diff options
Diffstat (limited to 'arch/mips/kernel/linux32.c')
-rw-r--r-- | arch/mips/kernel/linux32.c | 252 |
1 files changed, 90 insertions, 162 deletions
diff --git a/arch/mips/kernel/linux32.c b/arch/mips/kernel/linux32.c index e00e5f6e7fdd..3f40c37a9ee6 100644 --- a/arch/mips/kernel/linux32.c +++ b/arch/mips/kernel/linux32.c | |||
@@ -30,7 +30,6 @@ | |||
30 | #include <linux/utime.h> | 30 | #include <linux/utime.h> |
31 | #include <linux/utsname.h> | 31 | #include <linux/utsname.h> |
32 | #include <linux/personality.h> | 32 | #include <linux/personality.h> |
33 | #include <linux/timex.h> | ||
34 | #include <linux/dnotify.h> | 33 | #include <linux/dnotify.h> |
35 | #include <linux/module.h> | 34 | #include <linux/module.h> |
36 | #include <linux/binfmts.h> | 35 | #include <linux/binfmts.h> |
@@ -69,7 +68,7 @@ | |||
69 | * Revalidate the inode. This is required for proper NFS attribute caching. | 68 | * Revalidate the inode. This is required for proper NFS attribute caching. |
70 | */ | 69 | */ |
71 | 70 | ||
72 | int cp_compat_stat(struct kstat *stat, struct compat_stat *statbuf) | 71 | int cp_compat_stat(struct kstat *stat, struct compat_stat __user *statbuf) |
73 | { | 72 | { |
74 | struct compat_stat tmp; | 73 | struct compat_stat tmp; |
75 | 74 | ||
@@ -106,6 +105,10 @@ sys32_mmap2(unsigned long addr, unsigned long len, unsigned long prot, | |||
106 | unsigned long error; | 105 | unsigned long error; |
107 | 106 | ||
108 | error = -EINVAL; | 107 | error = -EINVAL; |
108 | if (pgoff & (~PAGE_MASK >> 12)) | ||
109 | goto out; | ||
110 | pgoff >>= PAGE_SHIFT-12; | ||
111 | |||
109 | if (!(flags & MAP_ANONYMOUS)) { | 112 | if (!(flags & MAP_ANONYMOUS)) { |
110 | error = -EBADF; | 113 | error = -EBADF; |
111 | file = fget(fd); | 114 | file = fget(fd); |
@@ -125,7 +128,7 @@ out: | |||
125 | } | 128 | } |
126 | 129 | ||
127 | 130 | ||
128 | asmlinkage int sys_truncate64(const char *path, unsigned int high, | 131 | asmlinkage int sys_truncate64(const char __user *path, unsigned int high, |
129 | unsigned int low) | 132 | unsigned int low) |
130 | { | 133 | { |
131 | if ((int)high < 0) | 134 | if ((int)high < 0) |
@@ -161,12 +164,6 @@ out: | |||
161 | return error; | 164 | return error; |
162 | } | 165 | } |
163 | 166 | ||
164 | asmlinkage int | ||
165 | sys32_waitpid(compat_pid_t pid, unsigned int *stat_addr, int options) | ||
166 | { | ||
167 | return compat_sys_wait4(pid, stat_addr, options, NULL); | ||
168 | } | ||
169 | |||
170 | asmlinkage long | 167 | asmlinkage long |
171 | sysn32_waitid(int which, compat_pid_t pid, | 168 | sysn32_waitid(int which, compat_pid_t pid, |
172 | siginfo_t __user *uinfo, int options, | 169 | siginfo_t __user *uinfo, int options, |
@@ -175,6 +172,7 @@ sysn32_waitid(int which, compat_pid_t pid, | |||
175 | struct rusage ru; | 172 | struct rusage ru; |
176 | long ret; | 173 | long ret; |
177 | mm_segment_t old_fs = get_fs(); | 174 | mm_segment_t old_fs = get_fs(); |
175 | int si_signo; | ||
178 | 176 | ||
179 | if (!access_ok(VERIFY_WRITE, uinfo, sizeof(*uinfo))) | 177 | if (!access_ok(VERIFY_WRITE, uinfo, sizeof(*uinfo))) |
180 | return -EFAULT; | 178 | return -EFAULT; |
@@ -184,7 +182,9 @@ sysn32_waitid(int which, compat_pid_t pid, | |||
184 | uru ? (struct rusage __user *) &ru : NULL); | 182 | uru ? (struct rusage __user *) &ru : NULL); |
185 | set_fs (old_fs); | 183 | set_fs (old_fs); |
186 | 184 | ||
187 | if (ret < 0 || uinfo->si_signo == 0) | 185 | if (__get_user(si_signo, &uinfo->si_signo)) |
186 | return -EFAULT; | ||
187 | if (ret < 0 || si_signo == 0) | ||
188 | return ret; | 188 | return ret; |
189 | 189 | ||
190 | if (uru) | 190 | if (uru) |
@@ -208,14 +208,14 @@ struct sysinfo32 { | |||
208 | char _f[8]; | 208 | char _f[8]; |
209 | }; | 209 | }; |
210 | 210 | ||
211 | asmlinkage int sys32_sysinfo(struct sysinfo32 *info) | 211 | asmlinkage int sys32_sysinfo(struct sysinfo32 __user *info) |
212 | { | 212 | { |
213 | struct sysinfo s; | 213 | struct sysinfo s; |
214 | int ret, err; | 214 | int ret, err; |
215 | mm_segment_t old_fs = get_fs (); | 215 | mm_segment_t old_fs = get_fs (); |
216 | 216 | ||
217 | set_fs (KERNEL_DS); | 217 | set_fs (KERNEL_DS); |
218 | ret = sys_sysinfo(&s); | 218 | ret = sys_sysinfo((struct sysinfo __user *)&s); |
219 | set_fs (old_fs); | 219 | set_fs (old_fs); |
220 | err = put_user (s.uptime, &info->uptime); | 220 | err = put_user (s.uptime, &info->uptime); |
221 | err |= __put_user (s.loads[0], &info->loads[0]); | 221 | err |= __put_user (s.loads[0], &info->loads[0]); |
@@ -245,11 +245,11 @@ struct rlimit32 { | |||
245 | }; | 245 | }; |
246 | 246 | ||
247 | #ifdef __MIPSEB__ | 247 | #ifdef __MIPSEB__ |
