diff options
Diffstat (limited to 'arch/mips/kernel/linux32.c')
-rw-r--r-- | arch/mips/kernel/linux32.c | 170 |
1 files changed, 87 insertions, 83 deletions
diff --git a/arch/mips/kernel/linux32.c b/arch/mips/kernel/linux32.c index 396592467da8..1e8d24823d39 100644 --- a/arch/mips/kernel/linux32.c +++ b/arch/mips/kernel/linux32.c | |||
@@ -69,7 +69,7 @@ | |||
69 | * Revalidate the inode. This is required for proper NFS attribute caching. | 69 | * Revalidate the inode. This is required for proper NFS attribute caching. |
70 | */ | 70 | */ |
71 | 71 | ||
72 | int cp_compat_stat(struct kstat *stat, struct compat_stat *statbuf) | 72 | int cp_compat_stat(struct kstat *stat, struct compat_stat __user *statbuf) |
73 | { | 73 | { |
74 | struct compat_stat tmp; | 74 | struct compat_stat tmp; |
75 | 75 | ||
@@ -125,7 +125,7 @@ out: | |||
125 | } | 125 | } |
126 | 126 | ||
127 | 127 | ||
128 | asmlinkage int sys_truncate64(const char *path, unsigned int high, | 128 | asmlinkage int sys_truncate64(const char __user *path, unsigned int high, |
129 | unsigned int low) | 129 | unsigned int low) |
130 | { | 130 | { |
131 | if ((int)high < 0) | 131 | if ((int)high < 0) |
@@ -169,6 +169,7 @@ sysn32_waitid(int which, compat_pid_t pid, | |||
169 | struct rusage ru; | 169 | struct rusage ru; |
170 | long ret; | 170 | long ret; |
171 | mm_segment_t old_fs = get_fs(); | 171 | mm_segment_t old_fs = get_fs(); |
172 | int si_signo; | ||
172 | 173 | ||
173 | if (!access_ok(VERIFY_WRITE, uinfo, sizeof(*uinfo))) | 174 | if (!access_ok(VERIFY_WRITE, uinfo, sizeof(*uinfo))) |
174 | return -EFAULT; | 175 | return -EFAULT; |
@@ -178,7 +179,9 @@ sysn32_waitid(int which, compat_pid_t pid, | |||
178 | uru ? (struct rusage __user *) &ru : NULL); | 179 | uru ? (struct rusage __user *) &ru : NULL); |
179 | set_fs (old_fs); | 180 | set_fs (old_fs); |
180 | 181 | ||
181 | if (ret < 0 || uinfo->si_signo == 0) | 182 | if (__get_user(si_signo, &uinfo->si_signo)) |
183 | return -EFAULT; | ||
184 | if (ret < 0 || si_signo == 0) | ||
182 | return ret; | 185 | return ret; |
183 | 186 | ||
184 | if (uru) | 187 | if (uru) |
@@ -202,14 +205,14 @@ struct sysinfo32 { | |||
202 | char _f[8]; | 205 | char _f[8]; |
203 | }; | 206 | }; |
204 | 207 | ||
205 | asmlinkage int sys32_sysinfo(struct sysinfo32 *info) | 208 | asmlinkage int sys32_sysinfo(struct sysinfo32 __user *info) |
206 | { | 209 | { |
207 | struct sysinfo s; | 210 | struct sysinfo s; |
208 | int ret, err; | 211 | int ret, err; |
209 | mm_segment_t old_fs = get_fs (); | 212 | mm_segment_t old_fs = get_fs (); |
210 | 213 | ||
211 | set_fs (KERNEL_DS); | 214 | set_fs (KERNEL_DS); |
212 | ret = sys_sysinfo(&s); | 215 | ret = sys_sysinfo((struct sysinfo __user *)&s); |
213 | set_fs (old_fs); | 216 | set_fs (old_fs); |
214 | err = put_user (s.uptime, &info->uptime); | 217 | err = put_user (s.uptime, &info->uptime); |
215 | err |= __put_user (s.loads[0], &info->loads[0]); | 218 | err |= __put_user (s.loads[0], &info->loads[0]); |
@@ -239,11 +242,11 @@ struct rlimit32 { | |||
239 | }; | 242 | }; |
240 | 243 | ||
241 | #ifdef __MIPSEB__ | 244 | #ifdef __MIPSEB__ |
242 | asmlinkage long sys32_truncate64(const char * path, unsigned long __dummy, | 245 | asmlinkage long sys32_truncate64(const char __user * path, unsigned long __dummy, |
243 | int length_hi, int length_lo) | 246 | int length_hi, int length_lo) |
244 | #endif | 247 | #endif |
245 | #ifdef __MIPSEL__ | 248 | #ifdef __MIPSEL__ |
246 | asmlinkage long sys32_truncate64(const char * path, unsigned long __dummy, | 249 | asmlinkage long sys32_truncate64(const char __user * path, unsigned long __dummy, |
247 | int length_lo, int length_hi) | 250 | int length_lo, int length_hi) |
248 | #endif | 251 | #endif |
249 | { | 252 | { |
@@ -271,7 +274,7 @@ asmlinkage long sys32_ftruncate64(unsigned int fd, unsigned long __dummy, | |||
271 | } | 274 | } |
272 | 275 | ||
273 | static inline long | 276 | static inline long |
274 | get_tv32(struct timeval *o, struct compat_timeval *i) | 277 | get_tv32(struct timeval *o, struct compat_timeval __user *i) |
275 | { | 278 | { |
276 | return (!access_ok(VERIFY_READ, i, sizeof(*i)) || | 279 | return (!access_ok(VERIFY_READ, i, sizeof(*i)) || |
