On Fri, May 11, 2007 at 11:19:14AM +1000, Rusty Russell wrote:
> @@ -218,7 +218,7 @@ u32 lgread_u32(struct lguest *lg, u32 ad
>
> /* Don't let them access lguest binary */
> if (!lguest_address_ok(lg, addr, sizeof(val))
> - || get_user(val, (u32 __user *)addr) != 0)
> + || get_user(val, (__force u32 __user *)addr) != 0)
> kill_guest(lg, "bad read address %u", addr);
> return val;
*Ahem*
What kind of address are we really getting there? IOW, where does it
ultimately come from?
> lock_cpu_hotplug();
> if (cpu_has_pge) { /* We have a broader idea of "global". */
> cpu_had_pge = 1;
> - on_each_cpu(adjust_pge, 0, 0, 1);
> + on_each_cpu(adjust_pge, (void *)0, 0, 1);
That's called NULL...
> case LHCALL_LOAD_TLS:
> - guest_load_tls(lg, (struct desc_struct __user*)regs->edx);
> + guest_load_tls(lg,
> + (__force struct desc_struct __user*)regs->edx);
Umm... That's borderline OK, but...
> static void push_guest_stack(struct lguest *lg, u32 __user **gstack, u32 val)
> {
> - lgwrite_u32(lg, (u32)--(*gstack), val);
> + lgwrite_u32(lg, (__force u32)--(*gstack), val);
> }
Now, _that_ is just plain dumb. Why not declare that lgwrite_u32() as taking
u32 __user * as argument and kill the casts?
> - lg->regs->esp = (u32)gstack + lg->page_offset;
> + lg->regs->esp = (__force u32)gstack + lg->page_offset;
Yuck. Cast to unsigned long (or uintptr_t), please. In this case it is
legitimate.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