248 | asmlinkage long sys32_truncate64(const char * path, unsigned long __dummy, | 248 | asmlinkage long sys32_truncate64(const char __user * path, unsigned long __dummy, |
249 | int length_hi, int length_lo) | 249 | int length_hi, int length_lo) |
250 | #endif | 250 | #endif |
251 | #ifdef __MIPSEL__ | 251 | #ifdef __MIPSEL__ |
252 | asmlinkage long sys32_truncate64(const char * path, unsigned long __dummy, | 252 | asmlinkage long sys32_truncate64(const char __user * path, unsigned long __dummy, |
253 | int length_lo, int length_hi) | 253 | int length_lo, int length_hi) |
254 | #endif | 254 | #endif |
255 | { | 255 | { |
@@ -277,7 +277,7 @@ asmlinkage long sys32_ftruncate64(unsigned int fd, unsigned long __dummy, | |||
277 | } | 277 | } |
278 | 278 | ||
279 | static inline long | 279 | static inline long |
280 | get_tv32(struct timeval *o, struct compat_timeval *i) | 280 | get_tv32(struct timeval *o, struct compat_timeval __user *i) |
281 | { | 281 | { |
282 | return (!access_ok(VERIFY_READ, i, sizeof(*i)) || | 282 | return (!access_ok(VERIFY_READ, i, sizeof(*i)) || |
283 | (__get_user(o->tv_sec, &i->tv_sec) | | 283 | (__get_user(o->tv_sec, &i->tv_sec) | |
@@ -285,7 +285,7 @@ get_tv32(struct timeval *o, struct compat_timeval *i) | |||
285 | } | 285 | } |
286 | 286 | ||
287 | static inline long | 287 | static inline long |
288 | put_tv32(struct compat_timeval *o, struct timeval *i) | 288 | put_tv32(struct compat_timeval __user *o, struct timeval *i) |
289 | { | 289 | { |
290 | return (!access_ok(VERIFY_WRITE, o, sizeof(*o)) || | 290 | return (!access_ok(VERIFY_WRITE, o, sizeof(*o)) || |
291 | (__put_user(i->tv_sec, &o->tv_sec) | | 291 | (__put_user(i->tv_sec, &o->tv_sec) | |
@@ -295,7 +295,7 @@ put_tv32(struct compat_timeval *o, struct timeval *i) | |||
295 | extern struct timezone sys_tz; | 295 | extern struct timezone sys_tz; |
296 | 296 | ||
297 | asmlinkage int | 297 | asmlinkage int |
298 | sys32_gettimeofday(struct compat_timeval *tv, struct timezone *tz) | 298 | sys32_gettimeofday(struct compat_timeval __user *tv, struct timezone __user *tz) |
299 | { | 299 | { |
300 | if (tv) { | 300 | if (tv) { |
301 | struct timeval ktv; | 301 | struct timeval ktv; |
@@ -310,7 +310,7 @@ sys32_gettimeofday(struct compat_timeval *tv, struct timezone *tz) | |||
310 | return 0; | 310 | return 0; |
311 | } | 311 | } |
312 | 312 | ||
313 | static inline long get_ts32(struct timespec *o, struct compat_timeval *i) | 313 | static inline long get_ts32(struct timespec *o, struct compat_timeval __user *i) |
314 | { | 314 | { |
315 | long usec; | 315 | long usec; |
316 | 316 | ||
@@ -325,7 +325,7 @@ static inline long get_ts32(struct timespec *o, struct compat_timeval *i) | |||
325 | } | 325 | } |
326 | 326 | ||
327 | asmlinkage int | 327 | asmlinkage int |
328 | sys32_settimeofday(struct compat_timeval *tv, struct timezone *tz) | 328 | sys32_settimeofday(struct compat_timeval __user *tv, struct timezone __user *tz) |
329 | { | 329 | { |
330 | struct timespec kts; | 330 | struct timespec kts; |
331 | struct timezone ktz; | 331 | struct timezone ktz; |
@@ -343,7 +343,7 @@ sys32_settimeofday(struct compat_timeval *tv, struct timezone *tz) | |||
343 | } | 343 | } |
344 | 344 | ||
345 | asmlinkage int sys32_llseek(unsigned int fd, unsigned int offset_high, | 345 | asmlinkage int sys32_llseek(unsigned int fd, unsigned int offset_high, |
346 | unsigned int offset_low, loff_t * result, | 346 | unsigned int offset_low, loff_t __user * result, |
347 | unsigned int origin) | 347 | unsigned int origin) |
348 | { | 348 | { |
349 | return sys_llseek(fd, offset_high, offset_low, result, origin); | 349 | return sys_llseek(fd, offset_high, offset_low, result, origin); |
@@ -353,12 +353,12 @@ asmlinkage int sys32_llseek(unsigned int fd, unsigned int offset_high, | |||
353 | lseek back to original location. They fail just like lseek does on | 353 | lseek back to original location. They fail just like lseek does on |
354 | non-seekable files. */ | 354 | non-seekable files. */ |
355 | 355 | ||
356 | asmlinkage ssize_t sys32_pread(unsigned int fd, char * buf, | 356 | asmlinkage ssize_t sys32_pread(unsigned int fd, char __user * buf, |
357 | size_t count, u32 unused, u64 a4, u64 a5) | 357 | size_t count, u32 unused, u64 a4, u64 a5) |
358 | { | 358 | { |
359 | ssize_t ret; | 359 | ssize_t ret; |
360 | struct file * file; | 360 | struct file * file; |
361 | ssize_t (*read)(struct file *, char *, size_t, loff_t *); | 361 | ssize_t (*read)(struct file *, char __user *, size_t, loff_t *); |
362 | loff_t pos; | 362 | loff_t pos; |
363 | 363 | ||
364 | ret = -EBADF; | 364 | ret = -EBADF; |
@@ -388,12 +388,12 @@ bad_file: | |||
388 | return ret; | 388 | return ret; |
389 | } | 389 | } |
