commit 61c39bb354a1f791ba6f562b766a72e508a036ee · tjh.dev/kernel

tjh.dev / kernel

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Merge branch 'for-linus' of git://git390.marist.edu/pub/scm/linux-2.6

* 'for-linus' of git://git390.marist.edu/pub/scm/linux-2.6:
[S390] tape_char: add missing compat_ptr conversion
[S390] zcrypt: add sanity check before copy_from_user()
[S390] unwire sys_recvmmsg again
[S390] con3215: remove empty ioctl function
[S390] dasd: add proper compat pointer conversion for symmetrix ioctl
[S390] mmap: add missing compat_ptr conversion to both mmap compat syscalls
[S390] bug: implement arch specific __WARN macro
[S390] Move __cpu_logical_map to smp.c
[S390] tape_block: remove ioctl function
[S390] smp: remove volatile type quilifier from __cpu_logical_map
[S390] smp: setup smp_processor_id early
[S390] use helpers for rlimits
[S390] fs3270: add missing compat ptr conversion
[S390] vmcp: add missing compat ptr conversion
[S390] cio: add missing compat ptr conversion
[S390] dasd: add missing compat ptr conversion
[S390] remove superfluous TIF_USEDFPU bit
[S390] duplicate SIGTRAP on signal delivery.
[S390] clear TIF_SINGLE_STEP for new process.
[S390] fix loading of PER control registers for utrace.

Linus Torvalds 16 years ago 61c39bb3 4a24eef6

+137 -160

24 changed files

expand all

unified split

arch

s390

include

asm

bug.h

sigp.h

thread_info.h

unistd.h

kernel

compat_linux.c

compat_wrapper.S

process.c

ptrace.c

setup.c

signal.c

smp.c

syscalls.S

topology.c

lib

spinlock.c

mmap.c

drivers

s390

block

dasd_eckd.c

dasd_ioctl.c

char

con3215.c

fs3270.c

tape_block.c

tape_char.c

vmcp.c

cio

chsc_sch.c

crypto

zcrypt_api.c

arch/s390/include/asm/bug.h

··· 52 52 unreachable(); \ 53 53 } while (0) 54 54 55 + #define __WARN() do { \ 56 + __EMIT_BUG(BUGFLAG_WARNING); \ 57 + } while (0) 58 + 55 59 #define WARN_ON(x) ({ \ 56 60 int __ret_warn_on = !!(x); \ 57 61 if (__builtin_constant_p(__ret_warn_on)) { \

+14 -6

arch/s390/include/asm/sigp.h

··· 15 15 #ifndef __SIGP__ 16 16 #define __SIGP__ 17 17 18 - #include <asm/ptrace.h> 19 - #include <asm/atomic.h> 18 + #include <asm/system.h> 20 19 21 20 /* get real cpu address from logical cpu number */ 22 - extern volatile int __cpu_logical_map[]; 21 + extern int __cpu_logical_map[]; 22 + 23 + static inline int cpu_logical_map(int cpu) 24 + { 25 + #ifdef CONFIG_SMP 26 + return __cpu_logical_map[cpu]; 27 + #else 28 + return stap(); 29 + #endif 30 + } 23 31 24 32 typedef enum 25 33 { ··· 87 79 " ipm %0\n" 88 80 " srl %0,28\n" 89 81 : "=d" (ccode) 90 - : "d" (reg1), "d" (__cpu_logical_map[cpu_addr]), 82 + : "d" (reg1), "d" (cpu_logical_map(cpu_addr)), 91 83 "a" (order_code) : "cc" , "memory"); 92 84 return ccode; 93 85 } ··· 106 98 " ipm %0\n" 107 99 " srl %0,28\n" 108 100 : "=d" (ccode) 109 - : "d" (reg1), "d" (__cpu_logical_map[cpu_addr]), 101 + : "d" (reg1), "d" (cpu_logical_map(cpu_addr)), 110 102 "a" (order_code) : "cc" , "memory"); 111 103 return ccode; 112 104 } ··· 126 118 " ipm %0\n" 127 119 " srl %0,28\n" 128 120 : "=d" (ccode), "+d" (reg1) 129 - : "d" (__cpu_logical_map[cpu_addr]), "a" (order_code) 121 + : "d" (cpu_logical_map(cpu_addr)), "a" (order_code) 130 122 : "cc" , "memory"); 131 123 *statusptr = reg1; 132 124 return ccode;

