• H. Peter Anvin's avatar
    compat: Make compat_alloc_user_space() incorporate the access_ok() · c41d68a5
    H. Peter Anvin authored
    compat_alloc_user_space() expects the caller to independently call
    access_ok() to verify the returned area.  A missing call could
    introduce problems on some architectures.
    
    This patch incorporates the access_ok() check into
    compat_alloc_user_space() and also adds a sanity check on the length.
    The existing compat_alloc_user_space() implementations are renamed
    arch_compat_alloc_user_space() and are used as part of the
    implementation of the new global function.
    
    This patch assumes NULL will cause __get_user()/__put_user() to either
    fail or access userspace on all architectures.  This should be
    followed by checking the return value of compat_access_user_space()
    for NULL in the callers, at which time the access_ok() in the callers
    can also be removed.
    Reported-by: default avatarBen Hawkes <hawkes@sota.gen.nz>
    Signed-off-by: default avatarH. Peter Anvin <hpa@linux.intel.com>
    Acked-by: default avatarBenjamin Herrenschmidt <benh@kernel.crashing.org>
    Acked-by: default avatarChris Metcalf <cmetcalf@tilera.com>
    Acked-by: default avatarDavid S. Miller <davem@davemloft.net>
    Acked-by: default avatarIngo Molnar <mingo@elte.hu>
    Acked-by: default avatarThomas Gleixner <tglx@linutronix.de>
    Acked-by: default avatarTony Luck <tony.luck@intel.com>
    Cc: Andrew Morton <akpm@linux-foundation.org>
    Cc: Arnd Bergmann <arnd@arndb.de>
    Cc: Fenghua Yu <fenghua.yu@intel.com>
    Cc: H. Peter Anvin <hpa@zytor.com>
    Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
    Cc: Helge Deller <deller@gmx.de>
    Cc: James Bottomley <jejb@parisc-linux.org>
    Cc: Kyle McMartin <kyle@mcmartin.ca>
    Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
    Cc: Paul Mackerras <paulus@samba.org>
    Cc: Ralf Baechle <ralf@linux-mips.org>
    Cc: <stable@kernel.org>
    c41d68a5
compat.h 10.9 KB