390 | 390 | ||
391 | asmlinkage ssize_t sys32_pwrite(unsigned int fd, const char * buf, | 391 | asmlinkage ssize_t sys32_pwrite(unsigned int fd, const char __user * buf, |
392 | size_t count, u32 unused, u64 a4, u64 a5) | 392 | size_t count, u32 unused, u64 a4, u64 a5) |
393 | { | 393 | { |
394 | ssize_t ret; | 394 | ssize_t ret; |
395 | struct file * file; | 395 | struct file * file; |
396 | ssize_t (*write)(struct file *, const char *, size_t, loff_t *); | 396 | ssize_t (*write)(struct file *, const char __user *, size_t, loff_t *); |
397 | loff_t pos; | 397 | loff_t pos; |
398 | 398 | ||
399 | ret = -EBADF; | 399 | ret = -EBADF; |
@@ -426,14 +426,14 @@ bad_file: | |||
426 | } | 426 | } |
427 | 427 | ||
428 | asmlinkage int sys32_sched_rr_get_interval(compat_pid_t pid, | 428 | asmlinkage int sys32_sched_rr_get_interval(compat_pid_t pid, |
429 | struct compat_timespec *interval) | 429 | struct compat_timespec __user *interval) |
430 | { | 430 | { |
431 | struct timespec t; | 431 | struct timespec t; |
432 | int ret; | 432 | int ret; |
433 | mm_segment_t old_fs = get_fs (); | 433 | mm_segment_t old_fs = get_fs (); |
434 | 434 | ||
435 | set_fs (KERNEL_DS); | 435 | set_fs (KERNEL_DS); |
436 | ret = sys_sched_rr_get_interval(pid, &t); | 436 | ret = sys_sched_rr_get_interval(pid, (struct timespec __user *)&t); |
437 | set_fs (old_fs); | 437 | set_fs (old_fs); |
438 | if (put_user (t.tv_sec, &interval->tv_sec) || | 438 | if (put_user (t.tv_sec, &interval->tv_sec) || |
439 | __put_user (t.tv_nsec, &interval->tv_nsec)) | 439 | __put_user (t.tv_nsec, &interval->tv_nsec)) |
@@ -551,7 +551,7 @@ struct ipc_kludge32 { | |||
551 | }; | 551 | }; |
552 | 552 | ||
553 | static int | 553 | static int |
554 | do_sys32_semctl(int first, int second, int third, void *uptr) | 554 | do_sys32_semctl(int first, int second, int third, void __user *uptr) |
555 | { | 555 | { |
556 | union semun fourth; | 556 | union semun fourth; |
557 | u32 pad; | 557 | u32 pad; |
@@ -562,12 +562,12 @@ do_sys32_semctl(int first, int second, int third, void *uptr) | |||
562 | if (!uptr) | 562 | if (!uptr) |
563 | return -EINVAL; | 563 | return -EINVAL; |
564 | err = -EFAULT; | 564 | err = -EFAULT; |
565 | if (get_user (pad, (u32 *)uptr)) | 565 | if (get_user (pad, (u32 __user *)uptr)) |
566 | return err; | 566 | return err; |
567 | if ((third & ~IPC_64) == SETVAL) | 567 | if ((third & ~IPC_64) == SETVAL) |
568 | fourth.val = (int)pad; | 568 | fourth.val = (int)pad; |
569 | else | 569 | else |
570 | fourth.__pad = (void *)A(pad); | 570 | fourth.__pad = (void __user *)A(pad); |
571 | switch (third & ~IPC_64) { | 571 | switch (third & ~IPC_64) { |
572 | case IPC_INFO: | 572 | case IPC_INFO: |
573 | case IPC_RMID: | 573 | case IPC_RMID: |
@@ -585,14 +585,14 @@ do_sys32_semctl(int first, int second, int third, void *uptr) | |||
585 | 585 | ||
586 | case IPC_STAT: | 586 | case IPC_STAT: |
587 | case SEM_STAT: | 587 | case SEM_STAT: |
588 | fourth.__pad = &s; | 588 | fourth.__pad = (struct semid64_ds __user *)&s; |
589 | old_fs = get_fs(); | 589 | old_fs = get_fs(); |
590 | set_fs(KERNEL_DS); | 590 | set_fs(KERNEL_DS); |
591 | err = sys_semctl(first, second, third | IPC_64, fourth); | 591 | err = sys_semctl(first, second, third | IPC_64, fourth); |
592 | set_fs(old_fs); | 592 | set_fs(old_fs); |
593 | 593 | ||
594 | if (third & IPC_64) { | 594 | if (third & IPC_64) { |
595 | struct semid64_ds32 *usp64 = (struct semid64_ds32 *) A(pad); | 595 | struct semid64_ds32 __user *usp64 = (struct semid64_ds32 __user *) A(pad); |
596 | 596 | ||
597 | if (!access_ok(VERIFY_WRITE, usp64, sizeof(*usp64))) { | 597 | if (!access_ok(VERIFY_WRITE, usp64, sizeof(*usp64))) { |
598 | err = -EFAULT; | 598 | err = -EFAULT; |
@@ -609,7 +609,7 @@ do_sys32_semctl(int first, int second, int third, void *uptr) | |||
609 | err2 |= __put_user(s.sem_ctime, &usp64->sem_ctime); | 609 | err2 |= __put_user(s.sem_ctime, &usp64->sem_ctime); |
610 | err2 |= __put_user(s.sem_nsems, &usp64->sem_nsems); | 610 | err2 |= __put_user(s.sem_nsems, &usp64->sem_nsems); |
611 | } else { | 611 | } else { |
612 | struct semid_ds32 *usp32 = (struct semid_ds32 *) A(pad); | 612 | struct semid_ds32 __user *usp32 = (struct semid_ds32 __user *) A(pad); |
613 | 613 | ||
614 | if (!access_ok(VERIFY_WRITE, usp32, sizeof(*usp32))) { | 614 | if (!access_ok(VERIFY_WRITE, usp32, sizeof(*usp32))) { |
615 | err = -EFAULT; | 615 | err = -EFAULT; |
@@ -639,9 +639,9 @@ do_sys32_semctl(int first, int second, int third, void *uptr) | |||
639 | } | 639 | } |
640 | 640 | ||
641 | static int | 641 | static int |
642 | do_sys32_msgsnd (int first, int second, int third, void *uptr) | 642 | do_sys32_msgsnd (int first, int second, int third, void __user *uptr) |