277 | (__get_user(o->tv_sec, &i->tv_sec) | | 280 | (__get_user(o->tv_sec, &i->tv_sec) | |
@@ -279,7 +282,7 @@ get_tv32(struct timeval *o, struct compat_timeval *i) | |||
279 | } | 282 | } |
280 | 283 | ||
281 | static inline long | 284 | static inline long |
282 | put_tv32(struct compat_timeval *o, struct timeval *i) | 285 | put_tv32(struct compat_timeval __user *o, struct timeval *i) |
283 | { | 286 | { |
284 | return (!access_ok(VERIFY_WRITE, o, sizeof(*o)) || | 287 | return (!access_ok(VERIFY_WRITE, o, sizeof(*o)) || |
285 | (__put_user(i->tv_sec, &o->tv_sec) | | 288 | (__put_user(i->tv_sec, &o->tv_sec) | |
@@ -289,7 +292,7 @@ put_tv32(struct compat_timeval *o, struct timeval *i) | |||
289 | extern struct timezone sys_tz; | 292 | extern struct timezone sys_tz; |
290 | 293 | ||
291 | asmlinkage int | 294 | asmlinkage int |
292 | sys32_gettimeofday(struct compat_timeval *tv, struct timezone *tz) | 295 | sys32_gettimeofday(struct compat_timeval __user *tv, struct timezone __user *tz) |
293 | { | 296 | { |
294 | if (tv) { | 297 | if (tv) { |
295 | struct timeval ktv; | 298 | struct timeval ktv; |
@@ -304,7 +307,7 @@ sys32_gettimeofday(struct compat_timeval *tv, struct timezone *tz) | |||
304 | return 0; | 307 | return 0; |
305 | } | 308 | } |
306 | 309 | ||
307 | static inline long get_ts32(struct timespec *o, struct compat_timeval *i) | 310 | static inline long get_ts32(struct timespec *o, struct compat_timeval __user *i) |
308 | { | 311 | { |
309 | long usec; | 312 | long usec; |
310 | 313 | ||
@@ -319,7 +322,7 @@ static inline long get_ts32(struct timespec *o, struct compat_timeval *i) | |||
319 | } | 322 | } |
320 | 323 | ||
321 | asmlinkage int | 324 | asmlinkage int |
322 | sys32_settimeofday(struct compat_timeval *tv, struct timezone *tz) | 325 | sys32_settimeofday(struct compat_timeval __user *tv, struct timezone __user *tz) |
323 | { | 326 | { |
324 | struct timespec kts; | 327 | struct timespec kts; |
325 | struct timezone ktz; | 328 | struct timezone ktz; |
@@ -337,7 +340,7 @@ sys32_settimeofday(struct compat_timeval *tv, struct timezone *tz) | |||
337 | } | 340 | } |
338 | 341 | ||
339 | asmlinkage int sys32_llseek(unsigned int fd, unsigned int offset_high, | 342 | asmlinkage int sys32_llseek(unsigned int fd, unsigned int offset_high, |
340 | unsigned int offset_low, loff_t * result, | 343 | unsigned int offset_low, loff_t __user * result, |
341 | unsigned int origin) | 344 | unsigned int origin) |
342 | { | 345 | { |
343 | return sys_llseek(fd, offset_high, offset_low, result, origin); | 346 | return sys_llseek(fd, offset_high, offset_low, result, origin); |
@@ -347,12 +350,12 @@ asmlinkage int sys32_llseek(unsigned int fd, unsigned int offset_high, | |||
347 | lseek back to original location. They fail just like lseek does on | 350 | lseek back to original location. They fail just like lseek does on |
348 | non-seekable files. */ | 351 | non-seekable files. */ |
349 | 352 | ||
350 | asmlinkage ssize_t sys32_pread(unsigned int fd, char * buf, | 353 | asmlinkage ssize_t sys32_pread(unsigned int fd, char __user * buf, |
351 | size_t count, u32 unused, u64 a4, u64 a5) | 354 | size_t count, u32 unused, u64 a4, u64 a5) |
352 | { | 355 | { |
353 | ssize_t ret; | 356 | ssize_t ret; |
354 | struct file * file; | 357 | struct file * file; |
355 | ssize_t (*read)(struct file *, char *, size_t, loff_t *); | 358 | ssize_t (*read)(struct file *, char __user *, size_t, loff_t *); |
356 | loff_t pos; | 359 | loff_t pos; |
357 | 360 | ||
358 | ret = -EBADF; | 361 | ret = -EBADF; |
@@ -382,12 +385,12 @@ bad_file: | |||
382 | return ret; | 385 | return ret; |
383 | } | 386 | } |
384 | 387 | ||
385 | asmlinkage ssize_t sys32_pwrite(unsigned int fd, const char * buf, | 388 | asmlinkage ssize_t sys32_pwrite(unsigned int fd, const char __user * buf, |
386 | size_t count, u32 unused, u64 a4, u64 a5) | 389 | size_t count, u32 unused, u64 a4, u64 a5) |
387 | { | 390 | { |
388 | ssize_t ret; | 391 | ssize_t ret; |
389 | struct file * file; | 392 | struct file * file; |
390 | ssize_t (*write)(struct file *, const char *, size_t, loff_t *); | 393 | ssize_t (*write)(struct file *, const char __user *, size_t, loff_t *); |
