alpha: fix copy_from_user() · tjh.dev/kernel@2561d30

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

alpha: fix copy_from_user()

it should clear the destination even when access_ok() fails.

Cc: stable@vger.kernel.org
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

Al Viro 9 years ago 2561d309 694d0d0b

+8 -11

1 changed file

expand all

arch

alpha

include

asm

uaccess.h

+8 -11

arch/alpha/include/asm/uaccess.h

··· 371 371 return __cu_len; 372 372 } 373 373 374 - extern inline long 375 - __copy_tofrom_user(void *to, const void *from, long len, const void __user *validate) 376 - { 377 - if (__access_ok((unsigned long)validate, len, get_fs())) 378 - len = __copy_tofrom_user_nocheck(to, from, len); 379 - return len; 380 - } 381 - 382 374 #define __copy_to_user(to, from, n) \ 383 375 ({ \ 384 376 __chk_user_ptr(to); \ ··· 385 393 #define __copy_to_user_inatomic __copy_to_user 386 394 #define __copy_from_user_inatomic __copy_from_user 387 395 388 - 389 396 extern inline long 390 397 copy_to_user(void __user *to, const void *from, long n) 391 398 { 392 - return __copy_tofrom_user((__force void *)to, from, n, to); 399 + if (likely(__access_ok((unsigned long)to, n, get_fs()))) 400 + n = __copy_tofrom_user_nocheck((__force void *)to, from, n); 401 + return n; 393 402 } 394 403 395 404 extern inline long 396 405 copy_from_user(void *to, const void __user *from, long n) 397 406 { 398 - return __copy_tofrom_user(to, (__force void *)from, n, from); 407 + if (likely(__access_ok((unsigned long)from, n, get_fs()))) 408 + n = __copy_tofrom_user_nocheck(to, (__force void *)from, n); 409 + else 410 + memset(to, 0, n); 411 + return n; 399 412 } 400 413 401 414 extern void __do_clear_user(void);