643 | { | 643 | { |
644 | struct msgbuf32 *up = (struct msgbuf32 *)uptr; | 644 | struct msgbuf32 __user *up = (struct msgbuf32 __user *)uptr; |
645 | struct msgbuf *p; | 645 | struct msgbuf *p; |
646 | mm_segment_t old_fs; | 646 | mm_segment_t old_fs; |
647 | int err; | 647 | int err; |
@@ -660,7 +660,7 @@ do_sys32_msgsnd (int first, int second, int third, void *uptr) | |||
660 | goto out; | 660 | goto out; |
661 | old_fs = get_fs (); | 661 | old_fs = get_fs (); |
662 | set_fs (KERNEL_DS); | 662 | set_fs (KERNEL_DS); |
663 | err = sys_msgsnd (first, p, second, third); | 663 | err = sys_msgsnd (first, (struct msgbuf __user *)p, second, third); |
664 | set_fs (old_fs); | 664 | set_fs (old_fs); |
665 | out: | 665 | out: |
666 | kfree (p); | 666 | kfree (p); |
@@ -670,15 +670,15 @@ out: | |||
670 | 670 | ||
671 | static int | 671 | static int |
672 | do_sys32_msgrcv (int first, int second, int msgtyp, int third, | 672 | do_sys32_msgrcv (int first, int second, int msgtyp, int third, |
673 | int version, void *uptr) | 673 | int version, void __user *uptr) |
674 | { | 674 | { |
675 | struct msgbuf32 *up; | 675 | struct msgbuf32 __user *up; |
676 | struct msgbuf *p; | 676 | struct msgbuf *p; |
677 | mm_segment_t old_fs; | 677 | mm_segment_t old_fs; |
678 | int err; | 678 | int err; |
679 | 679 | ||
680 | if (!version) { | 680 | if (!version) { |
681 | struct ipc_kludge32 *uipck = (struct ipc_kludge32 *)uptr; | 681 | struct ipc_kludge32 __user *uipck = (struct ipc_kludge32 __user *)uptr; |
682 | struct ipc_kludge32 ipck; | 682 | struct ipc_kludge32 ipck; |
683 | 683 | ||
684 | err = -EINVAL; | 684 | err = -EINVAL; |
@@ -687,7 +687,7 @@ do_sys32_msgrcv (int first, int second, int msgtyp, int third, | |||
687 | err = -EFAULT; | 687 | err = -EFAULT; |
688 | if (copy_from_user (&ipck, uipck, sizeof (struct ipc_kludge32))) | 688 | if (copy_from_user (&ipck, uipck, sizeof (struct ipc_kludge32))) |
689 | goto out; | 689 | goto out; |
690 | uptr = (void *)AA(ipck.msgp); | 690 | uptr = (void __user *)AA(ipck.msgp); |
691 | msgtyp = ipck.msgtyp; | 691 | msgtyp = ipck.msgtyp; |
692 | } | 692 | } |
693 | 693 | ||
@@ -699,11 +699,11 @@ do_sys32_msgrcv (int first, int second, int msgtyp, int third, | |||
699 | goto out; | 699 | goto out; |
700 | old_fs = get_fs (); | 700 | old_fs = get_fs (); |
701 | set_fs (KERNEL_DS); | 701 | set_fs (KERNEL_DS); |
702 | err = sys_msgrcv (first, p, second + 4, msgtyp, third); | 702 | err = sys_msgrcv (first, (struct msgbuf __user *)p, second + 4, msgtyp, third); |
703 | set_fs (old_fs); | 703 | set_fs (old_fs); |
704 | if (err < 0) | 704 | if (err < 0) |
705 | goto free_then_out; | 705 | goto free_then_out; |
706 | up = (struct msgbuf32 *)uptr; | 706 | up = (struct msgbuf32 __user *)uptr; |
707 | if (put_user (p->mtype, &up->mtype) || | 707 | if (put_user (p->mtype, &up->mtype) || |
708 | __copy_to_user (&up->mtext, p->mtext, err)) | 708 | __copy_to_user (&up->mtext, p->mtext, err)) |
709 | err = -EFAULT; | 709 | err = -EFAULT; |
@@ -714,19 +714,19 @@ out: | |||
714 | } | 714 | } |
715 | 715 | ||
716 | static int | 716 | static int |
717 | do_sys32_msgctl (int first, int second, void *uptr) | 717 | do_sys32_msgctl (int first, int second, void __user *uptr) |
718 | { | 718 | { |
719 | int err = -EINVAL, err2; | 719 | int err = -EINVAL, err2; |
720 | struct msqid64_ds m; | 720 | struct msqid64_ds m; |
721 | struct msqid_ds32 *up32 = (struct msqid_ds32 *)uptr; | 721 | struct msqid_ds32 __user *up32 = (struct msqid_ds32 __user *)uptr; |
722 | struct msqid64_ds32 *up64 = (struct msqid64_ds32 *)uptr; | 722 | struct msqid64_ds32 __user *up64 = (struct msqid64_ds32 __user *)uptr; |
723 | mm_segment_t old_fs; | 723 | mm_segment_t old_fs; |
724 | 724 | ||
725 | switch (second & ~IPC_64) { | 725 | switch (second & ~IPC_64) { |
726 | case IPC_INFO: | 726 | case IPC_INFO: |
727 | case IPC_RMID: | 727 | case IPC_RMID: |
728 | case MSG_INFO: | 728 | case MSG_INFO: |
729 | err = sys_msgctl (first, second, (struct msqid_ds *)uptr); | 729 | err = sys_msgctl (first, second, (struct msqid_ds __user *)uptr); |
730 | break; | 730 | break; |
731 | 731 | ||
732 | case IPC_SET: | 732 | case IPC_SET: |
@@ -753,7 +753,7 @@ do_sys32_msgctl (int first, int second, void *uptr) | |||
753 | break; | 753 | break; |
754 | old_fs = get_fs(); | 754 | old_fs = get_fs(); |
755 | set_fs(KERNEL_DS); | 755 | set_fs(KERNEL_DS); |
756 | err = sys_msgctl(first, second | IPC_64, (struct msqid_ds *)&m); | 756 | err = sys_msgctl(first, second | IPC_64, (struct msqid_ds __user *)&m); |
757 | set_fs(old_fs); | 757 | set_fs(old_fs); |
758 | break; | 758 | break; |
759 | 759 | ||