+5 -7

arch/s390/include/asm/thread_info.h

··· 93 93 #define TIF_SYSCALL_AUDIT 9 /* syscall auditing active */ 94 94 #define TIF_SECCOMP 10 /* secure computing */ 95 95 #define TIF_SYSCALL_TRACEPOINT 11 /* syscall tracepoint instrumentation */ 96 - #define TIF_USEDFPU 16 /* FPU was used by this task this quantum (SMP) */ 97 - #define TIF_POLLING_NRFLAG 17 /* true if poll_idle() is polling 96 + #define TIF_POLLING_NRFLAG 16 /* true if poll_idle() is polling 98 97 TIF_NEED_RESCHED */ 99 - #define TIF_31BIT 18 /* 32bit process */ 100 - #define TIF_MEMDIE 19 101 - #define TIF_RESTORE_SIGMASK 20 /* restore signal mask in do_signal() */ 102 - #define TIF_FREEZE 21 /* thread is freezing for suspend */ 98 + #define TIF_31BIT 17 /* 32bit process */ 99 + #define TIF_MEMDIE 18 100 + #define TIF_RESTORE_SIGMASK 19 /* restore signal mask in do_signal() */ 101 + #define TIF_FREEZE 20 /* thread is freezing for suspend */ 103 102 104 103 #define _TIF_NOTIFY_RESUME (1<<TIF_NOTIFY_RESUME) 105 104 #define _TIF_RESTORE_SIGMASK (1<<TIF_RESTORE_SIGMASK) ··· 111 112 #define _TIF_SYSCALL_AUDIT (1<<TIF_SYSCALL_AUDIT) 112 113 #define _TIF_SECCOMP (1<<TIF_SECCOMP) 113 114 #define _TIF_SYSCALL_TRACEPOINT (1<<TIF_SYSCALL_TRACEPOINT) 114 - #define _TIF_USEDFPU (1<<TIF_USEDFPU) 115 115 #define _TIF_POLLING_NRFLAG (1<<TIF_POLLING_NRFLAG) 116 116 #define _TIF_31BIT (1<<TIF_31BIT) 117 117 #define _TIF_FREEZE (1<<TIF_FREEZE)

+4 -2

arch/s390/include/asm/unistd.h

··· 269 269 #define __NR_pwritev 329 270 270 #define __NR_rt_tgsigqueueinfo 330 271 271 #define __NR_perf_event_open 331 272 - #define __NR_recvmmsg 332 273 - #define NR_syscalls 333 272 + #define NR_syscalls 332 274 273 275 274 /* 276 275 * There are some system calls that are not present on 64 bit, some ··· 375 376 #define __IGNORE_set_mempolicy 376 377 #define __IGNORE_migrate_pages 377 378 #define __IGNORE_move_pages 379 + 380 + /* Ignore system calls that are also reachable via sys_socket */ 381 + #define __IGNORE_recvmmsg 378 382 379 383 #define __ARCH_WANT_IPC_PARSE_VERSION 380 384 #define __ARCH_WANT_OLD_READDIR

