683 684
684 err = -EINVAL; 685 err = -EINVAL;
@@ -687,7 +688,7 @@ do_sys32_msgrcv (int first, int second, int msgtyp, int third,
687 err = -EFAULT; 688 err = -EFAULT;
688 if (copy_from_user (&ipck, uipck, sizeof (struct ipc_kludge32))) 689 if (copy_from_user (&ipck, uipck, sizeof (struct ipc_kludge32)))
689 goto out; 690 goto out;
690 uptr = (void *)AA(ipck.msgp); 691 uptr = (void __user *)AA(ipck.msgp);
691 msgtyp = ipck.msgtyp; 692 msgtyp = ipck.msgtyp;
692 } 693 }
693 694
@@ -699,11 +700,11 @@ do_sys32_msgrcv (int first, int second, int msgtyp, int third,
699 goto out; 700 goto out;
700 old_fs = get_fs (); 701 old_fs = get_fs ();
701 set_fs (KERNEL_DS); 702 set_fs (KERNEL_DS);
702 err = sys_msgrcv (first, p, second + 4, msgtyp, third); 703 err = sys_msgrcv (first, (struct msgbuf __user *)p, second + 4, msgtyp, third);
703 set_fs (old_fs); 704 set_fs (old_fs);
704 if (err < 0) 705 if (err < 0)
705 goto free_then_out; 706 goto free_then_out;
706 up = (struct msgbuf32 *)uptr; 707 up = (struct msgbuf32 __user *)uptr;
707 if (put_user (p->mtype, &up->mtype) || 708 if (put_user (p->mtype, &up->mtype) ||
708 __copy_to_user (&up->mtext, p->mtext, err)) 709 __copy_to_user (&up->mtext, p->mtext, err))
709 err = -EFAULT; 710 err = -EFAULT;
@@ -714,19 +715,19 @@ out:
714} 715}
715 716
716static int 717static int
717do_sys32_msgctl (int first, int second, void *uptr) 718do_sys32_msgctl (int first, int second, void __user *uptr)
718{ 719{
719 int err = -EINVAL, err2; 720 int err = -EINVAL, err2;
720 struct msqid64_ds m; 721 struct msqid64_ds m;
721 struct msqid_ds32 *up32 = (struct msqid_ds32 *)uptr; 722 struct msqid_ds32 __user *up32 = (struct msqid_ds32 __user *)uptr;
722 struct msqid64_ds32 *up64 = (struct msqid64_ds32 *)uptr; 723 struct msqid64_ds32 __user *up64 = (struct msqid64_ds32 __user *)uptr;
723 mm_segment_t old_fs; 724 mm_segment_t old_fs;
724 725
725 switch (second & ~IPC_64) { 726 switch (second & ~IPC_64) {
726 case IPC_INFO: 727 case IPC_INFO:
727 case IPC_RMID: 728 case IPC_RMID:
728 case MSG_INFO: 729 case MSG_INFO:
729 err = sys_msgctl (first, second, (struct msqid_ds *)uptr); 730 err = sys_msgctl (first, second, (struct msqid_ds __user *)uptr);
730 break; 731 break;
731 732
732 case IPC_SET: 733 case IPC_SET:
@@ -753,7 +754,7 @@ do_sys32_msgctl (int first, int second, void *uptr)
753 break; 754 break;
754 old_fs = get_fs(); 755 old_fs = get_fs();
755 set_fs(KERNEL_DS); 756 set_fs(KERNEL_DS);
756 err = sys_msgctl(first, second | IPC_64, (struct msqid_ds *)&m); 757 err = sys_msgctl(first, second | IPC_64, (struct msqid_ds __user *)&m);
757 set_fs(old_fs); 758 set_fs(old_fs);
758 break; 759 break;
759 760
@@ -761,7 +762,7 @@ do_sys32_msgctl (int first, int second, void *uptr)
761 case MSG_STAT: 762 case MSG_STAT:
762 old_fs = get_fs(); 763 old_fs = get_fs();
763 set_fs(KERNEL_DS); 764 set_fs(KERNEL_DS);
764 err = sys_msgctl(first, second | IPC_64, (struct msqid_ds *)&m); 765 err = sys_msgctl(first, second | IPC_64, (struct msqid_ds __user *)&m);
765 set_fs(old_fs); 766 set_fs(old_fs);
766 if (second & IPC_64) { 767 if (second & IPC_64) {
767 if (!access_ok(VERIFY_WRITE, up64, sizeof(*up64))) { 768 if (!access_ok(VERIFY_WRITE, up64, sizeof(*up64))) {
@@ -815,10 +816,10 @@ do_sys32_msgctl (int first, int second, void *uptr)
815} 816}
816 817
817static int 818static int
