diff options
Diffstat (limited to 'arch/powerpc/kernel')
-rw-r--r-- | arch/powerpc/kernel/prom_init.c | 10 | ||||
-rw-r--r-- | arch/powerpc/kernel/signal_32.c | 11 | ||||
-rw-r--r-- | arch/powerpc/kernel/signal_64.c | 2 |
3 files changed, 22 insertions, 1 deletions
diff --git a/arch/powerpc/kernel/prom_init.c b/arch/powerpc/kernel/prom_init.c index 5908690d0868..57d8a16438a0 100644 --- a/arch/powerpc/kernel/prom_init.c +++ b/arch/powerpc/kernel/prom_init.c | |||
@@ -776,6 +776,7 @@ static void __init prom_send_capabilities(void) | |||
776 | /* try calling the ibm,client-architecture-support method */ | 776 | /* try calling the ibm,client-architecture-support method */ |
777 | if (call_prom_ret("call-method", 3, 2, &ret, | 777 | if (call_prom_ret("call-method", 3, 2, &ret, |
778 | ADDR("ibm,client-architecture-support"), | 778 | ADDR("ibm,client-architecture-support"), |
779 | root, | ||
779 | ADDR(ibm_architecture_vec)) == 0) { | 780 | ADDR(ibm_architecture_vec)) == 0) { |
780 | /* the call exists... */ | 781 | /* the call exists... */ |
781 | if (ret) | 782 | if (ret) |
@@ -1541,6 +1542,15 @@ static int __init prom_find_machine_type(void) | |||
1541 | if (strstr(p, RELOC("Power Macintosh")) || | 1542 | if (strstr(p, RELOC("Power Macintosh")) || |
1542 | strstr(p, RELOC("MacRISC"))) | 1543 | strstr(p, RELOC("MacRISC"))) |
1543 | return PLATFORM_POWERMAC; | 1544 | return PLATFORM_POWERMAC; |
1545 | #ifdef CONFIG_PPC64 | ||
1546 | /* We must make sure we don't detect the IBM Cell | ||
1547 | * blades as pSeries due to some firmware issues, | ||
1548 | * so we do it here. | ||
1549 | */ | ||
1550 | if (strstr(p, RELOC("IBM,CBEA")) || | ||
1551 | strstr(p, RELOC("IBM,CPBW-1.0"))) | ||
1552 | return PLATFORM_GENERIC; | ||
1553 | #endif /* CONFIG_PPC64 */ | ||
1544 | i += sl + 1; | 1554 | i += sl + 1; |
1545 | } | 1555 | } |
1546 | } | 1556 | } |
diff --git a/arch/powerpc/kernel/signal_32.c b/arch/powerpc/kernel/signal_32.c index 237faeec2ec2..d73b25e22fca 100644 --- a/arch/powerpc/kernel/signal_32.c +++ b/arch/powerpc/kernel/signal_32.c | |||
@@ -808,10 +808,13 @@ static int do_setcontext(struct ucontext __user *ucp, struct pt_regs *regs, int | |||
808 | if (__get_user(cmcp, &ucp->uc_regs)) | 808 | if (__get_user(cmcp, &ucp->uc_regs)) |
809 | return -EFAULT; | 809 | return -EFAULT; |
810 | mcp = (struct mcontext __user *)(u64)cmcp; | 810 | mcp = (struct mcontext __user *)(u64)cmcp; |
811 | /* no need to check access_ok(mcp), since mcp < 4GB */ | ||
811 | } | 812 | } |
812 | #else | 813 | #else |
813 | if (__get_user(mcp, &ucp->uc_regs)) | 814 | if (__get_user(mcp, &ucp->uc_regs)) |
814 | return -EFAULT; | 815 | return -EFAULT; |
816 | if (!access_ok(VERIFY_READ, mcp, sizeof(*mcp))) | ||
817 | return -EFAULT; | ||
815 | #endif | 818 | #endif |
816 | restore_sigmask(&set); | 819 | restore_sigmask(&set); |
817 | if (restore_user_regs(regs, mcp, sig)) | 820 | if (restore_user_regs(regs, mcp, sig)) |
@@ -913,13 +916,14 @@ int sys_debug_setcontext(struct ucontext __user *ctx, | |||
913 | { | 916 | { |
914 | struct sig_dbg_op op; | 917 | struct sig_dbg_op op; |
915 | int i; | 918 | int i; |
919 | unsigned char tmp; | ||
916 | unsigned long new_msr = regs->msr; | 920 | unsigned long new_msr = regs->msr; |
917 | #if defined(CONFIG_4xx) || defined(CONFIG_BOOKE) | 921 | #if defined(CONFIG_4xx) || defined(CONFIG_BOOKE) |
918 | unsigned long new_dbcr0 = current->thread.dbcr0; | 922 | unsigned long new_dbcr0 = current->thread.dbcr0; |
919 | #endif | 923 | #endif |
920 | 924 | ||
921 | for (i=0; i<ndbg; i++) { | 925 | for (i=0; i<ndbg; i++) { |
922 | if (__copy_from_user(&op, dbg, sizeof(op))) | 926 | if (copy_from_user(&op, dbg + i, sizeof(op))) |
923 | return -EFAULT; | 927 | return -EFAULT; |
924 | switch (op.dbg_type) { | 928 | switch (op.dbg_type) { |
925 | case SIG_DBG_SINGLE_STEPPING: | 929 | case SIG_DBG_SINGLE_STEPPING: |
@@ -964,6 +968,11 @@ int sys_debug_setcontext(struct ucontext __user *ctx, | |||
964 | current->thread.dbcr0 = new_dbcr0; | 968 | current->thread.dbcr0 = new_dbcr0; |
965 | #endif | 969 | #endif |
966 | 970 | ||
971 | if (!access_ok(VERIFY_READ, ctx, sizeof(*ctx)) | ||
972 | || __get_user(tmp, (u8 __user *) ctx) | ||
973 | || __get_user(tmp, (u8 __user *) (ctx + 1) - 1)) | ||
974 | return -EFAULT; | ||
975 | |||
967 | /* | 976 | /* |
968 | * If we get a fault copying the context into the kernel's | 977 | * If we get a fault copying the context into the kernel's |
969 | * image of the user's registers, we can't just return -EFAULT | 978 | * image of the user's registers, we can't just return -EFAULT |
diff --git a/arch/powerpc/kernel/signal_64.c b/arch/powerpc/kernel/signal_64.c index 66a5fbe31989..6e75d7ab6d4d 100644 --- a/arch/powerpc/kernel/signal_64.c +++ b/arch/powerpc/kernel/signal_64.c | |||
@@ -184,6 +184,8 @@ static long restore_sigcontext(struct pt_regs *regs, sigset_t *set, int sig, | |||
184 | err |= __get_user(v_regs, &sc->v_regs); | 184 | err |= __get_user(v_regs, &sc->v_regs); |
185 | if (err) | 185 | if (err) |
186 | return err; | 186 | return err; |
187 | if (v_regs && !access_ok(VERIFY_READ, v_regs, 34 * sizeof(vector128))) | ||
188 | return -EFAULT; | ||
187 | /* Copy 33 vec registers (vr0..31 and vscr) from the stack */ | 189 | /* Copy 33 vec registers (vr0..31 and vscr) from the stack */ |
188 | if (v_regs != 0 && (msr & MSR_VEC) != 0) | 190 | if (v_regs != 0 && (msr & MSR_VEC) != 0) |
189 | err |= __copy_from_user(current->thread.vr, v_regs, | 191 | err |= __copy_from_user(current->thread.vr, v_regs, |