+16 -25

arch/s390/kernel/compat_linux.c

··· 616 616 */ 617 617 618 618 struct mmap_arg_struct_emu31 { 619 - u32 addr; 620 - u32 len; 621 - u32 prot; 622 - u32 flags; 623 - u32 fd; 624 - u32 offset; 619 + compat_ulong_t addr; 620 + compat_ulong_t len; 621 + compat_ulong_t prot; 622 + compat_ulong_t flags; 623 + compat_ulong_t fd; 624 + compat_ulong_t offset; 625 625 }; 626 626 627 - asmlinkage unsigned long 628 - old32_mmap(struct mmap_arg_struct_emu31 __user *arg) 627 + asmlinkage unsigned long old32_mmap(struct mmap_arg_struct_emu31 __user *arg) 629 628 { 630 629 struct mmap_arg_struct_emu31 a; 631 - int error = -EFAULT; 632 630 633 631 if (copy_from_user(&a, arg, sizeof(a))) 634 - goto out; 635 - 636 - error = -EINVAL; 632 + return -EFAULT; 637 633 if (a.offset & ~PAGE_MASK) 638 - goto out; 639 - 640 - error = sys_mmap_pgoff(a.addr, a.len, a.prot, a.flags, a.fd, 641 - a.offset >> PAGE_SHIFT); 642 - out: 643 - return error; 634 + return -EINVAL; 635 + a.addr = (unsigned long) compat_ptr(a.addr); 636 + return sys_mmap_pgoff(a.addr, a.len, a.prot, a.flags, a.fd, 637 + a.offset >> PAGE_SHIFT); 644 638 } 645 639 646 - asmlinkage long 647 - sys32_mmap2(struct mmap_arg_struct_emu31 __user *arg) 640 + asmlinkage long sys32_mmap2(struct mmap_arg_struct_emu31 __user *arg) 648 641 { 649 642 struct mmap_arg_struct_emu31 a; 650 - int error = -EFAULT; 651 643 652 644 if (copy_from_user(&a, arg, sizeof(a))) 653 - goto out; 654 - error = sys_mmap_pgoff(a.addr, a.len, a.prot, a.flags, a.fd, a.offset); 655 - out: 656 - return error; 645 + return -EFAULT; 646 + a.addr = (unsigned long) compat_ptr(a.addr); 647 + return sys_mmap_pgoff(a.addr, a.len, a.prot, a.flags, a.fd, a.offset); 657 648 } 658 649 659 650 asmlinkage long sys32_read(unsigned int fd, char __user * buf, size_t count)

-9

arch/s390/kernel/compat_wrapper.S

··· 1853 1853 llgtr %r3,%r3 # compat_uptr_t * 1854 1854 llgtr %r4,%r4 # compat_uptr_t * 1855 1855 jg sys32_execve # branch to system call 1856 - 1857 - .globl compat_sys_recvmmsg_wrapper 1858 - compat_sys_recvmmsg_wrapper: 1859 - lgfr %r2,%r2 # int 1860 - llgtr %r3,%r3 # struct compat_mmsghdr * 1861 - llgfr %r4,%r4 # unsigned int 1862 - llgfr %r5,%r5 # unsigned int 1863 - llgtr %r6,%r6 # struct compat_timespec * 1864 - jg compat_sys_recvmmsg

+1 -2

arch/s390/kernel/process.c

··· 153 153 154 154 void flush_thread(void) 155 155 { 156 - clear_used_math(); 157 - clear_tsk_thread_flag(current, TIF_USEDFPU); 158 156 } 159 157 160 158 void release_thread(struct task_struct *dead_task) ··· 215 217 p->thread.mm_segment = get_fs(); 216 218 /* Don't copy debug registers */ 217 219 memset(&p->thread.per_info, 0, sizeof(p->thread.per_info)); 220 + clear_tsk_thread_flag(p, TIF_SINGLE_STEP); 218 221 /* Initialize per thread user and system timer values */ 219 222 ti = task_thread_info(p); 220 223 ti->user_timer = 0;

arch/s390/kernel/ptrace.c

··· 65 65 { 66 66 struct pt_regs *regs; 67 67 per_struct *per_info; 68 + per_cr_words cr_words; 68 69 69 70 regs = task_pt_regs(task); 70 71 per_info = (per_struct *) &task->thread.per_info; ··· 99 98 per_info->control_regs.bits.storage_alt_space_ctl = 1; 100 99 else 101 100 per_info->control_regs.bits.storage_alt_space_ctl = 0; 101 + 102 + if (task == current) { 103 + __ctl_store(cr_words, 9, 11); 104 + if (memcmp(&cr_words, &per_info->control_regs.words, 105 + sizeof(cr_words)) != 0) 106 + __ctl_load(per_info->control_regs.words, 9, 11); 107 + } 102 108 } 103 109 104 110 void user_enable_single_step(struct task_struct *task)

