GitHub-Mirror/Star64_linux
2
0
Fork 0
mirror of https://github.com/Fishwaldo/Star64_linux.git synced 2025-04-08 07:24:01 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

mips: sanitize __access_ok()

Browse source 
for one thing, the last argument is always __access_mask and had been such
since 2.4.0-test3pre8; for another, it can bloody well be a static inline -
-O2 or -Os, __builtin_constant_p() propagates through static inline calls.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
Al Viro 2016-12-27 10:10:53 -05:00
parent 054838bc01
commit f0a955f4ee
4 changed files with 20 additions and 29 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
arch/mips/include/asm/uaccess.h
View file

@ -128,23 +128,14 @@ static inline bool eva_kernel_access(void)
* this function, memory access functions may still return -EFAULT. * this function, memory access functions may still return -EFAULT.
*/ */
#define __access_mask get_fs().seg static inline int __access_ok(const void __user *p, unsigned long size)
{
#define __access_ok(addr, size, mask) \ unsigned long addr = (unsigned long)p;
({ \ return (get_fs().seg & (addr | (addr + size) | __ua_size(size))) == 0;
unsigned long __addr = (unsigned long) (addr); \ }
unsigned long __size = size; \
unsigned long __mask = mask; \
unsigned long __ok; \
\
__chk_user_ptr(addr); \
__ok = (signed long)(__mask & (__addr | (__addr + __size) | \
__ua_size(__size))); \
__ok == 0; \
})
#define access_ok(type, addr, size) \ #define access_ok(type, addr, size) \
likely(__access_ok((addr), (size), __access_mask)) likely(__access_ok((addr), (size)))
/* /*
* put_user: - Write a simple value into user space. * put_user: - Write a simple value into user space.