@@ -761,7 +761,7 @@ do_sys32_msgctl (int first, int second, void *uptr) | |||
761 | case MSG_STAT: | 761 | case MSG_STAT: |
762 | old_fs = get_fs(); | 762 | old_fs = get_fs(); |
763 | set_fs(KERNEL_DS); | 763 | set_fs(KERNEL_DS); |
764 | err = sys_msgctl(first, second | IPC_64, (struct msqid_ds *)&m); | 764 | err = sys_msgctl(first, second | IPC_64, (struct msqid_ds __user *)&m); |
765 | set_fs(old_fs); | 765 | set_fs(old_fs); |
766 | if (second & IPC_64) { | 766 | if (second & IPC_64) { |
767 | if (!access_ok(VERIFY_WRITE, up64, sizeof(*up64))) { | 767 | if (!access_ok(VERIFY_WRITE, up64, sizeof(*up64))) { |
@@ -815,10 +815,10 @@ do_sys32_msgctl (int first, int second, void *uptr) | |||
815 | } | 815 | } |
816 | 816 | ||
817 | static int | 817 | static int |
818 | do_sys32_shmat (int first, int second, int third, int version, void *uptr) | 818 | do_sys32_shmat (int first, int second, int third, int version, void __user *uptr) |
819 | { | 819 | { |
820 | unsigned long raddr; | 820 | unsigned long raddr; |
821 | u32 *uaddr = (u32 *)A((u32)third); | 821 | u32 __user *uaddr = (u32 __user *)A((u32)third); |
822 | int err = -EINVAL; | 822 | int err = -EINVAL; |
823 | 823 | ||
824 | if (version == 1) | 824 | if (version == 1) |
@@ -837,11 +837,11 @@ struct shm_info32 { | |||
837 | }; | 837 | }; |
838 | 838 | ||
839 | static int | 839 | static int |
840 | do_sys32_shmctl (int first, int second, void *uptr) | 840 | do_sys32_shmctl (int first, int second, void __user *uptr) |
841 | { | 841 | { |
842 | struct shmid64_ds32 *up64 = (struct shmid64_ds32 *)uptr; | 842 | struct shmid64_ds32 __user *up64 = (struct shmid64_ds32 __user *)uptr; |
843 | struct shmid_ds32 *up32 = (struct shmid_ds32 *)uptr; | 843 | struct shmid_ds32 __user *up32 = (struct shmid_ds32 __user *)uptr; |
844 | struct shm_info32 *uip = (struct shm_info32 *)uptr; | 844 | struct shm_info32 __user *uip = (struct shm_info32 __user *)uptr; |
845 | int err = -EFAULT, err2; | 845 | int err = -EFAULT, err2; |
846 | struct shmid64_ds s64; | 846 | struct shmid64_ds s64; |
847 | mm_segment_t old_fs; | 847 | mm_segment_t old_fs; |
@@ -854,7 +854,7 @@ do_sys32_shmctl (int first, int second, void *uptr) | |||
854 | case IPC_RMID: | 854 | case IPC_RMID: |
855 | case SHM_LOCK: | 855 | case SHM_LOCK: |
856 | case SHM_UNLOCK: | 856 | case SHM_UNLOCK: |
857 | err = sys_shmctl(first, second, (struct shmid_ds *)uptr); | 857 | err = sys_shmctl(first, second, (struct shmid_ds __user *)uptr); |
858 | break; | 858 | break; |
859 | case IPC_SET: | 859 | case IPC_SET: |
860 | if (second & IPC_64) { | 860 | if (second & IPC_64) { |
@@ -870,7 +870,7 @@ do_sys32_shmctl (int first, int second, void *uptr) | |||
870 | break; | 870 | break; |
871 | old_fs = get_fs(); | 871 | old_fs = get_fs(); |
872 | set_fs(KERNEL_DS); | 872 | set_fs(KERNEL_DS); |
873 | err = sys_shmctl(first, second & ~IPC_64, &s); | 873 | err = sys_shmctl(first, second & ~IPC_64, (struct shmid_ds __user *)&s); |
874 | set_fs(old_fs); | 874 | set_fs(old_fs); |
875 | break; | 875 | break; |
876 | 876 | ||
@@ -878,7 +878,7 @@ do_sys32_shmctl (int first, int second, void *uptr) | |||
878 | case SHM_STAT: | 878 | case SHM_STAT: |
879 | old_fs = get_fs(); | 879 | old_fs = get_fs(); |
880 | set_fs(KERNEL_DS); | 880 | set_fs(KERNEL_DS); |
881 | err = sys_shmctl(first, second | IPC_64, (void *) &s64); | 881 | err = sys_shmctl(first, second | IPC_64, (void __user *) &s64); |
882 | set_fs(old_fs); | 882 | set_fs(old_fs); |
883 | if (err < 0) | 883 | if (err < 0) |
884 | break; | 884 | break; |
@@ -928,7 +928,7 @@ do_sys32_shmctl (int first, int second, void *uptr) | |||
928 | case SHM_INFO: | 928 | case SHM_INFO: |
929 | old_fs = get_fs(); | 929 | old_fs = get_fs(); |
930 | set_fs(KERNEL_DS); | 930 | set_fs(KERNEL_DS); |
931 | err = sys_shmctl(first, second, (void *)&si); | 931 | err = sys_shmctl(first, second, (void __user *)&si); |
932 | set_fs(old_fs); | 932 | set_fs(old_fs); |
933 | if (err < 0) | 933 | if (err < 0) |
934 | break; | 934 | break; |
@@ -950,11 +950,11 @@ do_sys32_shmctl (int first, int second, void *uptr) | |||
950 | return err; | 950 | return err; |
951 | } | 951 | } |
952 | 952 | ||
953 | static int sys32_semtimedop(int semid, struct sembuf *tsems, int nsems, | 953 | static int sys32_semtimedop(int semid, struct sembuf __user *tsems, int nsems, |
954 | const struct compat_timespec *timeout32) | 954 | const struct compat_timespec __user *timeout32) |
955 | { | 955 | { |
956 | struct compat_timespec t32; | 956 | struct compat_timespec t32; |
957 | struct timespec *t64 = compat_alloc_user_space(sizeof(*t64)); | 957 | struct timespec __user *t64 = compat_alloc_user_space(sizeof(*t64)); |
958 | 958 | ||