818do_sys32_shmat (int first, int second, int third, int version, void *uptr) 819do_sys32_shmat (int first, int second, int third, int version, void __user *uptr)
819{ 820{
820 unsigned long raddr; 821 unsigned long raddr;
821 u32 *uaddr = (u32 *)A((u32)third); 822 u32 __user *uaddr = (u32 __user *)A((u32)third);
822 int err = -EINVAL; 823 int err = -EINVAL;
823 824
824 if (version == 1) 825 if (version == 1)
@@ -837,11 +838,11 @@ struct shm_info32 {
837}; 838};
838 839
839static int 840static int
840do_sys32_shmctl (int first, int second, void *uptr) 841do_sys32_shmctl (int first, int second, void __user *uptr)
841{ 842{
842 struct shmid64_ds32 *up64 = (struct shmid64_ds32 *)uptr; 843 struct shmid64_ds32 __user *up64 = (struct shmid64_ds32 __user *)uptr;
843 struct shmid_ds32 *up32 = (struct shmid_ds32 *)uptr; 844 struct shmid_ds32 __user *up32 = (struct shmid_ds32 __user *)uptr;
844 struct shm_info32 *uip = (struct shm_info32 *)uptr; 845 struct shm_info32 __user *uip = (struct shm_info32 __user *)uptr;
845 int err = -EFAULT, err2; 846 int err = -EFAULT, err2;
846 struct shmid64_ds s64; 847 struct shmid64_ds s64;
847 mm_segment_t old_fs; 848 mm_segment_t old_fs;
@@ -854,7 +855,7 @@ do_sys32_shmctl (int first, int second, void *uptr)
854 case IPC_RMID: 855 case IPC_RMID:
855 case SHM_LOCK: 856 case SHM_LOCK:
856 case SHM_UNLOCK: 857 case SHM_UNLOCK:
857 err = sys_shmctl(first, second, (struct shmid_ds *)uptr); 858 err = sys_shmctl(first, second, (struct shmid_ds __user *)uptr);
858 break; 859 break;
859 case IPC_SET: 860 case IPC_SET:
860 if (second & IPC_64) { 861 if (second & IPC_64) {
@@ -870,7 +871,7 @@ do_sys32_shmctl (int first, int second, void *uptr)
870 break; 871 break;
871 old_fs = get_fs(); 872 old_fs = get_fs();
872 set_fs(KERNEL_DS); 873 set_fs(KERNEL_DS);
873 err = sys_shmctl(first, second & ~IPC_64, &s); 874 err = sys_shmctl(first, second & ~IPC_64, (struct shmid_ds __user *)&s);
874 set_fs(old_fs); 875 set_fs(old_fs);
875 break; 876 break;
876 877
@@ -878,7 +879,7 @@ do_sys32_shmctl (int first, int second, void *uptr)
878 case SHM_STAT: 879 case SHM_STAT:
879 old_fs = get_fs(); 880 old_fs = get_fs();
880 set_fs(KERNEL_DS); 881 set_fs(KERNEL_DS);
881 err = sys_shmctl(first, second | IPC_64, (void *) &s64); 882 err = sys_shmctl(first, second | IPC_64, (void __user *) &s64);
882 set_fs(old_fs); 883 set_fs(old_fs);
883 if (err < 0) 884 if (err < 0)
884 break; 885 break;
@@ -928,7 +929,7 @@ do_sys32_shmctl (int first, int second, void *uptr)
928 case SHM_INFO: 929 case SHM_INFO:
929 old_fs = get_fs(); 930 old_fs = get_fs();
930 set_fs(KERNEL_DS); 931 set_fs(KERNEL_DS);
931 err = sys_shmctl(first, second, (void *)&si); 932 err = sys_shmctl(first, second, (void __user *)&si);
932 set_fs(old_fs); 933 set_fs(old_fs);
933 if (err < 0) 934 if (err < 0)
934 break; 935 break;
@@ -950,11 +951,11 @@ do_sys32_shmctl (int first, int second, void *uptr)
950 return err; 951 return err;
951} 952}
952 953
953static int sys32_semtimedop(int semid, struct sembuf *tsems, int nsems, 954static int sys32_semtimedop(int semid, struct sembuf __user *tsems, int nsems,
954 const struct compat_timespec *timeout32) 955 const struct compat_timespec __user *timeout32)
955{ 956{
956 struct compat_timespec t32; 957 struct compat_timespec t32;
957 struct timespec *t64 = compat_alloc_user_space(sizeof(*t64)); 958 struct timespec __user *t64 = compat_alloc_user_space(sizeof(*t64));
958 959
