Commit c0f06010 authored by Chris Metcalf's avatar Chris Metcalf

tile: fix strncpy_from_user bug

In strncpy_from_user_asm, when the destination buffer length was the
same as the actual string length, we were returning the size of the
destination buffer.  But since it's a NUL terminated string, we should
return the length of the string instead.
Signed-off-by: default avatarChris Metcalf <cmetcalf@tilera.com>
parent 084fe6a0
...@@ -48,12 +48,13 @@ strnlen_user_fault: ...@@ -48,12 +48,13 @@ strnlen_user_fault:
*/ */
STD_ENTRY(strncpy_from_user_asm) STD_ENTRY(strncpy_from_user_asm)
{ bz r2, 2f; move r3, r0 } { bz r2, 2f; move r3, r0 }
1: { lb_u r4, r1; addi r1, r1, 1; addi r2, r2, -1 } 1: { lb_u r4, r1; addi r1, r1, 1; addi r2, r2, -1 }
{ sb r0, r4; addi r0, r0, 1 } { sb r0, r4; addi r0, r0, 1 }
bz r2, 2f bz r4, 2f
bnzt r4, 1b bnzt r2, 1b
addi r0, r0, -1 /* don't count the trailing NUL */ { sub r0, r0, r3; jrp lr }
2: { sub r0, r0, r3; jrp lr } 2: addi r0, r0, -1 /* don't count the trailing NUL */
{ sub r0, r0, r3; jrp lr }
STD_ENDPROC(strncpy_from_user_asm) STD_ENDPROC(strncpy_from_user_asm)
.pushsection .fixup,"ax" .pushsection .fixup,"ax"
strncpy_from_user_fault: strncpy_from_user_fault:
......
...@@ -48,12 +48,13 @@ strnlen_user_fault: ...@@ -48,12 +48,13 @@ strnlen_user_fault:
*/ */
STD_ENTRY(strncpy_from_user_asm) STD_ENTRY(strncpy_from_user_asm)
{ beqz r2, 2f; move r3, r0 } { beqz r2, 2f; move r3, r0 }
1: { ld1u r4, r1; addi r1, r1, 1; addi r2, r2, -1 } 1: { ld1u r4, r1; addi r1, r1, 1; addi r2, r2, -1 }
{ st1 r0, r4; addi r0, r0, 1 } { st1 r0, r4; addi r0, r0, 1 }
beqz r2, 2f beqz r4, 2f
bnezt r4, 1b bnezt r2, 1b
addi r0, r0, -1 /* don't count the trailing NUL */ { sub r0, r0, r3; jrp lr }
2: { sub r0, r0, r3; jrp lr } 2: addi r0, r0, -1 /* don't count the trailing NUL */
{ sub r0, r0, r3; jrp lr }
STD_ENDPROC(strncpy_from_user_asm) STD_ENDPROC(strncpy_from_user_asm)
.pushsection .fixup,"ax" .pushsection .fixup,"ax"
strncpy_from_user_fault: strncpy_from_user_fault:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment