commit 416529374b4793ba2d2e97e736d108a2e0f3ef07 · tjh.dev/kernel

tjh.dev / kernel

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

hrtimer: fix *rmtp/restarts handling in compat_sys_nanosleep()

Spotted by Pavel Emelyanov and Alexey Dobriyan.

compat_sys_nanosleep() implicitly uses hrtimer_nanosleep_restart(), this can't
work. Make a suitable compat_nanosleep_restart() helper.

Introduced by commit c70878b4e0b6cf8d2f1e46319e48e821ef4a8aba
hrtimer: hook compat_sys_nanosleep up to high res timer code

Also, set ->addr_limit = KERNEL_DS before doing hrtimer_nanosleep(), this func
was changed by the previous patch and now takes the "__user *" parameter.

Thanks to Ingo Molnar for fixing the bug in this patch.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Alexey Dobriyan <adobriyan@sw.ru>
Cc: Pavel Emelyanov <xemul@sw.ru>
Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Toyo Abe <toyoa@mvista.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>

authored by Oleg Nesterov and committed by Thomas Gleixner 18 years ago 41652937 080344b9

+40 -4

1 changed file

expand all

unified split

kernel

compat.c

+40 -4

kernel/compat.c

··· 40 __put_user(ts->tv_nsec, &cts->tv_nsec)) ? -EFAULT : 0; 41 } 42 43 asmlinkage long compat_sys_nanosleep(struct compat_timespec __user *rqtp, 44 struct compat_timespec __user *rmtp) 45 { 46 struct timespec tu, rmt; 47 long ret; 48 49 if (get_compat_timespec(&tu, rqtp)) ··· 78 if (!timespec_valid(&tu)) 79 return -EINVAL; 80 81 - ret = hrtimer_nanosleep(&tu, rmtp ? &rmt : NULL, HRTIMER_MODE_REL, 82 - CLOCK_MONOTONIC); 83 84 - if (ret && rmtp) { 85 - if (put_compat_timespec(&rmt, rmtp)) 86 return -EFAULT; 87 } 88

··· 40 __put_user(ts->tv_nsec, &cts->tv_nsec)) ? -EFAULT : 0; 41 } 42 43 + static long compat_nanosleep_restart(struct restart_block *restart) 44 + { 45 + struct compat_timespec __user *rmtp; 46 + struct timespec rmt; 47 + mm_segment_t oldfs; 48 + long ret; 49 + 50 + rmtp = (struct compat_timespec __user *)(restart->arg1); 51 + restart->arg1 = (unsigned long)&rmt; 52 + oldfs = get_fs(); 53 + set_fs(KERNEL_DS); 54 + ret = hrtimer_nanosleep_restart(restart); 55 + set_fs(oldfs); 56 + 57 + if (ret) { 58 + restart->fn = compat_nanosleep_restart; 59 + restart->arg1 = (unsigned long)rmtp; 60 + 61 + if (rmtp && put_compat_timespec(&rmt, rmtp)) 62 + return -EFAULT; 63 + } 64 + 65 + return ret; 66 + } 67 + 68 asmlinkage long compat_sys_nanosleep(struct compat_timespec __user *rqtp, 69 struct compat_timespec __user *rmtp) 70 { 71 struct timespec tu, rmt; 72 + mm_segment_t oldfs; 73 long ret; 74 75 if (get_compat_timespec(&tu, rqtp)) ··· 52 if (!timespec_valid(&tu)) 53 return -EINVAL; 54 55 + oldfs = get_fs(); 56 + set_fs(KERNEL_DS); 57 + ret = hrtimer_nanosleep(&tu, 58 + rmtp ? (struct timespec __user *)&rmt : NULL, 59 + HRTIMER_MODE_REL, CLOCK_MONOTONIC); 60 + set_fs(oldfs); 61 62 + if (ret) { 63 + struct restart_block *restart 64 + = &current_thread_info()->restart_block; 65 + 66 + restart->fn = compat_nanosleep_restart; 67 + restart->arg1 = (unsigned long)rmtp; 68 + 69 + if (rmtp && put_compat_timespec(&rmt, rmtp)) 70 return -EFAULT; 71 } 72