959 | if (copy_from_user(&t32, timeout32, sizeof(t32))) | 959 | if (copy_from_user(&t32, timeout32, sizeof(t32))) |
960 | return -EFAULT; | 960 | return -EFAULT; |
@@ -977,11 +977,11 @@ sys32_ipc (u32 call, int first, int second, int third, u32 ptr, u32 fifth) | |||
977 | switch (call) { | 977 | switch (call) { |
978 | case SEMOP: | 978 | case SEMOP: |
979 | /* struct sembuf is the same on 32 and 64bit :)) */ | 979 | /* struct sembuf is the same on 32 and 64bit :)) */ |
980 | err = sys_semtimedop (first, (struct sembuf *)AA(ptr), second, | 980 | err = sys_semtimedop (first, (struct sembuf __user *)AA(ptr), second, |
981 | NULL); | 981 | NULL); |
982 | break; | 982 | break; |
983 | case SEMTIMEDOP: | 983 | case SEMTIMEDOP: |
984 | err = sys32_semtimedop (first, (struct sembuf *)AA(ptr), second, | 984 | err = sys32_semtimedop (first, (struct sembuf __user *)AA(ptr), second, |
985 | (const struct compat_timespec __user *)AA(fifth)); | 985 | (const struct compat_timespec __user *)AA(fifth)); |
986 | break; | 986 | break; |
987 | case SEMGET: | 987 | case SEMGET: |
@@ -989,36 +989,36 @@ sys32_ipc (u32 call, int first, int second, int third, u32 ptr, u32 fifth) | |||
989 | break; | 989 | break; |
990 | case SEMCTL: | 990 | case SEMCTL: |
991 | err = do_sys32_semctl (first, second, third, | 991 | err = do_sys32_semctl (first, second, third, |
992 | (void *)AA(ptr)); | 992 | (void __user *)AA(ptr)); |
993 | break; | 993 | break; |
994 | 994 | ||
995 | case MSGSND: | 995 | case MSGSND: |
996 | err = do_sys32_msgsnd (first, second, third, | 996 | err = do_sys32_msgsnd (first, second, third, |
997 | (void *)AA(ptr)); | 997 | (void __user *)AA(ptr)); |
998 | break; | 998 | break; |
999 | case MSGRCV: | 999 | case MSGRCV: |
1000 | err = do_sys32_msgrcv (first, second, fifth, third, | 1000 | err = do_sys32_msgrcv (first, second, fifth, third, |
1001 | version, (void *)AA(ptr)); | 1001 | version, (void __user *)AA(ptr)); |
1002 | break; | 1002 | break; |
1003 | case MSGGET: | 1003 | case MSGGET: |
1004 | err = sys_msgget ((key_t) first, second); | 1004 | err = sys_msgget ((key_t) first, second); |
1005 | break; | 1005 | break; |
1006 | case MSGCTL: | 1006 | case MSGCTL: |
1007 | err = do_sys32_msgctl (first, second, (void *)AA(ptr)); | 1007 | err = do_sys32_msgctl (first, second, (void __user *)AA(ptr)); |
1008 | break; | 1008 | break; |
1009 | 1009 | ||
1010 | case SHMAT: | 1010 | case SHMAT: |
1011 | err = do_sys32_shmat (first, second, third, | 1011 | err = do_sys32_shmat (first, second, third, |
1012 | version, (void *)AA(ptr)); | 1012 | version, (void __user *)AA(ptr)); |
1013 | break; | 1013 | break; |
1014 | case SHMDT: | 1014 | case SHMDT: |
1015 | err = sys_shmdt ((char *)A(ptr)); | 1015 | err = sys_shmdt ((char __user *)A(ptr)); |
1016 | break; | 1016 | break; |
1017 | case SHMGET: | 1017 | case SHMGET: |
1018 | err = sys_shmget (first, (unsigned)second, third); | 1018 | err = sys_shmget (first, (unsigned)second, third); |
1019 | break; | 1019 | break; |
1020 | case SHMCTL: | 1020 | case SHMCTL: |
1021 | err = do_sys32_shmctl (first, second, (void *)AA(ptr)); | 1021 | err = do_sys32_shmctl (first, second, (void __user *)AA(ptr)); |
1022 | break; | 1022 | break; |
1023 | default: | 1023 | default: |
1024 | err = -EINVAL; | 1024 | err = -EINVAL; |
@@ -1029,7 +1029,7 @@ sys32_ipc (u32 call, int first, int second, int third, u32 ptr, u32 fifth) | |||
1029 | } | 1029 | } |
1030 | 1030 | ||
1031 | asmlinkage long sys32_shmat(int shmid, char __user *shmaddr, | 1031 | asmlinkage long sys32_shmat(int shmid, char __user *shmaddr, |
1032 | int shmflg, int32_t *addr) | 1032 | int shmflg, int32_t __user *addr) |
1033 | { | 1033 | { |
1034 | unsigned long raddr; | 1034 | unsigned long raddr; |
1035 | int err; | 1035 | int err; |
@@ -1054,12 +1054,13 @@ struct sysctl_args32 | |||
1054 | 1054 | ||
1055 | #ifdef CONFIG_SYSCTL | 1055 | #ifdef CONFIG_SYSCTL |
1056 | 1056 | ||
1057 | asmlinkage long sys32_sysctl(struct sysctl_args32 *args) | 1057 | asmlinkage long sys32_sysctl(struct sysctl_args32 __user *args) |
1058 | { | 1058 | { |
1059 | struct sysctl_args32 tmp; | 1059 | struct sysctl_args32 tmp; |
1060 | int error; | 1060 | int error; |
1061 | size_t oldlen, *oldlenp = NULL; | 1061 | size_t oldlen; |
1062 | unsigned long addr = (((long)&args->__unused[0]) + 7) & ~7; | 1062 | size_t __user *oldlenp = NULL; |
1063 | unsigned long addr = (((unsigned long)&args->__unused[0]) + 7) & ~7; | ||
1063 | 1064 | ||
1064 | if (copy_from_user(&tmp, args, sizeof(tmp))) | 1065 | if (copy_from_user(&tmp, args, sizeof(tmp))) |
1065 | return -EFAULT; | 1066 | return -EFAULT; |
@@ -1071,20 +1072,20 @@ asmlinkage long sys32_sysctl(struct sysctl_args32 *args) | |||