-8

arch/s390/kernel/setup.c

··· 87 87 char elf_platform[ELF_PLATFORM_SIZE]; 88 88 89 89 struct mem_chunk __initdata memory_chunk[MEMORY_CHUNKS]; 90 - volatile int __cpu_logical_map[NR_CPUS]; /* logical cpu to cpu address */ 91 90 92 91 int __initdata memory_end_set; 93 92 unsigned long __initdata memory_end; ··· 122 123 * Store processor id in lowcore (used e.g. in timer_interrupt) 123 124 */ 124 125 get_cpu_id(&S390_lowcore.cpu_id); 125 - 126 - /* 127 - * Force FPU initialization: 128 - */ 129 - clear_thread_flag(TIF_USEDFPU); 130 - clear_used_math(); 131 126 132 127 atomic_inc(&init_mm.mm_count); 133 128 current->active_mm = &init_mm; ··· 848 855 setup_lowcore(); 849 856 850 857 cpu_init(); 851 - __cpu_logical_map[0] = stap(); 852 858 s390_init_cpu_topology(); 853 859 854 860 /*

+1 -9

arch/s390/kernel/signal.c

··· 500 500 clear_thread_flag(TIF_RESTORE_SIGMASK); 501 501 502 502 /* 503 - * If we would have taken a single-step trap 504 - * for a normal instruction, act like we took 505 - * one for the handler setup. 506 - */ 507 - if (current->thread.per_info.single_step) 508 - set_thread_flag(TIF_SINGLE_STEP); 509 - 510 - /* 511 503 * Let tracing know that we've done the handler setup. 512 504 */ 513 505 tracehook_signal_handler(signr, &info, &ka, regs, 514 - test_thread_flag(TIF_SINGLE_STEP)); 506 + current->thread.per_info.single_step); 515 507 } 516 508 return; 517 509 }

arch/s390/kernel/smp.c

··· 52 52 #include <asm/cpu.h> 53 53 #include "entry.h" 54 54 55 + /* logical cpu to cpu address */ 56 + int __cpu_logical_map[NR_CPUS]; 57 + 55 58 static struct task_struct *current_set[NR_CPUS]; 56 59 57 60 static u8 smp_cpu_type; ··· 718 715 719 716 void __init smp_cpus_done(unsigned int max_cpus) 720 717 { 718 + } 719 + 720 + void __init smp_setup_processor_id(void) 721 + { 722 + S390_lowcore.cpu_nr = 0; 723 + __cpu_logical_map[0] = stap(); 721 724 } 722 725 723 726 /*

-1

arch/s390/kernel/syscalls.S

··· 340 340 SYSCALL(sys_pwritev,sys_pwritev,compat_sys_pwritev_wrapper) 341 341 SYSCALL(sys_rt_tgsigqueueinfo,sys_rt_tgsigqueueinfo,compat_sys_rt_tgsigqueueinfo_wrapper) /* 330 */ 342 342 SYSCALL(sys_perf_event_open,sys_perf_event_open,sys_perf_event_open_wrapper) 343 - SYSCALL(sys_recvmmsg,sys_recvmmsg,compat_sys_recvmmsg_wrapper)

+1 -1

arch/s390/kernel/topology.c

··· 114 114 115 115 rcpu = CPU_BITS - 1 - cpu + tl_cpu->origin; 116 116 for_each_present_cpu(lcpu) { 117 - if (__cpu_logical_map[lcpu] == rcpu) { 117 + if (cpu_logical_map(lcpu) == rcpu) { 118 118 cpu_set(lcpu, core->mask); 119 119 smp_cpu_polarization[lcpu] = tl_cpu->pp; 120 120 }

+1 -1

arch/s390/lib/spinlock.c

··· 34 34 { 35 35 if (MACHINE_HAS_DIAG9C) 36 36 asm volatile("diag %0,0,0x9c" 37 - : : "d" (__cpu_logical_map[cpu])); 37 + : : "d" (cpu_logical_map(cpu))); 38 38 else 39 39 _raw_yield(); 40 40 }

