[PATCH 1/4] UML - Fix signal frame copy_user

>From Al Viro:

The copy_user stuff in the signal frame code was broke.

Signed-off-by: Jeff Dike <[email protected]>

Index: linux-2.6.13-rc6/arch/um/sys-i386/signal.c
===================================================================
--- linux-2.6.13-rc6.orig/arch/um/sys-i386/signal.c	2005-08-15 12:03:10.000000000 -0400
+++ linux-2.6.13-rc6/arch/um/sys-i386/signal.c	2005-08-15 12:04:08.000000000 -0400
@@ -122,9 +122,9 @@
 	int err;
 
 	to_fp = to->fpstate;
-	from_fp = from->fpstate;
 	sigs = to->oldmask;
 	err = copy_from_user(to, from, sizeof(*to));
+	from_fp = to->fpstate;
 	to->oldmask = sigs;
 	to->fpstate = to_fp;
 	if(to_fp != NULL)
Index: linux-2.6.13-rc6/arch/um/sys-x86_64/signal.c
===================================================================
--- linux-2.6.13-rc6.orig/arch/um/sys-x86_64/signal.c	2005-08-15 12:03:10.000000000 -0400
+++ linux-2.6.13-rc6/arch/um/sys-x86_64/signal.c	2005-08-15 12:04:08.000000000 -0400
@@ -104,28 +104,35 @@
 int copy_sc_from_user_tt(struct sigcontext *to, struct sigcontext *from,
                         int fpsize)
 {
-       struct _fpstate *to_fp, *from_fp;
-       unsigned long sigs;
-       int err;
-
-       to_fp = to->fpstate;
-       from_fp = from->fpstate;
-       sigs = to->oldmask;
-       err = copy_from_user(to, from, sizeof(*to));
-       to->oldmask = sigs;
-       return(err);
+	struct _fpstate *to_fp, *from_fp;
+	unsigned long sigs;
+	int err;
+
+	to_fp = to->fpstate;
+	sigs = to->oldmask;
+	err = copy_from_user(to, from, sizeof(*to));
+	from_fp = to->fpstate;
+	to->fpstate = to_fp;
+	to->oldmask = sigs;
+	if(to_fp != NULL)
+		err |= copy_from_user(to_fp, from_fp, fpsize);
+	return(err);
 }
 
 int copy_sc_to_user_tt(struct sigcontext *to, struct _fpstate *fp,
                       struct sigcontext *from, int fpsize)
 {
-       struct _fpstate *to_fp, *from_fp;
-       int err;
+	struct _fpstate *to_fp, *from_fp;
+	int err;
 
-       to_fp = (fp ? fp : (struct _fpstate *) (to + 1));
-       from_fp = from->fpstate;
-       err = copy_to_user(to, from, sizeof(*to));
-       return(err);
+	to_fp = (fp ? fp : (struct _fpstate *) (to + 1));
+	from_fp = from->fpstate;
+	err = copy_to_user(to, from, sizeof(*to));
+	if(from_fp != NULL){
+		err |= copy_to_user(&to->fpstate, &to_fp, sizeof(to->fpstate));
+		err |= copy_to_user(to_fp, from_fp, fpsize);
+	}
+	return(err);
 }
 
 #endif

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• Prev by Date: Re: [PATCH 0/6] i386 virtualization patches, Set 3
• Next by Date: [PATCH 2/4] UML -
• Previous by thread: [PATCH 3/4] UML - Fix the x86_64 build
• Next by thread: [PATCH 2/4] UML -
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]