diff options
author | Al Viro <viro@zeniv.linux.org.uk> | 2016-10-14 20:42:44 -0400 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2016-10-14 20:42:44 -0400 |
commit | 2692a71bbd40160165e89d5505c5c28144ec5a42 (patch) | |
tree | acaaf0f1a4942486109094acad37c29456aeda98 /arch/alpha | |
parent | 7041c57709efdc1e31aaff663cfe17f0b21f4743 (diff) | |
parent | b065444286bed7ec49ee81c593a46f3031fbfc83 (diff) |
Merge branch 'work.uaccess' into for-linus
Diffstat (limited to 'arch/alpha')
-rw-r--r-- | arch/alpha/include/asm/uaccess.h | 9 | ||||
-rw-r--r-- | arch/alpha/lib/copy_user.S | 16 | ||||
-rw-r--r-- | arch/alpha/lib/ev6-copy_user.S | 23 |
3 files changed, 7 insertions, 41 deletions
diff --git a/arch/alpha/include/asm/uaccess.h b/arch/alpha/include/asm/uaccess.h index 466e42e96bfa..94f587535dee 100644 --- a/arch/alpha/include/asm/uaccess.h +++ b/arch/alpha/include/asm/uaccess.h @@ -396,11 +396,12 @@ copy_to_user(void __user *to, const void *from, long n) extern inline long copy_from_user(void *to, const void __user *from, long n) { + long res = n; if (likely(__access_ok((unsigned long)from, n, get_fs()))) - n = __copy_tofrom_user_nocheck(to, (__force void *)from, n); - else - memset(to, 0, n); - return n; + res = __copy_from_user_inatomic(to, from, n); + if (unlikely(res)) + memset(to + (n - res), 0, res); + return res; } extern void __do_clear_user(void); diff --git a/arch/alpha/lib/copy_user.S b/arch/alpha/lib/copy_user.S index 6f3fab9eb434..ac9c3766ba8c 100644 --- a/arch/alpha/lib/copy_user.S +++ b/arch/alpha/lib/copy_user.S @@ -124,22 +124,8 @@ $65: bis $31,$31,$0 $41: $35: -$exitout: - ret $31,($28),1 - $exitin: - /* A stupid byte-by-byte zeroing of the rest of the output - buffer. This cures security holes by never leaving - random kernel data around to be copied elsewhere. */ - - mov $0,$1 -$101: - EXO ( ldq_u $2,0($6) ) - subq $1,1,$1 - mskbl $2,$6,$2 - EXO ( stq_u $2,0($6) ) - addq $6,1,$6 - bgt $1,$101 +$exitout: ret $31,($28),1 .end __copy_user diff --git a/arch/alpha/lib/ev6-copy_user.S b/arch/alpha/lib/ev6-copy_user.S index db42ffe9c350..c4d0689c3d26 100644 --- a/arch/alpha/lib/ev6-copy_user.S +++ b/arch/alpha/lib/ev6-copy_user.S @@ -227,33 +227,12 @@ $dirtyentry: bgt $0,$onebyteloop # U .. .. .. : U L U L $zerolength: +$exitin: $exitout: # Destination for exception recovery(?) nop # .. .. .. E nop # .. .. E .. nop # .. E .. .. ret $31,($28),1 # L0 .. .. .. : L U L U -$exitin: - - /* A stupid byte-by-byte zeroing of the rest of the output - buffer. This cures security holes by never leaving - random kernel data around to be copied elsewhere. */ - - nop - nop - nop - mov $0,$1 - -$101: - EXO ( stb $31,0($6) ) # L - subq $1,1,$1 # E - addq $6,1,$6 # E - bgt $1,$101 # U - - nop - nop - nop - ret $31,($28),1 # L0 - .end __copy_user |