+2 -2

arch/s390/mm/mmap.c

··· 40 40 41 41 static inline unsigned long mmap_base(void) 42 42 { 43 - unsigned long gap = current->signal->rlim[RLIMIT_STACK].rlim_cur; 43 + unsigned long gap = rlimit(RLIMIT_STACK); 44 44 45 45 if (gap < MIN_GAP) 46 46 gap = MIN_GAP; ··· 61 61 #endif 62 62 return sysctl_legacy_va_layout || 63 63 (current->personality & ADDR_COMPAT_LAYOUT) || 64 - current->signal->rlim[RLIMIT_STACK].rlim_cur == RLIM_INFINITY; 64 + rlimit(RLIMIT_STACK) == RLIM_INFINITY; 65 65 } 66 66 67 67 #ifndef CONFIG_64BIT

+9 -5

drivers/s390/block/dasd_eckd.c

··· 23 23 #include <asm/debug.h> 24 24 #include <asm/idals.h> 25 25 #include <asm/ebcdic.h> 26 + #include <asm/compat.h> 26 27 #include <asm/io.h> 27 28 #include <asm/uaccess.h> 28 29 #include <asm/cio.h> ··· 2845 2844 rc = -EFAULT; 2846 2845 if (copy_from_user(&usrparm, argp, sizeof(usrparm))) 2847 2846 goto out; 2848 - #ifndef CONFIG_64BIT 2849 - /* Make sure pointers are sane even on 31 bit. */ 2850 - if ((usrparm.psf_data >> 32) != 0 || (usrparm.rssd_result >> 32) != 0) { 2847 + if (is_compat_task() || sizeof(long) == 4) { 2848 + /* Make sure pointers are sane even on 31 bit. */ 2851 2849 rc = -EINVAL; 2852 - goto out; 2850 + if ((usrparm.psf_data >> 32) != 0) 2851 + goto out; 2852 + if ((usrparm.rssd_result >> 32) != 0) 2853 + goto out; 2854 + usrparm.psf_data &= 0x7fffffffULL; 2855 + usrparm.rssd_result &= 0x7fffffffULL; 2853 2856 } 2854 - #endif 2855 2857 /* alloc I/O data area */ 2856 2858 psf_data = kzalloc(usrparm.psf_data_len, GFP_KERNEL | GFP_DMA); 2857 2859 rssd_result = kzalloc(usrparm.rssd_result_len, GFP_KERNEL | GFP_DMA);

+9 -5

drivers/s390/block/dasd_ioctl.c

··· 17 17 #include <linux/fs.h> 18 18 #include <linux/blkpg.h> 19 19 #include <linux/smp_lock.h> 20 - 20 + #include <asm/compat.h> 21 21 #include <asm/ccwdev.h> 22 22 #include <asm/cmb.h> 23 23 #include <asm/uaccess.h> ··· 358 358 } 359 359 360 360 static int dasd_ioctl_readall_cmb(struct dasd_block *block, unsigned int cmd, 361 - unsigned long arg) 361 + struct cmbdata __user *argp) 362 362 { 363 - struct cmbdata __user *argp = (void __user *) arg; 364 363 size_t size = _IOC_SIZE(cmd); 365 364 struct cmbdata data; 366 365 int ret; ··· 375 376 unsigned int cmd, unsigned long arg) 376 377 { 377 378 struct dasd_block *block = bdev->bd_disk->private_data; 378 - void __user *argp = (void __user *)arg; 379 + void __user *argp; 380 + 381 + if (is_compat_task()) 382 + argp = compat_ptr(arg); 383 + else 384 + argp = (void __user *)arg; 379 385 380 386 if (!block) 381 387 return -ENODEV; ··· 418 414 case BIODASDCMFDISABLE: 419 415 return disable_cmf(block->base->cdev); 420 416 case BIODASDREADALLCMB: 421 - return dasd_ioctl_readall_cmb(block, cmd, arg); 417 + return dasd_ioctl_readall_cmb(block, cmd, argp); 422 418 default: 423 419 /* if the discipline has an ioctl method try it. */ 424 420 if (block->base->discipline->ioctl) {