391 | loff_t pos; | 394 | loff_t pos; |
392 | 395 | ||
393 | ret = -EBADF; | 396 | ret = -EBADF; |
@@ -420,14 +423,14 @@ bad_file: | |||
420 | } | 423 | } |
421 | 424 | ||
422 | asmlinkage int sys32_sched_rr_get_interval(compat_pid_t pid, | 425 | asmlinkage int sys32_sched_rr_get_interval(compat_pid_t pid, |
423 | struct compat_timespec *interval) | 426 | struct compat_timespec __user *interval) |
424 | { | 427 | { |
425 | struct timespec t; | 428 | struct timespec t; |
426 | int ret; | 429 | int ret; |
427 | mm_segment_t old_fs = get_fs (); | 430 | mm_segment_t old_fs = get_fs (); |
428 | 431 | ||
429 | set_fs (KERNEL_DS); | 432 | set_fs (KERNEL_DS); |
430 | ret = sys_sched_rr_get_interval(pid, &t); | 433 | ret = sys_sched_rr_get_interval(pid, (struct timespec __user *)&t); |
431 | set_fs (old_fs); | 434 | set_fs (old_fs); |
432 | if (put_user (t.tv_sec, &interval->tv_sec) || | 435 | if (put_user (t.tv_sec, &interval->tv_sec) || |
433 | __put_user (t.tv_nsec, &interval->tv_nsec)) | 436 | __put_user (t.tv_nsec, &interval->tv_nsec)) |
@@ -545,7 +548,7 @@ struct ipc_kludge32 { | |||
545 | }; | 548 | }; |
546 | 549 | ||
547 | static int | 550 | static int |
548 | do_sys32_semctl(int first, int second, int third, void *uptr) | 551 | do_sys32_semctl(int first, int second, int third, void __user *uptr) |
549 | { | 552 | { |
550 | union semun fourth; | 553 | union semun fourth; |
551 | u32 pad; | 554 | u32 pad; |
@@ -556,12 +559,12 @@ do_sys32_semctl(int first, int second, int third, void *uptr) | |||
556 | if (!uptr) | 559 | if (!uptr) |
557 | return -EINVAL; | 560 | return -EINVAL; |
558 | err = -EFAULT; | 561 | err = -EFAULT; |
559 | if (get_user (pad, (u32 *)uptr)) | 562 | if (get_user (pad, (u32 __user *)uptr)) |
560 | return err; | 563 | return err; |
561 | if ((third & ~IPC_64) == SETVAL) | 564 | if ((third & ~IPC_64) == SETVAL) |
562 | fourth.val = (int)pad; | 565 | fourth.val = (int)pad; |
563 | else | 566 | else |
564 | fourth.__pad = (void *)A(pad); | 567 | fourth.__pad = (void __user *)A(pad); |
565 | switch (third & ~IPC_64) { | 568 | switch (third & ~IPC_64) { |
566 | case IPC_INFO: | 569 | case IPC_INFO: |
567 | case IPC_RMID: | 570 | case IPC_RMID: |
@@ -579,14 +582,14 @@ do_sys32_semctl(int first, int second, int third, void *uptr) | |||
579 | 582 | ||
580 | case IPC_STAT: | 583 | case IPC_STAT: |
581 | case SEM_STAT: | 584 | case SEM_STAT: |
582 | fourth.__pad = &s; | 585 | fourth.__pad = (struct semid64_ds __user *)&s; |
583 | old_fs = get_fs(); | 586 | old_fs = get_fs(); |
584 | set_fs(KERNEL_DS); | 587 | set_fs(KERNEL_DS); |
585 | err = sys_semctl(first, second, third | IPC_64, fourth); | 588 | err = sys_semctl(first, second, third | IPC_64, fourth); |
586 | set_fs(old_fs); | 589 | set_fs(old_fs); |
587 | 590 | ||
588 | if (third & IPC_64) { | 591 | if (third & IPC_64) { |
589 | struct semid64_ds32 *usp64 = (struct semid64_ds32 *) A(pad); | 592 | struct semid64_ds32 __user *usp64 = (struct semid64_ds32 __user *) A(pad); |
590 | 593 | ||
591 | if (!access_ok(VERIFY_WRITE, usp64, sizeof(*usp64))) { | 594 | if (!access_ok(VERIFY_WRITE, usp64, sizeof(*usp64))) { |
592 | err = -EFAULT; | 595 | err = -EFAULT; |
@@ -603,7 +606,7 @@ do_sys32_semctl(int first, int second, int third, void *uptr) | |||
603 | err2 |= __put_user(s.sem_ctime, &usp64->sem_ctime); | 606 | err2 |= __put_user(s.sem_ctime, &usp64->sem_ctime); |
604 | err2 |= __put_user(s.sem_nsems, &usp64->sem_nsems); | 607 | err2 |= __put_user(s.sem_nsems, &usp64->sem_nsems); |
605 | } else { | 608 | } else { |
606 | struct semid_ds32 *usp32 = (struct semid_ds32 *) A(pad); | 609 | struct semid_ds32 __user *usp32 = (struct semid_ds32 __user *) A(pad); |
607 | 610 | ||
608 | if (!access_ok(VERIFY_WRITE, usp32, sizeof(*usp32))) { | 611 | if (!access_ok(VERIFY_WRITE, usp32, sizeof(*usp32))) { |
609 | err = -EFAULT; | 612 | err = -EFAULT; |
@@ -633,9 +636,9 @@ do_sys32_semctl(int first, int second, int third, void *uptr) | |||
633 | } | 636 | } |
634 | 637 | ||
635 | static int | 638 | static int |