959 if (copy_from_user(&t32, timeout32, sizeof(t32))) 960 if (copy_from_user(&t32, timeout32, sizeof(t32)))
960 return -EFAULT; 961 return -EFAULT;
@@ -977,11 +978,11 @@ sys32_ipc (u32 call, int first, int second, int third, u32 ptr, u32 fifth)
977 switch (call) { 978 switch (call) {
978 case SEMOP: 979 case SEMOP:
979 /* struct sembuf is the same on 32 and 64bit :)) */ 980 /* struct sembuf is the same on 32 and 64bit :)) */
980 err = sys_semtimedop (first, (struct sembuf *)AA(ptr), second, 981 err = sys_semtimedop (first, (struct sembuf __user *)AA(ptr), second,
981 NULL); 982 NULL);
982 break; 983 break;
983 case SEMTIMEDOP: 984 case SEMTIMEDOP:
984 err = sys32_semtimedop (first, (struct sembuf *)AA(ptr), second, 985 err = sys32_semtimedop (first, (struct sembuf __user *)AA(ptr), second,
985 (const struct compat_timespec __user *)AA(fifth)); 986 (const struct compat_timespec __user *)AA(fifth));
986 break; 987 break;
987 case SEMGET: 988 case SEMGET:
@@ -989,36 +990,36 @@ sys32_ipc (u32 call, int first, int second, int third, u32 ptr, u32 fifth)
989 break; 990 break;
990 case SEMCTL: 991 case SEMCTL:
991 err = do_sys32_semctl (first, second, third, 992 err = do_sys32_semctl (first, second, third,
992 (void *)AA(ptr)); 993 (void __user *)AA(ptr));
993 break; 994 break;
994 995
995 case MSGSND: 996 case MSGSND:
996 err = do_sys32_msgsnd (first, second, third, 997 err = do_sys32_msgsnd (first, second, third,
997 (void *)AA(ptr)); 998 (void __user *)AA(ptr));
998 break; 999 break;
999 case MSGRCV: 1000 case MSGRCV:
1000 err = do_sys32_msgrcv (first, second, fifth, third, 1001 err = do_sys32_msgrcv (first, second, fifth, third,
1001 version, (void *)AA(ptr)); 1002 version, (void __user *)AA(ptr));
1002 break; 1003 break;
1003 case MSGGET: 1004 case MSGGET:
1004 err = sys_msgget ((key_t) first, second); 1005 err = sys_msgget ((key_t) first, second);
1005 break; 1006 break;
1006 case MSGCTL: 1007 case MSGCTL:
1007 err = do_sys32_msgctl (first, second, (void *)AA(ptr)); 1008 err = do_sys32_msgctl (first, second, (void __user *)AA(ptr));
1008 break; 1009 break;
1009 1010
1010 case SHMAT: 1011 case SHMAT:
1011 err = do_sys32_shmat (first, second, third, 1012 err = do_sys32_shmat (first, second, third,
1012 version, (void *)AA(ptr)); 1013 version, (void __user *)AA(ptr));
1013 break; 1014 break;
1014 case SHMDT: 1015 case SHMDT:
1015 err = sys_shmdt ((char *)A(ptr)); 1016 err = sys_shmdt ((char __user *)A(ptr));
1016 break; 1017 break;
1017 case SHMGET: 1018 case SHMGET:
1018 err = sys_shmget (first, (unsigned)second, third); 1019 err = sys_shmget (first, (unsigned)second, third);
1019 break; 1020 break;
1020 case SHMCTL: 1021 case SHMCTL:
1021 err = do_sys32_shmctl (first, second, (void *)AA(ptr)); 1022 err = do_sys32_shmctl (first, second, (void __user *)AA(ptr));
1022 break; 1023 break;
1023 default: 1024 default:
1024 err = -EINVAL; 1025 err = -EINVAL;
@@ -1029,7 +1030,7 @@ sys32_ipc (u32 call, int first, int second, int third, u32 ptr, u32 fifth)
1029} 1030}
1030 1031
1031asmlinkage long sys32_shmat(int shmid, char __user *shmaddr, 1032asmlinkage long sys32_shmat(int shmid, char __user *shmaddr,
1032 int shmflg, int32_t *addr) 1033 int shmflg, int32_t __user *addr)
1033{ 1034{
1034 unsigned long raddr; 1035 unsigned long raddr;
1035 int err; 1036 int err;
@@ -1054,12 +1055,13 @@ struct sysctl_args32
1054 1055
1055#ifdef CONFIG_SYSCTL 1056#ifdef CONFIG_SYSCTL