-17

drivers/s390/char/con3215.c

··· 1037 1037 } 1038 1038 1039 1039 /* 1040 - * Currently we don't have any io controls for 3215 ttys 1041 - */ 1042 - static int tty3215_ioctl(struct tty_struct *tty, struct file * file, 1043 - unsigned int cmd, unsigned long arg) 1044 - { 1045 - if (tty->flags & (1 << TTY_IO_ERROR)) 1046 - return -EIO; 1047 - 1048 - switch (cmd) { 1049 - default: 1050 - return -ENOIOCTLCMD; 1051 - } 1052 - return 0; 1053 - } 1054 - 1055 - /* 1056 1040 * Disable reading from a 3215 tty 1057 1041 */ 1058 1042 static void tty3215_throttle(struct tty_struct * tty) ··· 1101 1117 .write_room = tty3215_write_room, 1102 1118 .chars_in_buffer = tty3215_chars_in_buffer, 1103 1119 .flush_buffer = tty3215_flush_buffer, 1104 - .ioctl = tty3215_ioctl, 1105 1120 .throttle = tty3215_throttle, 1106 1121 .unthrottle = tty3215_unthrottle, 1107 1122 .stop = tty3215_stop,

+11 -6

drivers/s390/char/fs3270.c

··· 15 15 #include <linux/types.h> 16 16 #include <linux/smp_lock.h> 17 17 18 + #include <asm/compat.h> 18 19 #include <asm/ccwdev.h> 19 20 #include <asm/cio.h> 20 21 #include <asm/ebcdic.h> ··· 323 322 static long 324 323 fs3270_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) 325 324 { 325 + char __user *argp; 326 326 struct fs3270 *fp; 327 327 struct raw3270_iocb iocb; 328 328 int rc; ··· 331 329 fp = filp->private_data; 332 330 if (!fp) 333 331 return -ENODEV; 332 + if (is_compat_task()) 333 + argp = compat_ptr(arg); 334 + else 335 + argp = (char __user *)arg; 334 336 rc = 0; 335 337 mutex_lock(&fs3270_mutex); 336 338 switch (cmd) { ··· 345 339 fp->write_command = arg; 346 340 break; 347 341 case TUBGETI: 348 - rc = put_user(fp->read_command, (char __user *) arg); 342 + rc = put_user(fp->read_command, argp); 349 343 break; 350 344 case TUBGETO: 351 - rc = put_user(fp->write_command,(char __user *) arg); 345 + rc = put_user(fp->write_command, argp); 352 346 break; 353 347 case TUBGETMOD: 354 348 iocb.model = fp->view.model; ··· 357 351 iocb.pf_cnt = 24; 358 352 iocb.re_cnt = 20; 359 353 iocb.map = 0; 360 - if (copy_to_user((char __user *) arg, &iocb, 361 - sizeof(struct raw3270_iocb))) 354 + if (copy_to_user(argp, &iocb, sizeof(struct raw3270_iocb))) 362 355 rc = -EFAULT; 363 356 break; 364 357 } ··· 516 511 .write = fs3270_write, /* write */ 517 512 .unlocked_ioctl = fs3270_ioctl, /* ioctl */ 518 513 .compat_ioctl = fs3270_ioctl, /* ioctl */ 519 - .open = fs3270_open, /* open */ 520 - .release = fs3270_close, /* release */ 514 + .open = fs3270_open, /* open */ 515 + .release = fs3270_close, /* release */ 521 516 }; 522 517 523 518 /*

