[PATCH] __user annotations: futex · tjh.dev/kernel@ba46df9

tjh.dev / kernel

fork atom

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

fork atom

[PATCH] __user annotations: futex

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

authored by

Al Viro and committed by

Linus Torvalds 19 years ago ba46df98 28c4dadd

+16 -15

4 changed files

expand all

include

linux

compat.h

syscalls.h

kernel

futex.c

futex_compat.c

+1 -1

include/linux/compat.h

··· 163 163 compat_sys_set_robust_list(struct compat_robust_list_head __user *head, 164 164 compat_size_t len); 165 165 asmlinkage long 166 - compat_sys_get_robust_list(int pid, compat_uptr_t *head_ptr, 166 + compat_sys_get_robust_list(int pid, compat_uptr_t __user *head_ptr, 167 167 compat_size_t __user *len_ptr); 168 168 169 169 long compat_sys_semctl(int first, int second, int third, void __user *uptr);

+1 -1

include/linux/syscalls.h

··· 593 593 asmlinkage long sys_sync_file_range(int fd, loff_t offset, loff_t nbytes, 594 594 unsigned int flags); 595 595 asmlinkage long sys_get_robust_list(int pid, 596 - struct robust_list_head __user **head_ptr, 596 + struct robust_list_head __user * __user *head_ptr, 597 597 size_t __user *len_ptr); 598 598 asmlinkage long sys_set_robust_list(struct robust_list_head __user *head, 599 599 size_t len);

+8 -7

kernel/futex.c

··· 1612 1612 * @len_ptr: pointer to a length field, the kernel fills in the header size 1613 1613 */ 1614 1614 asmlinkage long 1615 - sys_get_robust_list(int pid, struct robust_list_head __user **head_ptr, 1615 + sys_get_robust_list(int pid, struct robust_list_head __user * __user *head_ptr, 1616 1616 size_t __user *len_ptr) 1617 1617 { 1618 - struct robust_list_head *head; 1618 + struct robust_list_head __user *head; 1619 1619 unsigned long ret; 1620 1620 1621 1621 if (!pid) ··· 1694 1694 * Fetch a robust-list pointer. Bit 0 signals PI futexes: 1695 1695 */ 1696 1696 static inline int fetch_robust_entry(struct robust_list __user **entry, 1697 - struct robust_list __user **head, int *pi) 1697 + struct robust_list __user * __user *head, 1698 + int *pi) 1698 1699 { 1699 1700 unsigned long uentry; 1700 1701 1701 - if (get_user(uentry, (unsigned long *)head)) 1702 + if (get_user(uentry, (unsigned long __user *)head)) 1702 1703 return -EFAULT; 1703 1704 1704 - *entry = (void *)(uentry & ~1UL); 1705 + *entry = (void __user *)(uentry & ~1UL); 1705 1706 *pi = uentry & 1; 1706 1707 1707 1708 return 0; ··· 1740 1739 return; 1741 1740 1742 1741 if (pending) 1743 - handle_futex_death((void *)pending + futex_offset, curr, pip); 1742 + handle_futex_death((void __user *)pending + futex_offset, curr, pip); 1744 1743 1745 1744 while (entry != &head->list) { 1746 1745 /* ··· 1748 1747 * don't process it twice: 1749 1748 */ 1750 1749 if (entry != pending) 1751 - if (handle_futex_death((void *)entry + futex_offset, 1750 + if (handle_futex_death((void __user *)entry + futex_offset, 1752 1751 curr, pi)) 1753 1752 return; 1754 1753 /*

+6 -6

kernel/futex_compat.c

··· 18 18 */ 19 19 static inline int 20 20 fetch_robust_entry(compat_uptr_t *uentry, struct robust_list __user **entry, 21 - compat_uptr_t *head, int *pi) 21 + compat_uptr_t __user *head, int *pi) 22 22 { 23 23 if (get_user(*uentry, head)) 24 24 return -EFAULT; ··· 62 62 &head->list_op_pending, &pip)) 63 63 return; 64 64 if (upending) 65 - handle_futex_death((void *)pending + futex_offset, curr, pip); 65 + handle_futex_death((void __user *)pending + futex_offset, curr, pip); 66 66 67 67 while (compat_ptr(uentry) != &head->list) { 68 68 /* ··· 70 70 * dont process it twice: 71 71 */ 72 72 if (entry != pending) 73 - if (handle_futex_death((void *)entry + futex_offset, 73 + if (handle_futex_death((void __user *)entry + futex_offset, 74 74 curr, pi)) 75 75 return; 76 76 ··· 78 78 * Fetch the next entry in the list: 79 79 */ 80 80 if (fetch_robust_entry(&uentry, &entry, 81 - (compat_uptr_t *)&entry->next, &pi)) 81 + (compat_uptr_t __user *)&entry->next, &pi)) 82 82 return; 83 83 /* 84 84 * Avoid excessively long or circular lists: ··· 103 103 } 104 104 105 105 asmlinkage long 106 - compat_sys_get_robust_list(int pid, compat_uptr_t *head_ptr, 106 + compat_sys_get_robust_list(int pid, compat_uptr_t __user *head_ptr, 107 107 compat_size_t __user *len_ptr) 108 108 { 109 - struct compat_robust_list_head *head; 109 + struct compat_robust_list_head __user *head; 110 110 unsigned long ret; 111 111 112 112 if (!pid)