1056 1057
1057asmlinkage long sys32_sysctl(struct sysctl_args32 *args) 1058asmlinkage long sys32_sysctl(struct sysctl_args32 __user *args)
1058{ 1059{
1059 struct sysctl_args32 tmp; 1060 struct sysctl_args32 tmp;
1060 int error; 1061 int error;
1061 size_t oldlen, *oldlenp = NULL; 1062 size_t oldlen;
1062 unsigned long addr = (((long)&args->__unused[0]) + 7) & ~7; 1063 size_t __user *oldlenp = NULL;
1064 unsigned long addr = (((unsigned long)&args->__unused[0]) + 7) & ~7;
1063 1065
1064 if (copy_from_user(&tmp, args, sizeof(tmp))) 1066 if (copy_from_user(&tmp, args, sizeof(tmp)))
1065 return -EFAULT; 1067 return -EFAULT;
@@ -1071,20 +1073,20 @@ asmlinkage long sys32_sysctl(struct sysctl_args32 *args)
1071 basically copy the whole sysctl.c here, and 1073 basically copy the whole sysctl.c here, and
1072 glibc's __sysctl uses rw memory for the structure 1074 glibc's __sysctl uses rw memory for the structure
1073 anyway. */ 1075 anyway. */
1074 if (get_user(oldlen, (u32 *)A(tmp.oldlenp)) || 1076 if (get_user(oldlen, (u32 __user *)A(tmp.oldlenp)) ||
1075 put_user(oldlen, (size_t *)addr)) 1077 put_user(oldlen, (size_t __user *)addr))
1076 return -EFAULT; 1078 return -EFAULT;
1077 oldlenp = (size_t *)addr; 1079 oldlenp = (size_t __user *)addr;
1078 } 1080 }
1079 1081
1080 lock_kernel(); 1082 lock_kernel();
1081 error = do_sysctl((int *)A(tmp.name), tmp.nlen, (void *)A(tmp.oldval), 1083 error = do_sysctl((int __user *)A(tmp.name), tmp.nlen, (void __user *)A(tmp.oldval),
1082 oldlenp, (void *)A(tmp.newval), tmp.newlen); 1084 oldlenp, (void __user *)A(tmp.newval), tmp.newlen);
1083 unlock_kernel(); 1085 unlock_kernel();
1084 if (oldlenp) { 1086 if (oldlenp) {
1085 if (!error) { 1087 if (!error) {
1086 if (get_user(oldlen, (size_t *)addr) || 1088 if (get_user(oldlen, (size_t __user *)addr) ||
1087 put_user(oldlen, (u32 *)A(tmp.oldlenp))) 1089 put_user(oldlen, (u32 __user *)A(tmp.oldlenp)))
1088 error = -EFAULT; 1090 error = -EFAULT;
1089 } 1091 }
1090 copy_to_user(args->__unused, tmp.__unused, sizeof(tmp.__unused)); 1092 copy_to_user(args->__unused, tmp.__unused, sizeof(tmp.__unused));
@@ -1094,7 +1096,7 @@ asmlinkage long sys32_sysctl(struct sysctl_args32 *args)
1094 1096
1095#endif /* CONFIG_SYSCTL */ 1097#endif /* CONFIG_SYSCTL */
1096 1098
1097asmlinkage long sys32_newuname(struct new_utsname * name) 1099asmlinkage long sys32_newuname(struct new_utsname __user * name)
1098{ 1100{
1099 int ret = 0; 1101 int ret = 0;
1100 1102
@@ -1129,9 +1131,9 @@ struct ustat32 {
1129 char f_fpack[6]; 1131 char f_fpack[6];
1130}; 1132};
1131 1133
1132extern asmlinkage long sys_ustat(dev_t dev, struct ustat * ubuf); 1134extern asmlinkage long sys_ustat(dev_t dev, struct ustat __user * ubuf);
1133 1135
1134asmlinkage int sys32_ustat(dev_t dev, struct ustat32 * ubuf32) 1136asmlinkage int sys32_ustat(dev_t dev, struct ustat32 __user * ubuf32)
1135{ 1137{
1136 int err; 1138 int err;
1137 struct ustat tmp; 1139 struct ustat tmp;
@@ -1139,7 +1141,7 @@ asmlinkage int sys32_ustat(dev_t dev, struct ustat32 * ubuf32)
1139 mm_segment_t old_fs = get_fs(); 1141 mm_segment_t old_fs = get_fs();
1140 1142
1141 set_fs(KERNEL_DS); 1143 set_fs(KERNEL_DS);
1142 err = sys_ustat(dev, &tmp); 1144 err = sys_ustat(dev, (struct ustat __user *)&tmp);
1143 set_fs (old_fs); 1145 set_fs (old_fs);
1144 1146
1145 if (err) 1147 if (err)
@@ -1172,7 +1174,7 @@ struct timex32 {