636 | do_sys32_msgsnd (int first, int second, int third, void *uptr) | 639 | do_sys32_msgsnd (int first, int second, int third, void __user *uptr) |
637 | { | 640 | { |
638 | struct msgbuf32 *up = (struct msgbuf32 *)uptr; | 641 | struct msgbuf32 __user *up = (struct msgbuf32 __user *)uptr; |
639 | struct msgbuf *p; | 642 | struct msgbuf *p; |
640 | mm_segment_t old_fs; | 643 | mm_segment_t old_fs; |
641 | int err; | 644 | int err; |
@@ -654,7 +657,7 @@ do_sys32_msgsnd (int first, int second, int third, void *uptr) | |||
654 | goto out; | 657 | goto out; |
655 | old_fs = get_fs (); | 658 | old_fs = get_fs (); |
656 | set_fs (KERNEL_DS); | 659 | set_fs (KERNEL_DS); |
657 | err = sys_msgsnd (first, p, second, third); | 660 | err = sys_msgsnd (first, (struct msgbuf __user *)p, second, third); |
658 | set_fs (old_fs); | 661 | set_fs (old_fs); |
659 | out: | 662 | out: |
660 | kfree (p); | 663 | kfree (p); |
@@ -664,15 +667,15 @@ out: | |||
664 | 667 | ||
665 | static int | 668 | static int |
666 | do_sys32_msgrcv (int first, int second, int msgtyp, int third, | 669 | do_sys32_msgrcv (int first, int second, int msgtyp, int third, |
667 | int version, void *uptr) | 670 | int version, void __user *uptr) |
668 | { | 671 | { |
669 | struct msgbuf32 *up; | 672 | struct msgbuf32 __user *up; |
670 | struct msgbuf *p; | 673 | struct msgbuf *p; |
671 | mm_segment_t old_fs; | 674 | mm_segment_t old_fs; |
672 | int err; | 675 | int err; |
673 | 676 | ||
674 | if (!version) { | 677 | if (!version) { |
675 | struct ipc_kludge32 *uipck = (struct ipc_kludge32 *)uptr; | 678 | struct ipc_kludge32 __user *uipck = (struct ipc_kludge32 __user *)uptr; |
676 | struct ipc_kludge32 ipck; | 679 | struct ipc_kludge32 ipck; |
677 | 680 | ||
678 | err = -EINVAL; | 681 | err = -EINVAL; |
@@ -681,7 +684,7 @@ do_sys32_msgrcv (int first, int second, int msgtyp, int third, | |||
681 | err = -EFAULT; | 684 | err = -EFAULT; |
682 | if (copy_from_user (&ipck, uipck, sizeof (struct ipc_kludge32))) | 685 | if (copy_from_user (&ipck, uipck, sizeof (struct ipc_kludge32))) |
683 | goto out; | 686 | goto out; |
684 | uptr = (void *)AA(ipck.msgp); | 687 | uptr = (void __user *)AA(ipck.msgp); |
685 | msgtyp = ipck.msgtyp; | 688 | msgtyp = ipck.msgtyp; |
686 | } | 689 | } |
687 | 690 | ||
@@ -693,11 +696,11 @@ do_sys32_msgrcv (int first, int second, int msgtyp, int third, | |||
693 | goto out; | 696 | goto out; |
694 | old_fs = get_fs (); | 697 | old_fs = get_fs (); |
695 | set_fs (KERNEL_DS); | 698 | set_fs (KERNEL_DS); |
696 | err = sys_msgrcv (first, p, second + 4, msgtyp, third); | 699 | err = sys_msgrcv (first, (struct msgbuf __user *)p, second + 4, msgtyp, third); |
697 | set_fs (old_fs); | 700 | set_fs (old_fs); |
698 | if (err < 0) | 701 | if (err < 0) |
699 | goto free_then_out; | 702 | goto free_then_out; |
700 | up = (struct msgbuf32 *)uptr; | 703 | up = (struct msgbuf32 __user *)uptr; |
701 | if (put_user (p->mtype, &up->mtype) || | 704 | if (put_user (p->mtype, &up->mtype) || |
702 | __copy_to_user (&up->mtext, p->mtext, err)) | 705 | __copy_to_user (&up->mtext, p->mtext, err)) |
703 | err = -EFAULT; | 706 | err = -EFAULT; |
@@ -708,19 +711,19 @@ out: | |||
708 | } | 711 | } |
709 | 712 | ||
710 | static int | 713 | static int |
711 | do_sys32_msgctl (int first, int second, void *uptr) | 714 | do_sys32_msgctl (int first, int second, void __user *uptr) |
712 | { | 715 | { |
713 | int err = -EINVAL, err2; | 716 | int err = -EINVAL, err2; |
714 | struct msqid64_ds m; | 717 | struct msqid64_ds m; |
715 | struct msqid_ds32 *up32 = (struct msqid_ds32 *)uptr; | 718 | struct msqid_ds32 __user *up32 = (struct msqid_ds32 __user *)uptr; |
716 | struct msqid64_ds32 *up64 = (struct msqid64_ds32 *)uptr; | 719 | struct msqid64_ds32 __user *up64 = (struct msqid64_ds32 __user *)uptr; |
717 | mm_segment_t old_fs; | 720 | mm_segment_t old_fs; |
718 | 721 | ||
719 | switch (second & ~IPC_64) { | 722 | switch (second & ~IPC_64) { |
720 | case IPC_INFO: | 723 | case IPC_INFO: |
721 | case IPC_RMID: | 724 | case IPC_RMID: |
722 | case MSG_INFO: | 725 | case MSG_INFO: |
723 | err = sys_msgctl (first, second, (struct msqid_ds *)uptr); | 726 | err = sys_msgctl (first, second, (struct msqid_ds __user *)uptr); |