1071 | basically copy the whole sysctl.c here, and | 1072 | basically copy the whole sysctl.c here, and |
1072 | glibc's __sysctl uses rw memory for the structure | 1073 | glibc's __sysctl uses rw memory for the structure |
1073 | anyway. */ | 1074 | anyway. */ |
1074 | if (get_user(oldlen, (u32 *)A(tmp.oldlenp)) || | 1075 | if (get_user(oldlen, (u32 __user *)A(tmp.oldlenp)) || |
1075 | put_user(oldlen, (size_t *)addr)) | 1076 | put_user(oldlen, (size_t __user *)addr)) |
1076 | return -EFAULT; | 1077 | return -EFAULT; |
1077 | oldlenp = (size_t *)addr; | 1078 | oldlenp = (size_t __user *)addr; |
1078 | } | 1079 | } |
1079 | 1080 | ||
1080 | lock_kernel(); | 1081 | lock_kernel(); |
1081 | error = do_sysctl((int *)A(tmp.name), tmp.nlen, (void *)A(tmp.oldval), | 1082 | error = do_sysctl((int __user *)A(tmp.name), tmp.nlen, (void __user *)A(tmp.oldval), |
1082 | oldlenp, (void *)A(tmp.newval), tmp.newlen); | 1083 | oldlenp, (void __user *)A(tmp.newval), tmp.newlen); |
1083 | unlock_kernel(); | 1084 | unlock_kernel(); |
1084 | if (oldlenp) { | 1085 | if (oldlenp) { |
1085 | if (!error) { | 1086 | if (!error) { |
1086 | if (get_user(oldlen, (size_t *)addr) || | 1087 | if (get_user(oldlen, (size_t __user *)addr) || |
1087 | put_user(oldlen, (u32 *)A(tmp.oldlenp))) | 1088 | put_user(oldlen, (u32 __user *)A(tmp.oldlenp))) |
1088 | error = -EFAULT; | 1089 | error = -EFAULT; |
1089 | } | 1090 | } |
1090 | copy_to_user(args->__unused, tmp.__unused, sizeof(tmp.__unused)); | 1091 | copy_to_user(args->__unused, tmp.__unused, sizeof(tmp.__unused)); |
@@ -1094,7 +1095,7 @@ asmlinkage long sys32_sysctl(struct sysctl_args32 *args) | |||
1094 | 1095 | ||
1095 | #endif /* CONFIG_SYSCTL */ | 1096 | #endif /* CONFIG_SYSCTL */ |
1096 | 1097 | ||
1097 | asmlinkage long sys32_newuname(struct new_utsname * name) | 1098 | asmlinkage long sys32_newuname(struct new_utsname __user * name) |
1098 | { | 1099 | { |
1099 | int ret = 0; | 1100 | int ret = 0; |
1100 | 1101 | ||
@@ -1129,9 +1130,9 @@ struct ustat32 { | |||
1129 | char f_fpack[6]; | 1130 | char f_fpack[6]; |
1130 | }; | 1131 | }; |
1131 | 1132 | ||
1132 | extern asmlinkage long sys_ustat(dev_t dev, struct ustat * ubuf); | 1133 | extern asmlinkage long sys_ustat(dev_t dev, struct ustat __user * ubuf); |
1133 | 1134 | ||
1134 | asmlinkage int sys32_ustat(dev_t dev, struct ustat32 * ubuf32) | 1135 | asmlinkage int sys32_ustat(dev_t dev, struct ustat32 __user * ubuf32) |
1135 | { | 1136 | { |
1136 | int err; | 1137 | int err; |
1137 | struct ustat tmp; | 1138 | struct ustat tmp; |
@@ -1139,7 +1140,7 @@ asmlinkage int sys32_ustat(dev_t dev, struct ustat32 * ubuf32) | |||
1139 | mm_segment_t old_fs = get_fs(); | 1140 | mm_segment_t old_fs = get_fs(); |
1140 | 1141 | ||
1141 | set_fs(KERNEL_DS); | 1142 | set_fs(KERNEL_DS); |
1142 | err = sys_ustat(dev, &tmp); | 1143 | err = sys_ustat(dev, (struct ustat __user *)&tmp); |
1143 | set_fs (old_fs); | 1144 | set_fs (old_fs); |
1144 | 1145 | ||
1145 | if (err) | 1146 | if (err) |
@@ -1155,80 +1156,7 @@ out: | |||
1155 | return err; | 1156 | return err; |
1156 | } | 1157 | } |
1157 | 1158 | ||
1158 | /* Handle adjtimex compatibility. */ | 1159 | asmlinkage int sys32_sendfile(int out_fd, int in_fd, compat_off_t __user *offset, |
1159 | |||
1160 | struct timex32 { | ||
1161 | u32 modes; | ||
1162 | s32 offset, freq, maxerror, esterror; | ||
1163 | s32 status, constant, precision, tolerance; | ||
1164 | struct compat_timeval time; | ||
1165 | s32 tick; | ||
1166 | s32 ppsfreq, jitter, shift, stabil; | ||
1167 | s32 jitcnt, calcnt, errcnt, stbcnt; | ||
1168 | s32 :32; s32 :32; s32 :32; s32 :32; | ||
1169 | s32 :32; s32 :32; s32 :32; s32 :32; | ||
1170 | s32 :32; s32 :32; s32 :32; s32 :32; | ||
1171 | }; | ||
1172 | |||
1173 | extern int do_adjtimex(struct timex *); | ||
1174 | |||
1175 | asmlinkage int sys32_adjtimex(struct timex32 *utp) | ||
1176 | { | ||
1177 | struct timex txc; | ||
1178 | int ret; | ||
1179 | |||
1180 | memset(&txc, 0, sizeof(struct timex)); | ||
1181 | |||
1182 | if (get_user(txc.modes, &utp->modes) || | ||
1183 | __get_user(txc.offset, &utp->offset) || | ||
1184 | __get_user(txc.freq, &utp->freq) || | ||
1185 | __get_user(txc.maxerror, &utp->maxerror) || | ||
1186 | __get_user(txc.esterror, &utp->esterror) || | ||
1187 | __get_user(txc.status, &utp->status) || | ||
1188 | __get_user(txc.constant, &utp->constant) || | ||
1189 | __get_user(txc.precision, &utp->precision) || | ||
1190 | __get_user(txc.tolerance, &utp->tolerance) || | ||
1191 | __get_user(txc.time.tv_sec, &utp->time.tv_sec) || | ||
1192 | __get_user(txc.time.tv_usec, &utp->time.tv_usec) || | ||
1193 | __get_user(txc.tick, &utp->tick) || | ||
1194 | __get_user(txc.ppsfreq, &utp->ppsfreq) || | ||