1172 1174
1173extern int do_adjtimex(struct timex *); 1175extern int do_adjtimex(struct timex *);
1174 1176
1175asmlinkage int sys32_adjtimex(struct timex32 *utp) 1177asmlinkage int sys32_adjtimex(struct timex32 __user *utp)
1176{ 1178{
1177 struct timex txc; 1179 struct timex txc;
1178 int ret; 1180 int ret;
@@ -1228,7 +1230,7 @@ asmlinkage int sys32_adjtimex(struct timex32 *utp)
1228 return ret; 1230 return ret;
1229} 1231}
1230 1232
1231asmlinkage int sys32_sendfile(int out_fd, int in_fd, compat_off_t *offset, 1233asmlinkage int sys32_sendfile(int out_fd, int in_fd, compat_off_t __user *offset,
1232 s32 count) 1234 s32 count)
1233{ 1235{
1234 mm_segment_t old_fs = get_fs(); 1236 mm_segment_t old_fs = get_fs();
@@ -1239,7 +1241,7 @@ asmlinkage int sys32_sendfile(int out_fd, int in_fd, compat_off_t *offset,
1239 return -EFAULT; 1241 return -EFAULT;
1240 1242
1241 set_fs(KERNEL_DS); 1243 set_fs(KERNEL_DS);
1242 ret = sys_sendfile(out_fd, in_fd, offset ? &of : NULL, count); 1244 ret = sys_sendfile(out_fd, in_fd, offset ? (off_t __user *)&of : NULL, count);
1243 set_fs(old_fs); 1245 set_fs(old_fs);
1244 1246
1245 if (offset && put_user(of, offset)) 1247 if (offset && put_user(of, offset))
@@ -1269,7 +1271,7 @@ static unsigned char socketcall_nargs[18]={AL(0),AL(3),AL(3),AL(3),AL(2),AL(3),
1269 * it is set by the callees. 1271 * it is set by the callees.
1270 */ 1272 */
1271 1273
1272asmlinkage long sys32_socketcall(int call, unsigned int *args32) 1274asmlinkage long sys32_socketcall(int call, unsigned int __user *args32)
1273{ 1275{
1274 unsigned int a[6]; 1276 unsigned int a[6];
1275 unsigned int a0,a1; 1277 unsigned int a0,a1;
@@ -1291,7 +1293,7 @@ asmlinkage long sys32_socketcall(int call, unsigned int *args32)
1291 struct sockaddr __user *addr, int __user *addr_len); 1293 struct sockaddr __user *addr, int __user *addr_len);
1292 extern asmlinkage long sys_shutdown(int fd, int how); 1294 extern asmlinkage long sys_shutdown(int fd, int how);
1293 extern asmlinkage long sys_setsockopt(int fd, int level, int optname, char __user *optval, int optlen); 1295 extern asmlinkage long sys_setsockopt(int fd, int level, int optname, char __user *optval, int optlen);
1294 extern asmlinkage long sys_getsockopt(int fd, int level, int optname, char __user *optval, int *optlen); 1296 extern asmlinkage long sys_getsockopt(int fd, int level, int optname, char __user *optval, int __user *optlen);
1295 extern asmlinkage long sys_sendmsg(int fd, struct msghdr __user *msg, unsigned flags); 1297 extern asmlinkage long sys_sendmsg(int fd, struct msghdr __user *msg, unsigned flags);
1296 extern asmlinkage long sys_recvmsg(int fd, struct msghdr __user *msg, unsigned int flags); 1298 extern asmlinkage long sys_recvmsg(int fd, struct msghdr __user *msg, unsigned int flags);
1297 1299
@@ -1411,7 +1413,7 @@ _sys32_clone(nabi_no_regargs struct pt_regs regs)
1411 newsp = regs.regs[5]; 1413 newsp = regs.regs[5];
1412 if (!newsp) 1414 if (!newsp)
1413 newsp = regs.regs[29]; 1415 newsp = regs.regs[29];
1414 parent_tidptr = (int *) regs.regs[6]; 1416 parent_tidptr = (int __user *) regs.regs[6];
1415 1417
1416 /* Use __dummy4 instead of getting it off the stack, so that 1418 /* Use __dummy4 instead of getting it off the stack, so that
1417 syscall() works. */ 1419 syscall() works. */
generated by cgit v1.2.2 (git 2.25.0) at 2025-10-22 02:42:58 -0400