724 | break; | 727 | break; |
725 | 728 | ||
726 | case IPC_SET: | 729 | case IPC_SET: |
@@ -747,7 +750,7 @@ do_sys32_msgctl (int first, int second, void *uptr) | |||
747 | break; | 750 | break; |
748 | old_fs = get_fs(); | 751 | old_fs = get_fs(); |
749 | set_fs(KERNEL_DS); | 752 | set_fs(KERNEL_DS); |
750 | err = sys_msgctl(first, second | IPC_64, (struct msqid_ds *)&m); | 753 | err = sys_msgctl(first, second | IPC_64, (struct msqid_ds __user *)&m); |
751 | set_fs(old_fs); | 754 | set_fs(old_fs); |
752 | break; | 755 | break; |
753 | 756 | ||
@@ -755,7 +758,7 @@ do_sys32_msgctl (int first, int second, void *uptr) | |||
755 | case MSG_STAT: | 758 | case MSG_STAT: |
756 | old_fs = get_fs(); | 759 | old_fs = get_fs(); |
757 | set_fs(KERNEL_DS); | 760 | set_fs(KERNEL_DS); |
758 | err = sys_msgctl(first, second | IPC_64, (struct msqid_ds *)&m); | 761 | err = sys_msgctl(first, second | IPC_64, (struct msqid_ds __user *)&m); |
759 | set_fs(old_fs); | 762 | set_fs(old_fs); |
760 | if (second & IPC_64) { | 763 | if (second & IPC_64) { |
761 | if (!access_ok(VERIFY_WRITE, up64, sizeof(*up64))) { | 764 | if (!access_ok(VERIFY_WRITE, up64, sizeof(*up64))) { |
@@ -809,10 +812,10 @@ do_sys32_msgctl (int first, int second, void *uptr) | |||
809 | } | 812 | } |
810 | 813 | ||
811 | static int | 814 | static int |
812 | do_sys32_shmat (int first, int second, int third, int version, void *uptr) | 815 | do_sys32_shmat (int first, int second, int third, int version, void __user *uptr) |
813 | { | 816 | { |
814 | unsigned long raddr; | 817 | unsigned long raddr; |
815 | u32 *uaddr = (u32 *)A((u32)third); | 818 | u32 __user *uaddr = (u32 __user *)A((u32)third); |
816 | int err = -EINVAL; | 819 | int err = -EINVAL; |
817 | 820 | ||
818 | if (version == 1) | 821 | if (version == 1) |
@@ -831,11 +834,11 @@ struct shm_info32 { | |||
831 | }; | 834 | }; |
832 | 835 | ||
833 | static int | 836 | static int |
834 | do_sys32_shmctl (int first, int second, void *uptr) | 837 | do_sys32_shmctl (int first, int second, void __user *uptr) |
835 | { | 838 | { |
836 | struct shmid64_ds32 *up64 = (struct shmid64_ds32 *)uptr; | 839 | struct shmid64_ds32 __user *up64 = (struct shmid64_ds32 __user *)uptr; |
837 | struct shmid_ds32 *up32 = (struct shmid_ds32 *)uptr; | 840 | struct shmid_ds32 __user *up32 = (struct shmid_ds32 __user *)uptr; |
838 | struct shm_info32 *uip = (struct shm_info32 *)uptr; | 841 | struct shm_info32 __user *uip = (struct shm_info32 __user *)uptr; |
839 | int err = -EFAULT, err2; | 842 | int err = -EFAULT, err2; |
840 | struct shmid64_ds s64; | 843 | struct shmid64_ds s64; |
841 | mm_segment_t old_fs; | 844 | mm_segment_t old_fs; |
@@ -848,7 +851,7 @@ do_sys32_shmctl (int first, int second, void *uptr) | |||
848 | case IPC_RMID: | 851 | case IPC_RMID: |
849 | case SHM_LOCK: | 852 | case SHM_LOCK: |
850 | case SHM_UNLOCK: | 853 | case SHM_UNLOCK: |
851 | err = sys_shmctl(first, second, (struct shmid_ds *)uptr); | 854 | err = sys_shmctl(first, second, (struct shmid_ds __user *)uptr); |
852 | break; | 855 | break; |
853 | case IPC_SET: | 856 | case IPC_SET: |
854 | if (second & IPC_64) { | 857 | if (second & IPC_64) { |
@@ -864,7 +867,7 @@ do_sys32_shmctl (int first, int second, void *uptr) | |||
864 | break; | 867 | break; |
865 | old_fs = get_fs(); | 868 | old_fs = get_fs(); |
866 | set_fs(KERNEL_DS); | 869 | set_fs(KERNEL_DS); |
867 | err = sys_shmctl(first, second & ~IPC_64, &s); | 870 | err = sys_shmctl(first, second & ~IPC_64, (struct shmid_ds __user *)&s); |
868 | set_fs(old_fs); | 871 | set_fs(old_fs); |
869 | break; | 872 | break; |
870 | 873 | ||
@@ -872,7 +875,7 @@ do_sys32_shmctl (int first, int second, void *uptr) | |||
872 | case SHM_STAT: | 875 | case SHM_STAT: |
873 | old_fs = get_fs(); | 876 | old_fs = get_fs(); |
874 | set_fs(KERNEL_DS); | 877 | set_fs(KERNEL_DS); |
875 | err = sys_shmctl(first, second | IPC_64, (void *) &s64); | 878 | err = sys_shmctl(first, second | IPC_64, (void __user *) &s64); |
876 | set_fs(old_fs); | 879 | set_fs(old_fs); |
877 | if (err < 0) | 880 | if (err < 0) |
878 | break; | 881 | break; |
@@ -922,7 +925,7 @@ do_sys32_shmctl (int first, int second, void *uptr) | |||