-39

drivers/s390/char/tape_block.c

··· 46 46 */ 47 47 static int tapeblock_open(struct block_device *, fmode_t); 48 48 static int tapeblock_release(struct gendisk *, fmode_t); 49 - static int tapeblock_ioctl(struct block_device *, fmode_t, unsigned int, 50 - unsigned long); 51 49 static int tapeblock_medium_changed(struct gendisk *); 52 50 static int tapeblock_revalidate_disk(struct gendisk *); 53 51 ··· 53 55 .owner = THIS_MODULE, 54 56 .open = tapeblock_open, 55 57 .release = tapeblock_release, 56 - .ioctl = tapeblock_ioctl, 57 58 .media_changed = tapeblock_medium_changed, 58 59 .revalidate_disk = tapeblock_revalidate_disk, 59 60 }; ··· 410 413 tape_put_device(device); 411 414 412 415 return 0; 413 - } 414 - 415 - /* 416 - * Support of some generic block device IOCTLs. 417 - */ 418 - static int 419 - tapeblock_ioctl( 420 - struct block_device * bdev, 421 - fmode_t mode, 422 - unsigned int command, 423 - unsigned long arg 424 - ) { 425 - int rc; 426 - int minor; 427 - struct gendisk *disk = bdev->bd_disk; 428 - struct tape_device *device; 429 - 430 - rc = 0; 431 - BUG_ON(!disk); 432 - device = disk->private_data; 433 - BUG_ON(!device); 434 - minor = MINOR(bdev->bd_dev); 435 - 436 - DBF_LH(6, "tapeblock_ioctl(0x%0x)\n", command); 437 - DBF_LH(6, "device = %d:%d\n", tapeblock_major, minor); 438 - 439 - switch (command) { 440 - /* Refuse some IOCTL calls without complaining (mount). */ 441 - case 0x5310: /* CDROMMULTISESSION */ 442 - rc = -EINVAL; 443 - break; 444 - default: 445 - rc = -EINVAL; 446 - } 447 - 448 - return rc; 449 416 } 450 417 451 418 /*

+15 -3

drivers/s390/char/tape_char.c

··· 18 18 #include <linux/proc_fs.h> 19 19 #include <linux/mtio.h> 20 20 #include <linux/smp_lock.h> 21 + #include <linux/compat.h> 21 22 22 23 #include <asm/uaccess.h> 23 24 ··· 38 37 static int tapechar_open(struct inode *,struct file *); 39 38 static int tapechar_release(struct inode *,struct file *); 40 39 static long tapechar_ioctl(struct file *, unsigned int, unsigned long); 41 - static long tapechar_compat_ioctl(struct file *, unsigned int, 42 - unsigned long); 40 + #ifdef CONFIG_COMPAT 41 + static long tapechar_compat_ioctl(struct file *, unsigned int, unsigned long); 42 + #endif 43 43 44 44 static const struct file_operations tape_fops = 45 45 { ··· 48 46 .read = tapechar_read, 49 47 .write = tapechar_write, 50 48 .unlocked_ioctl = tapechar_ioctl, 49 + #ifdef CONFIG_COMPAT 51 50 .compat_ioctl = tapechar_compat_ioctl, 51 + #endif 52 52 .open = tapechar_open, 53 53 .release = tapechar_release, 54 54 }; ··· 461 457 return rc; 462 458 } 463 459 460 + #ifdef CONFIG_COMPAT 464 461 static long 465 462 tapechar_compat_ioctl(struct file *filp, unsigned int no, unsigned long data) 466 463 { 467 464 struct tape_device *device = filp->private_data; 468 465 int rval = -ENOIOCTLCMD; 466 + unsigned long argp; 469 467 468 + /* The 'arg' argument of any ioctl function may only be used for 469 + * pointers because of the compat pointer conversion. 470 + * Consider this when adding new ioctls. 471 + */ 472 + argp = (unsigned long) compat_ptr(data); 470 473 if (device->discipline->ioctl_fn) { 471 474 mutex_lock(&device->mutex); 472 - rval = device->discipline->ioctl_fn(device, no, data); 475 + rval = device->discipline->ioctl_fn(device, no, argp); 473 476 mutex_unlock(&device->mutex); 474 477 if (rval == -EINVAL) 475 478 rval = -ENOIOCTLCMD; ··· 484 473 485 474 return rval; 486 475 } 476 + #endif /* CONFIG_COMPAT */ 487 477 488 478 /* 489 479 * Initialize character device frontend.