1195 | __get_user(txc.jitter, &utp->jitter) || | ||
1196 | __get_user(txc.shift, &utp->shift) || | ||
1197 | __get_user(txc.stabil, &utp->stabil) || | ||
1198 | __get_user(txc.jitcnt, &utp->jitcnt) || | ||
1199 | __get_user(txc.calcnt, &utp->calcnt) || | ||
1200 | __get_user(txc.errcnt, &utp->errcnt) || | ||
1201 | __get_user(txc.stbcnt, &utp->stbcnt)) | ||
1202 | return -EFAULT; | ||
1203 | |||
1204 | ret = do_adjtimex(&txc); | ||
1205 | |||
1206 | if (put_user(txc.modes, &utp->modes) || | ||
1207 | __put_user(txc.offset, &utp->offset) || | ||
1208 | __put_user(txc.freq, &utp->freq) || | ||
1209 | __put_user(txc.maxerror, &utp->maxerror) || | ||
1210 | __put_user(txc.esterror, &utp->esterror) || | ||
1211 | __put_user(txc.status, &utp->status) || | ||
1212 | __put_user(txc.constant, &utp->constant) || | ||
1213 | __put_user(txc.precision, &utp->precision) || | ||
1214 | __put_user(txc.tolerance, &utp->tolerance) || | ||
1215 | __put_user(txc.time.tv_sec, &utp->time.tv_sec) || | ||
1216 | __put_user(txc.time.tv_usec, &utp->time.tv_usec) || | ||
1217 | __put_user(txc.tick, &utp->tick) || | ||
1218 | __put_user(txc.ppsfreq, &utp->ppsfreq) || | ||
1219 | __put_user(txc.jitter, &utp->jitter) || | ||
1220 | __put_user(txc.shift, &utp->shift) || | ||
1221 | __put_user(txc.stabil, &utp->stabil) || | ||
1222 | __put_user(txc.jitcnt, &utp->jitcnt) || | ||
1223 | __put_user(txc.calcnt, &utp->calcnt) || | ||
1224 | __put_user(txc.errcnt, &utp->errcnt) || | ||
1225 | __put_user(txc.stbcnt, &utp->stbcnt)) | ||
1226 | ret = -EFAULT; | ||
1227 | |||
1228 | return ret; | ||
1229 | } | ||
1230 | |||
1231 | asmlinkage int sys32_sendfile(int out_fd, int in_fd, compat_off_t *offset, | ||
1232 | s32 count) | 1160 | s32 count) |
1233 | { | 1161 | { |
1234 | mm_segment_t old_fs = get_fs(); | 1162 | mm_segment_t old_fs = get_fs(); |
@@ -1239,7 +1167,7 @@ asmlinkage int sys32_sendfile(int out_fd, int in_fd, compat_off_t *offset, | |||
1239 | return -EFAULT; | 1167 | return -EFAULT; |
1240 | 1168 | ||
1241 | set_fs(KERNEL_DS); | 1169 | set_fs(KERNEL_DS); |
1242 | ret = sys_sendfile(out_fd, in_fd, offset ? &of : NULL, count); | 1170 | ret = sys_sendfile(out_fd, in_fd, offset ? (off_t __user *)&of : NULL, count); |
1243 | set_fs(old_fs); | 1171 | set_fs(old_fs); |
1244 | 1172 | ||
1245 | if (offset && put_user(of, offset)) | 1173 | if (offset && put_user(of, offset)) |
@@ -1269,7 +1197,7 @@ static unsigned char socketcall_nargs[18]={AL(0),AL(3),AL(3),AL(3),AL(2),AL(3), | |||
1269 | * it is set by the callees. | 1197 | * it is set by the callees. |
1270 | */ | 1198 | */ |
1271 | 1199 | ||
1272 | asmlinkage long sys32_socketcall(int call, unsigned int *args32) | 1200 | asmlinkage long sys32_socketcall(int call, unsigned int __user *args32) |
1273 | { | 1201 | { |
1274 | unsigned int a[6]; | 1202 | unsigned int a[6]; |
1275 | unsigned int a0,a1; | 1203 | unsigned int a0,a1; |
@@ -1291,7 +1219,7 @@ asmlinkage long sys32_socketcall(int call, unsigned int *args32) | |||
1291 | struct sockaddr __user *addr, int __user *addr_len); | 1219 | struct sockaddr __user *addr, int __user *addr_len); |
1292 | extern asmlinkage long sys_shutdown(int fd, int how); | 1220 | extern asmlinkage long sys_shutdown(int fd, int how); |
1293 | extern asmlinkage long sys_setsockopt(int fd, int level, int optname, char __user *optval, int optlen); | 1221 | extern asmlinkage long sys_setsockopt(int fd, int level, int optname, char __user *optval, int optlen); |
1294 | extern asmlinkage long sys_getsockopt(int fd, int level, int optname, char __user *optval, int *optlen); | 1222 | extern asmlinkage long sys_getsockopt(int fd, int level, int optname, char __user *optval, int __user *optlen); |
1295 | extern asmlinkage long sys_sendmsg(int fd, struct msghdr __user *msg, unsigned flags); | 1223 | extern asmlinkage long sys_sendmsg(int fd, struct msghdr __user *msg, unsigned flags); |
1296 | extern asmlinkage long sys_recvmsg(int fd, struct msghdr __user *msg, unsigned int flags); | 1224 | extern asmlinkage long sys_recvmsg(int fd, struct msghdr __user *msg, unsigned int flags); |
1297 | 1225 | ||
@@ -1411,7 +1339,7 @@ _sys32_clone(nabi_no_regargs struct pt_regs regs) | |||
1411 | newsp = regs.regs[5]; | 1339 | newsp = regs.regs[5]; |
1412 | if (!newsp) | 1340 | if (!newsp) |
1413 | newsp = regs.regs[29]; | 1341 | newsp = regs.regs[29]; |
1414 | parent_tidptr = (int *) regs.regs[6]; | 1342 | parent_tidptr = (int __user *) regs.regs[6]; |
1415 | 1343 | ||
1416 | /* Use __dummy4 instead of getting it off the stack, so that | 1344 | /* Use __dummy4 instead of getting it off the stack, so that |
1417 | syscall() works. */ | 1345 | syscall() works. */ |