922 | case SHM_INFO: | 925 | case SHM_INFO: |
923 | old_fs = get_fs(); | 926 | old_fs = get_fs(); |
924 | set_fs(KERNEL_DS); | 927 | set_fs(KERNEL_DS); |
925 | err = sys_shmctl(first, second, (void *)&si); | 928 | err = sys_shmctl(first, second, (void __user *)&si); |
926 | set_fs(old_fs); | 929 | set_fs(old_fs); |
927 | if (err < 0) | 930 | if (err < 0) |
928 | break; | 931 | break; |
@@ -944,11 +947,11 @@ do_sys32_shmctl (int first, int second, void *uptr) | |||
944 | return err; | 947 | return err; |
945 | } | 948 | } |
946 | 949 | ||
947 | static int sys32_semtimedop(int semid, struct sembuf *tsems, int nsems, | 950 | static int sys32_semtimedop(int semid, struct sembuf __user *tsems, int nsems, |
948 | const struct compat_timespec *timeout32) | 951 | const struct compat_timespec __user *timeout32) |
949 | { | 952 | { |
950 | struct compat_timespec t32; | 953 | struct compat_timespec t32; |
951 | struct timespec *t64 = compat_alloc_user_space(sizeof(*t64)); | 954 | struct timespec __user *t64 = compat_alloc_user_space(sizeof(*t64)); |
952 | 955 | ||
953 | if (copy_from_user(&t32, timeout32, sizeof(t32))) | 956 | if (copy_from_user(&t32, timeout32, sizeof(t32))) |
954 | return -EFAULT; | 957 | return -EFAULT; |
@@ -971,11 +974,11 @@ sys32_ipc (u32 call, int first, int second, int third, u32 ptr, u32 fifth) | |||
971 | switch (call) { | 974 | switch (call) { |
972 | case SEMOP: | 975 | case SEMOP: |
973 | /* struct sembuf is the same on 32 and 64bit :)) */ | 976 | /* struct sembuf is the same on 32 and 64bit :)) */ |
974 | err = sys_semtimedop (first, (struct sembuf *)AA(ptr), second, | 977 | err = sys_semtimedop (first, (struct sembuf __user *)AA(ptr), second, |
975 | NULL); | 978 | NULL); |
976 | break; | 979 | break; |
977 | case SEMTIMEDOP: | 980 | case SEMTIMEDOP: |
978 | err = sys32_semtimedop (first, (struct sembuf *)AA(ptr), second, | 981 | err = sys32_semtimedop (first, (struct sembuf __user *)AA(ptr), second, |
979 | (const struct compat_timespec __user *)AA(fifth)); | 982 | (const struct compat_timespec __user *)AA(fifth)); |
980 | break; | 983 | break; |
981 | case SEMGET: | 984 | case SEMGET: |
@@ -983,36 +986,36 @@ sys32_ipc (u32 call, int first, int second, int third, u32 ptr, u32 fifth) | |||
983 | break; | 986 | break; |
984 | case SEMCTL: | 987 | case SEMCTL: |
985 | err = do_sys32_semctl (first, second, third, | 988 | err = do_sys32_semctl (first, second, third, |
986 | (void *)AA(ptr)); | 989 | (void __user *)AA(ptr)); |
987 | break; | 990 | break; |
988 | 991 | ||
989 | case MSGSND: | 992 | case MSGSND: |
990 | err = do_sys32_msgsnd (first, second, third, | 993 | err = do_sys32_msgsnd (first, second, third, |
991 | (void *)AA(ptr)); | 994 | (void __user *)AA(ptr)); |
992 | break; | 995 | break; |
993 | case MSGRCV: | 996 | case MSGRCV: |
994 | err = do_sys32_msgrcv (first, second, fifth, third, | 997 | err = do_sys32_msgrcv (first, second, fifth, third, |
995 | version, (void *)AA(ptr)); | 998 | version, (void __user *)AA(ptr)); |
996 | break; | 999 | break; |
997 | case MSGGET: | 1000 | case MSGGET: |
998 | err = sys_msgget ((key_t) first, second); | 1001 | err = sys_msgget ((key_t) first, second); |
999 | break; | 1002 | break; |
1000 | case MSGCTL: | 1003 | case MSGCTL: |
1001 | err = do_sys32_msgctl (first, second, (void *)AA(ptr)); | 1004 | err = do_sys32_msgctl (first, second, (void __user *)AA(ptr)); |
1002 | break; | 1005 | break; |
1003 | 1006 | ||
1004 | case SHMAT: | 1007 | case SHMAT: |
1005 | err = do_sys32_shmat (first, second, third, | 1008 | err = do_sys32_shmat (first, second, third, |
1006 | version, (void *)AA(ptr)); | 1009 | version, (void __user *)AA(ptr)); |
1007 | break; | 1010 | break; |
1008 | case SHMDT: | 1011 | case SHMDT: |
1009 | err = sys_shmdt ((char *)A(ptr)); | 1012 | err = sys_shmdt ((char __user *)A(ptr)); |
1010 | break; | 1013 | break; |
1011 | case SHMGET: | 1014 | case SHMGET: |
1012 | err = sys_shmget (first, (unsigned)second, third); | 1015 | err = sys_shmget (first, (unsigned)second, third); |
1013 | break; | 1016 | break; |
1014 | case SHMCTL: | 1017 | case SHMCTL: |