+9 -3

drivers/s390/char/vmcp.c

··· 19 19 #include <linux/kernel.h> 20 20 #include <linux/miscdevice.h> 21 21 #include <linux/module.h> 22 + #include <asm/compat.h> 22 23 #include <asm/cpcmd.h> 23 24 #include <asm/debug.h> 24 25 #include <asm/uaccess.h> ··· 140 139 static long vmcp_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 141 140 { 142 141 struct vmcp_session *session; 142 + int __user *argp; 143 143 int temp; 144 144 145 145 session = (struct vmcp_session *)file->private_data; 146 + if (is_compat_task()) 147 + argp = compat_ptr(arg); 148 + else 149 + argp = (int __user *)arg; 146 150 if (mutex_lock_interruptible(&session->mutex)) 147 151 return -ERESTARTSYS; 148 152 switch (cmd) { 149 153 case VMCP_GETCODE: 150 154 temp = session->resp_code; 151 155 mutex_unlock(&session->mutex); 152 - return put_user(temp, (int __user *)arg); 156 + return put_user(temp, argp); 153 157 case VMCP_SETBUF: 154 158 free_pages((unsigned long)session->response, 155 159 get_order(session->bufsize)); 156 160 session->response=NULL; 157 - temp = get_user(session->bufsize, (int __user *)arg); 161 + temp = get_user(session->bufsize, argp); 158 162 if (get_order(session->bufsize) > 8) { 159 163 session->bufsize = PAGE_SIZE; 160 164 temp = -EINVAL; ··· 169 163 case VMCP_GETSIZE: 170 164 temp = session->resp_size; 171 165 mutex_unlock(&session->mutex); 172 - return put_user(temp, (int __user *)arg); 166 + return put_user(temp, argp); 173 167 default: 174 168 mutex_unlock(&session->mutex); 175 169 return -ENOIOCTLCMD;

+15 -8

drivers/s390/cio/chsc_sch.c

··· 12 12 #include <linux/uaccess.h> 13 13 #include <linux/miscdevice.h> 14 14 15 + #include <asm/compat.h> 15 16 #include <asm/cio.h> 16 17 #include <asm/chsc.h> 17 18 #include <asm/isc.h> ··· 771 770 static long chsc_ioctl(struct file *filp, unsigned int cmd, 772 771 unsigned long arg) 773 772 { 773 + void __user *argp; 774 + 774 775 CHSC_MSG(2, "chsc_ioctl called, cmd=%x\n", cmd); 776 + if (is_compat_task()) 777 + argp = compat_ptr(arg); 778 + else 779 + argp = (void __user *)arg; 775 780 switch (cmd) { 776 781 case CHSC_START: 777 - return chsc_ioctl_start((void __user *)arg); 782 + return chsc_ioctl_start(argp); 778 783 case CHSC_INFO_CHANNEL_PATH: 779 - return chsc_ioctl_info_channel_path((void __user *)arg); 784 + return chsc_ioctl_info_channel_path(argp); 780 785 case CHSC_INFO_CU: 781 - return chsc_ioctl_info_cu((void __user *)arg); 786 + return chsc_ioctl_info_cu(argp); 782 787 case CHSC_INFO_SCH_CU: 783 - return chsc_ioctl_info_sch_cu((void __user *)arg); 788 + return chsc_ioctl_info_sch_cu(argp); 784 789 case CHSC_INFO_CI: 785 - return chsc_ioctl_conf_info((void __user *)arg); 790 + return chsc_ioctl_conf_info(argp); 786 791 case CHSC_INFO_CCL: 787 - return chsc_ioctl_conf_comp_list((void __user *)arg); 792 + return chsc_ioctl_conf_comp_list(argp); 788 793 case CHSC_INFO_CPD: 789 - return chsc_ioctl_chpd((void __user *)arg); 794 + return chsc_ioctl_chpd(argp); 790 795 case CHSC_INFO_DCAL: 791 - return chsc_ioctl_dcal((void __user *)arg); 796 + return chsc_ioctl_dcal(argp); 792 797 default: /* unknown ioctl number */ 793 798 return -ENOIOCTLCMD; 794 799 }

+3 -1

drivers/s390/crypto/zcrypt_api.c

··· 393 393 * u_mult_inv > 128 bytes. 394 394 */ 395 395 if (copied == 0) { 396 - int len; 396 + unsigned int len; 397 397 spin_unlock_bh(&zcrypt_device_lock); 398 398 /* len is max 256 / 2 - 120 = 8 */ 399 399 len = crt->inputdatalength / 2 - 120; 400 + if (len > sizeof(z1)) 401 + return -EFAULT; 400 402 z1 = z2 = z3 = 0; 401 403 if (copy_from_user(&z1, crt->np_prime, len) || 402 404 copy_from_user(&z2, crt->bp_key, len) ||