24
arch/mips/kernel/mips-r2-to-r6-emul.c
View file

@ -1200,7 +1200,7 @@ fpu_emul:
case lwl_op: case lwl_op:
rt = regs->regs[MIPSInst_RT(inst)]; rt = regs->regs[MIPSInst_RT(inst)];
vaddr = regs->regs[MIPSInst_RS(inst)] + MIPSInst_SIMM(inst); vaddr = regs->regs[MIPSInst_RS(inst)] + MIPSInst_SIMM(inst);
if (!access_ok(VERIFY_READ, vaddr, 4)) { if (!access_ok(VERIFY_READ, (void __user *)vaddr, 4)) {
current->thread.cp0_baduaddr = vaddr; current->thread.cp0_baduaddr = vaddr;
err = SIGSEGV; err = SIGSEGV;
break; break;
@ -1273,7 +1273,7 @@ fpu_emul:
case lwr_op: case lwr_op:
rt = regs->regs[MIPSInst_RT(inst)]; rt = regs->regs[MIPSInst_RT(inst)];
vaddr = regs->regs[MIPSInst_RS(inst)] + MIPSInst_SIMM(inst); vaddr = regs->regs[MIPSInst_RS(inst)] + MIPSInst_SIMM(inst);
if (!access_ok(VERIFY_READ, vaddr, 4)) { if (!access_ok(VERIFY_READ, (void __user *)vaddr, 4)) {
current->thread.cp0_baduaddr = vaddr; current->thread.cp0_baduaddr = vaddr;
err = SIGSEGV; err = SIGSEGV;
break; break;
@ -1347,7 +1347,7 @@ fpu_emul:
case swl_op: case swl_op:
rt = regs->regs[MIPSInst_RT(inst)]; rt = regs->regs[MIPSInst_RT(inst)];
vaddr = regs->regs[MIPSInst_RS(inst)] + MIPSInst_SIMM(inst); vaddr = regs->regs[MIPSInst_RS(inst)] + MIPSInst_SIMM(inst);
if (!access_ok(VERIFY_WRITE, vaddr, 4)) { if (!access_ok(VERIFY_WRITE, (void __user *)vaddr, 4)) {
current->thread.cp0_baduaddr = vaddr; current->thread.cp0_baduaddr = vaddr;
err = SIGSEGV; err = SIGSEGV;
break; break;
@ -1417,7 +1417,7 @@ fpu_emul:
case swr_op: case swr_op:
rt = regs->regs[MIPSInst_RT(inst)]; rt = regs->regs[MIPSInst_RT(inst)];
vaddr = regs->regs[MIPSInst_RS(inst)] + MIPSInst_SIMM(inst); vaddr = regs->regs[MIPSInst_RS(inst)] + MIPSInst_SIMM(inst);
if (!access_ok(VERIFY_WRITE, vaddr, 4)) { if (!access_ok(VERIFY_WRITE, (void __user *)vaddr, 4)) {
current->thread.cp0_baduaddr = vaddr; current->thread.cp0_baduaddr = vaddr;
err = SIGSEGV; err = SIGSEGV;
break; break;
@ -1492,7 +1492,7 @@ fpu_emul:
rt = regs->regs[MIPSInst_RT(inst)]; rt = regs->regs[MIPSInst_RT(inst)];
vaddr = regs->regs[MIPSInst_RS(inst)] + MIPSInst_SIMM(inst); vaddr = regs->regs[MIPSInst_RS(inst)] + MIPSInst_SIMM(inst);
if (!access_ok(VERIFY_READ, vaddr, 8)) { if (!access_ok(VERIFY_READ, (void __user *)vaddr, 8)) {
current->thread.cp0_baduaddr = vaddr; current->thread.cp0_baduaddr = vaddr;
err = SIGSEGV; err = SIGSEGV;
break; break;
@ -1611,7 +1611,7 @@ fpu_emul:
rt = regs->regs[MIPSInst_RT(inst)]; rt = regs->regs[MIPSInst_RT(inst)];
vaddr = regs->regs[MIPSInst_RS(inst)] + MIPSInst_SIMM(inst); vaddr = regs->regs[MIPSInst_RS(inst)] + MIPSInst_SIMM(inst);
if (!access_ok(VERIFY_READ, vaddr, 8)) { if (!access_ok(VERIFY_READ, (void __user *)vaddr, 8)) {
current->thread.cp0_baduaddr = vaddr; current->thread.cp0_baduaddr = vaddr;
err = SIGSEGV; err = SIGSEGV;
break; break;
@ -1730,7 +1730,7 @@ fpu_emul:
rt = regs->regs[MIPSInst_RT(inst)]; rt = regs->regs[MIPSInst_RT(inst)];
vaddr = regs->regs[MIPSInst_RS(inst)] + MIPSInst_SIMM(inst); vaddr = regs->regs[MIPSInst_RS(inst)] + MIPSInst_SIMM(inst);
if (!access_ok(VERIFY_WRITE, vaddr, 8)) { if (!access_ok(VERIFY_WRITE, (void __user *)vaddr, 8)) {
current->thread.cp0_baduaddr = vaddr; current->thread.cp0_baduaddr = vaddr;
err = SIGSEGV; err = SIGSEGV;
break; break;
@ -1848,7 +1848,7 @@ fpu_emul:
rt = regs->regs[MIPSInst_RT(inst)]; rt = regs->regs[MIPSInst_RT(inst)];
vaddr = regs->regs[MIPSInst_RS(inst)] + MIPSInst_SIMM(inst); vaddr = regs->regs[MIPSInst_RS(inst)] + MIPSInst_SIMM(inst);
if (!access_ok(VERIFY_WRITE, vaddr, 8)) { if (!access_ok(VERIFY_WRITE, (void __user *)vaddr, 8)) {
current->thread.cp0_baduaddr = vaddr; current->thread.cp0_baduaddr = vaddr;
err = SIGSEGV; err = SIGSEGV;
break; break;
@ -1965,7 +1965,7 @@ fpu_emul:
err = SIGBUS; err = SIGBUS;
break; break;
} }
if (!access_ok(VERIFY_READ, vaddr, 4)) { if (!access_ok(VERIFY_READ, (void __user *)vaddr, 4)) {
current->thread.cp0_baduaddr = vaddr; current->thread.cp0_baduaddr = vaddr;
err = SIGBUS; err = SIGBUS;
break; break;
@ -2021,7 +2021,7 @@ fpu_emul:
err = SIGBUS; err = SIGBUS;
break; break;
} }
if (!access_ok(VERIFY_WRITE, vaddr, 4)) { if (!access_ok(VERIFY_WRITE, (void __user *)vaddr, 4)) {
current->thread.cp0_baduaddr = vaddr; current->thread.cp0_baduaddr = vaddr;
err = SIGBUS; err = SIGBUS;
break; break;
@ -2084,7 +2084,7 @@ fpu_emul:
err = SIGBUS; err = SIGBUS;
break; break;
} }
if (!access_ok(VERIFY_READ, vaddr, 8)) { if (!access_ok(VERIFY_READ, (void __user *)vaddr, 8)) {
current->thread.cp0_baduaddr = vaddr; current->thread.cp0_baduaddr = vaddr;
err = SIGBUS; err = SIGBUS;
break; break;
@ -2145,7 +2145,7 @@ fpu_emul:
err = SIGBUS; err = SIGBUS;
break; break;
} }
if (!access_ok(VERIFY_WRITE, vaddr, 8)) { if (!access_ok(VERIFY_WRITE, (void __user *)vaddr, 8)) {
current->thread.cp0_baduaddr = vaddr; current->thread.cp0_baduaddr = vaddr;
err = SIGBUS; err = SIGBUS;
break; break;

2
arch/mips/kernel/syscall.c
View file

@ -98,7 +98,7 @@ static inline int mips_atomic_set(unsigned long addr, unsigned long new)
if (unlikely(addr & 3)) if (unlikely(addr & 3))
return -EINVAL; return -EINVAL;
if (unlikely(!access_ok(VERIFY_WRITE, addr, 4))) if (unlikely(!access_ok(VERIFY_WRITE, (const void __user *)addr, 4)))
return -EINVAL; return -EINVAL;
if (cpu_has_llsc && R10000_LLSC_WAR) { if (cpu_has_llsc && R10000_LLSC_WAR) {

2
arch/mips/oprofile/backtrace.c
View file

@ -18,7 +18,7 @@ struct stackframe {
static inline int get_mem(unsigned long addr, unsigned long *result) static inline int get_mem(unsigned long addr, unsigned long *result)
{ {
unsigned long *address = (unsigned long *) addr; unsigned long *address = (unsigned long *) addr;
if (!access_ok(VERIFY_READ, addr, sizeof(unsigned long))) if (!access_ok(VERIFY_READ, address, sizeof(unsigned long)))
return -1; return -1;
if (__copy_from_user_inatomic(result, address, sizeof(unsigned long))) if (__copy_from_user_inatomic(result, address, sizeof(unsigned long)))
return -3; return -3;