1015 | err = do_sys32_shmctl (first, second, (void *)AA(ptr)); | 1018 | err = do_sys32_shmctl (first, second, (void __user *)AA(ptr)); |
1016 | break; | 1019 | break; |
1017 | default: | 1020 | default: |
1018 | err = -EINVAL; | 1021 | err = -EINVAL; |
@@ -1023,7 +1026,7 @@ sys32_ipc (u32 call, int first, int second, int third, u32 ptr, u32 fifth) | |||
1023 | } | 1026 | } |
1024 | 1027 | ||
1025 | asmlinkage long sys32_shmat(int shmid, char __user *shmaddr, | 1028 | asmlinkage long sys32_shmat(int shmid, char __user *shmaddr, |
1026 | int shmflg, int32_t *addr) | 1029 | int shmflg, int32_t __user *addr) |
1027 | { | 1030 | { |
1028 | unsigned long raddr; | 1031 | unsigned long raddr; |
1029 | int err; | 1032 | int err; |
@@ -1048,12 +1051,13 @@ struct sysctl_args32 | |||
1048 | 1051 | ||
1049 | #ifdef CONFIG_SYSCTL | 1052 | #ifdef CONFIG_SYSCTL |
1050 | 1053 | ||
1051 | asmlinkage long sys32_sysctl(struct sysctl_args32 *args) | 1054 | asmlinkage long sys32_sysctl(struct sysctl_args32 __user *args) |
1052 | { | 1055 | { |
1053 | struct sysctl_args32 tmp; | 1056 | struct sysctl_args32 tmp; |
1054 | int error; | 1057 | int error; |
1055 | size_t oldlen, *oldlenp = NULL; | 1058 | size_t oldlen; |
1056 | unsigned long addr = (((long)&args->__unused[0]) + 7) & ~7; | 1059 | size_t __user *oldlenp = NULL; |
1060 | unsigned long addr = (((unsigned long)&args->__unused[0]) + 7) & ~7; | ||
1057 | 1061 | ||
1058 | if (copy_from_user(&tmp, args, sizeof(tmp))) | 1062 | if (copy_from_user(&tmp, args, sizeof(tmp))) |
1059 | return -EFAULT; | 1063 | return -EFAULT; |
@@ -1065,20 +1069,20 @@ asmlinkage long sys32_sysctl(struct sysctl_args32 *args) | |||
1065 | basically copy the whole sysctl.c here, and | 1069 | basically copy the whole sysctl.c here, and |
1066 | glibc's __sysctl uses rw memory for the structure | 1070 | glibc's __sysctl uses rw memory for the structure |
1067 | anyway. */ | 1071 | anyway. */ |
1068 | if (get_user(oldlen, (u32 *)A(tmp.oldlenp)) || | 1072 | if (get_user(oldlen, (u32 __user *)A(tmp.oldlenp)) || |
1069 | put_user(oldlen, (size_t *)addr)) | 1073 | put_user(oldlen, (size_t __user *)addr)) |
1070 | return -EFAULT; | 1074 | return -EFAULT; |
1071 | oldlenp = (size_t *)addr; | 1075 | oldlenp = (size_t __user *)addr; |
1072 | } | 1076 | } |
1073 | 1077 | ||
1074 | lock_kernel(); | 1078 | lock_kernel(); |
1075 | error = do_sysctl((int *)A(tmp.name), tmp.nlen, (void *)A(tmp.oldval), | 1079 | error = do_sysctl((int __user *)A(tmp.name), tmp.nlen, (void __user *)A(tmp.oldval), |
1076 | oldlenp, (void *)A(tmp.newval), tmp.newlen); | 1080 | oldlenp, (void __user *)A(tmp.newval), tmp.newlen); |
1077 | unlock_kernel(); | 1081 | unlock_kernel(); |
1078 | if (oldlenp) { | 1082 | if (oldlenp) { |
1079 | if (!error) { | 1083 | if (!error) { |
1080 | if (get_user(oldlen, (size_t *)addr) || | 1084 | if (get_user(oldlen, (size_t __user *)addr) || |
1081 | put_user(oldlen, (u32 *)A(tmp.oldlenp))) | 1085 | put_user(oldlen, (u32 __user *)A(tmp.oldlenp))) |
1082 | error = -EFAULT; | 1086 | error = -EFAULT; |
1083 | } | 1087 | } |
1084 | copy_to_user(args->__unused, tmp.__unused, sizeof(tmp.__unused)); | 1088 | copy_to_user(args->__unused, tmp.__unused, sizeof(tmp.__unused)); |
@@ -1088,7 +1092,7 @@ asmlinkage long sys32_sysctl(struct sysctl_args32 *args) | |||
1088 | 1092 | ||
1089 | #endif /* CONFIG_SYSCTL */ | 1093 | #endif /* CONFIG_SYSCTL */ |
1090 | 1094 | ||
1091 | asmlinkage long sys32_newuname(struct new_utsname * name) | 1095 | asmlinkage long sys32_newuname(struct new_utsname __user * name) |
1092 | { | 1096 | { |
1093 | int ret = 0; | 1097 | int ret = 0; |
1094 | 1098 | ||
@@ -1123,9 +1127,9 @@ struct ustat32 { | |||
1123 | char f_fpack[6]; | 1127 | char f_fpack[6]; |
1124 | }; | 1128 | }; |
1125 | 1129 | ||
1126 | extern asmlinkage long sys_ustat(dev_t dev, struct ustat * ubuf); | 1130 | extern asmlinkage long sys_ustat(dev_t dev, struct ustat __user * ubuf); |
1127 | 1131 | ||
1128 | asmlinkage int sys32_ustat(dev_t dev, struct ustat32 * ubuf32) | 1132 | asmlinkage int sys32_ustat(dev_t dev, struct ustat32 __user * ubuf32) |
1129 | { | 1133 | { |
1130 | int err; | 1134 | int err; |
1131 | struct ustat tmp; | 1135 | struct ustat tmp; |
