sparc64: fix misuses of access_process_vm() in genregs32_[sg]et() (142cd252) · Commits · 戴 / test

We do need access_process_vm() to access the target's reg_window. However, access to caller's memory (storing the result in genregs32_get(), fetching the new values in case of genregs32_set()) should be done by normal uaccess primitives. Fixes: ([SPARC64]: Fix user accesses in regset code.) Cc: stable@kernel.org Signed-off-by:

Al Viro <viro@zeniv.linux.org.uk>

arch/sparc/kernel/ptrace_64.c

+3 −14

Original line number	Diff line number	Diff line
		@@ -572,19 +572,13 @@ static int genregs32_get(struct task_struct *target,
		for (; count > 0 && pos < 32; count--) {
		if (access_process_vm(target,
		(unsigned long)
		&reg_window[pos],
		&reg_window[pos++],
		&reg, sizeof(reg),
		FOLL_FORCE)
		!= sizeof(reg))
		return -EFAULT;
		if (access_process_vm(target,
		(unsigned long) u,
		&reg, sizeof(reg),
		FOLL_FORCE \| FOLL_WRITE)
		!= sizeof(reg))
		if (put_user(reg, u++))
		return -EFAULT;
		pos++;
		u++;
		}
		}
		}
		@@ -684,12 +678,7 @@ static int genregs32_set(struct task_struct *target,
		}
		} else {
		for (; count > 0 && pos < 32; count--) {
		if (access_process_vm(target,
		(unsigned long)
		u,
		&reg, sizeof(reg),
		FOLL_FORCE)
		!= sizeof(reg))
		if (get_user(reg, u++))
		return -EFAULT;
		if (access_process_vm(target,
		(unsigned long)

Admin message