@@ -1133,7 +1137,7 @@ asmlinkage int sys32_ustat(dev_t dev, struct ustat32 * ubuf32) | |||
1133 | mm_segment_t old_fs = get_fs(); | 1137 | mm_segment_t old_fs = get_fs(); |
1134 | 1138 | ||
1135 | set_fs(KERNEL_DS); | 1139 | set_fs(KERNEL_DS); |
1136 | err = sys_ustat(dev, &tmp); | 1140 | err = sys_ustat(dev, (struct ustat __user *)&tmp); |
1137 | set_fs (old_fs); | 1141 | set_fs (old_fs); |
1138 | 1142 | ||
1139 | if (err) | 1143 | if (err) |
@@ -1166,7 +1170,7 @@ struct timex32 { | |||
1166 | 1170 | ||
1167 | extern int do_adjtimex(struct timex *); | 1171 | extern int do_adjtimex(struct timex *); |
1168 | 1172 | ||
1169 | asmlinkage int sys32_adjtimex(struct timex32 *utp) | 1173 | asmlinkage int sys32_adjtimex(struct timex32 __user *utp) |
1170 | { | 1174 | { |
1171 | struct timex txc; | 1175 | struct timex txc; |
1172 | int ret; | 1176 | int ret; |
@@ -1222,7 +1226,7 @@ asmlinkage int sys32_adjtimex(struct timex32 *utp) | |||
1222 | return ret; | 1226 | return ret; |
1223 | } | 1227 | } |
1224 | 1228 | ||
1225 | asmlinkage int sys32_sendfile(int out_fd, int in_fd, compat_off_t *offset, | 1229 | asmlinkage int sys32_sendfile(int out_fd, int in_fd, compat_off_t __user *offset, |
1226 | s32 count) | 1230 | s32 count) |
1227 | { | 1231 | { |
1228 | mm_segment_t old_fs = get_fs(); | 1232 | mm_segment_t old_fs = get_fs(); |
@@ -1233,7 +1237,7 @@ asmlinkage int sys32_sendfile(int out_fd, int in_fd, compat_off_t *offset, | |||
1233 | return -EFAULT; | 1237 | return -EFAULT; |
1234 | 1238 | ||
1235 | set_fs(KERNEL_DS); | 1239 | set_fs(KERNEL_DS); |
1236 | ret = sys_sendfile(out_fd, in_fd, offset ? &of : NULL, count); | 1240 | ret = sys_sendfile(out_fd, in_fd, offset ? (off_t __user *)&of : NULL, count); |
1237 | set_fs(old_fs); | 1241 | set_fs(old_fs); |
1238 | 1242 | ||
1239 | if (offset && put_user(of, offset)) | 1243 | if (offset && put_user(of, offset)) |
@@ -1263,7 +1267,7 @@ static unsigned char socketcall_nargs[18]={AL(0),AL(3),AL(3),AL(3),AL(2),AL(3), | |||
1263 | * it is set by the callees. | 1267 | * it is set by the callees. |
1264 | */ | 1268 | */ |
1265 | 1269 | ||
1266 | asmlinkage long sys32_socketcall(int call, unsigned int *args32) | 1270 | asmlinkage long sys32_socketcall(int call, unsigned int __user *args32) |
1267 | { | 1271 | { |
1268 | unsigned int a[6]; | 1272 | unsigned int a[6]; |
1269 | unsigned int a0,a1; | 1273 | unsigned int a0,a1; |
@@ -1285,7 +1289,7 @@ asmlinkage long sys32_socketcall(int call, unsigned int *args32) | |||
1285 | struct sockaddr __user *addr, int __user *addr_len); | 1289 | struct sockaddr __user *addr, int __user *addr_len); |
1286 | extern asmlinkage long sys_shutdown(int fd, int how); | 1290 | extern asmlinkage long sys_shutdown(int fd, int how); |
1287 | extern asmlinkage long sys_setsockopt(int fd, int level, int optname, char __user *optval, int optlen); | 1291 | extern asmlinkage long sys_setsockopt(int fd, int level, int optname, char __user *optval, int optlen); |
1288 | extern asmlinkage long sys_getsockopt(int fd, int level, int optname, char __user *optval, int *optlen); | 1292 | extern asmlinkage long sys_getsockopt(int fd, int level, int optname, char __user *optval, int __user *optlen); |
1289 | extern asmlinkage long sys_sendmsg(int fd, struct msghdr __user *msg, unsigned flags); | 1293 | extern asmlinkage long sys_sendmsg(int fd, struct msghdr __user *msg, unsigned flags); |
1290 | extern asmlinkage long sys_recvmsg(int fd, struct msghdr __user *msg, unsigned int flags); | 1294 | extern asmlinkage long sys_recvmsg(int fd, struct msghdr __user *msg, unsigned int flags); |
1291 | 1295 | ||
@@ -1405,7 +1409,7 @@ _sys32_clone(nabi_no_regargs struct pt_regs regs) | |||
1405 | newsp = regs.regs[5]; | 1409 | newsp = regs.regs[5]; |
1406 | if (!newsp) | 1410 | if (!newsp) |
1407 | newsp = regs.regs[29]; | 1411 | newsp = regs.regs[29]; |
1408 | parent_tidptr = (int *) regs.regs[6]; | 1412 | parent_tidptr = (int __user *) regs.regs[6]; |
1409 | 1413 | ||
1410 | /* Use __dummy4 instead of getting it off the stack, so that | 1414 | /* Use __dummy4 instead of getting it off the stack, so that |
1411 | syscall() works. */ | 1415 | syscall() works. */ |