mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2025-01-04 04:06:26 +00:00
Merge branch 'work.compat' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
Pull compat updates from Al Viro: "Some biarch patches - getting rid of assorted (mis)uses of compat_alloc_user_space(). Not much in that area this cycle..." * 'work.compat' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: orangefs: simplify compat ioctl handling signalfd: lift sigmask copyin and size checks to callers of do_signalfd4() vmsplice(): lift importing iovec into vmsplice(2) and compat counterpart
This commit is contained in:
commit
29d6849d88
@ -719,37 +719,6 @@ struct ORANGEFS_dev_map_desc32 {
|
||||
__s32 count;
|
||||
};
|
||||
|
||||
static unsigned long translate_dev_map26(unsigned long args, long *error)
|
||||
{
|
||||
struct ORANGEFS_dev_map_desc32 __user *p32 = (void __user *)args;
|
||||
/*
|
||||
* Depending on the architecture, allocate some space on the
|
||||
* user-call-stack based on our expected layout.
|
||||
*/
|
||||
struct ORANGEFS_dev_map_desc __user *p =
|
||||
compat_alloc_user_space(sizeof(*p));
|
||||
compat_uptr_t addr;
|
||||
|
||||
*error = 0;
|
||||
/* get the ptr from the 32 bit user-space */
|
||||
if (get_user(addr, &p32->ptr))
|
||||
goto err;
|
||||
/* try to put that into a 64-bit layout */
|
||||
if (put_user(compat_ptr(addr), &p->ptr))
|
||||
goto err;
|
||||
/* copy the remaining fields */
|
||||
if (copy_in_user(&p->total_size, &p32->total_size, sizeof(__s32)))
|
||||
goto err;
|
||||
if (copy_in_user(&p->size, &p32->size, sizeof(__s32)))
|
||||
goto err;
|
||||
if (copy_in_user(&p->count, &p32->count, sizeof(__s32)))
|
||||
goto err;
|
||||
return (unsigned long)p;
|
||||
err:
|
||||
*error = -EFAULT;
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* 32 bit user-space apps' ioctl handlers when kernel modules
|
||||
* is compiled as a 64 bit one
|
||||
@ -758,25 +727,26 @@ static long orangefs_devreq_compat_ioctl(struct file *filp, unsigned int cmd,
|
||||
unsigned long args)
|
||||
{
|
||||
long ret;
|
||||
unsigned long arg = args;
|
||||
|
||||
/* Check for properly constructed commands */
|
||||
ret = check_ioctl_command(cmd);
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
if (cmd == ORANGEFS_DEV_MAP) {
|
||||
/*
|
||||
* convert the arguments to what we expect internally
|
||||
* in kernel space
|
||||
*/
|
||||
arg = translate_dev_map26(args, &ret);
|
||||
if (ret < 0) {
|
||||
gossip_err("Could not translate dev map\n");
|
||||
return ret;
|
||||
}
|
||||
struct ORANGEFS_dev_map_desc desc;
|
||||
struct ORANGEFS_dev_map_desc32 d32;
|
||||
|
||||
if (copy_from_user(&d32, (void __user *)args, sizeof(d32)))
|
||||
return -EFAULT;
|
||||
|
||||
desc.ptr = compat_ptr(d32.ptr);
|
||||
desc.total_size = d32.total_size;
|
||||
desc.size = d32.size;
|
||||
desc.count = d32.count;
|
||||
return orangefs_bufmap_initialize(&desc);
|
||||
}
|
||||
/* no other ioctl requires translation */
|
||||
return dispatch_ioctl_command(cmd, arg);
|
||||
return dispatch_ioctl_command(cmd, args);
|
||||
}
|
||||
|
||||
#endif /* CONFIG_COMPAT is in .config */
|
||||
|
@ -259,10 +259,8 @@ static const struct file_operations signalfd_fops = {
|
||||
.llseek = noop_llseek,
|
||||
};
|
||||
|
||||
static int do_signalfd4(int ufd, sigset_t __user *user_mask, size_t sizemask,
|
||||
int flags)
|
||||
static int do_signalfd4(int ufd, sigset_t *mask, int flags)
|
||||
{
|
||||
sigset_t sigmask;
|
||||
struct signalfd_ctx *ctx;
|
||||
|
||||
/* Check the SFD_* constants for consistency. */
|
||||
@ -272,18 +270,15 @@ static int do_signalfd4(int ufd, sigset_t __user *user_mask, size_t sizemask,
|
||||
if (flags & ~(SFD_CLOEXEC | SFD_NONBLOCK))
|
||||
return -EINVAL;
|
||||
|
||||
if (sizemask != sizeof(sigset_t) ||
|
||||
copy_from_user(&sigmask, user_mask, sizeof(sigmask)))
|
||||
return -EINVAL;
|
||||
sigdelsetmask(&sigmask, sigmask(SIGKILL) | sigmask(SIGSTOP));
|
||||
signotset(&sigmask);
|
||||
sigdelsetmask(mask, sigmask(SIGKILL) | sigmask(SIGSTOP));
|
||||
signotset(mask);
|
||||
|
||||
if (ufd == -1) {
|
||||
ctx = kmalloc(sizeof(*ctx), GFP_KERNEL);
|
||||
if (!ctx)
|
||||
return -ENOMEM;
|
||||
|
||||
ctx->sigmask = sigmask;
|
||||
ctx->sigmask = *mask;
|
||||
|
||||
/*
|
||||
* When we call this, the initialization must be complete, since
|
||||
@ -303,7 +298,7 @@ static int do_signalfd4(int ufd, sigset_t __user *user_mask, size_t sizemask,
|
||||
return -EINVAL;
|
||||
}
|
||||
spin_lock_irq(¤t->sighand->siglock);
|
||||
ctx->sigmask = sigmask;
|
||||
ctx->sigmask = *mask;
|
||||
spin_unlock_irq(¤t->sighand->siglock);
|
||||
|
||||
wake_up(¤t->sighand->signalfd_wqh);
|
||||
@ -316,46 +311,51 @@ static int do_signalfd4(int ufd, sigset_t __user *user_mask, size_t sizemask,
|
||||
SYSCALL_DEFINE4(signalfd4, int, ufd, sigset_t __user *, user_mask,
|
||||
size_t, sizemask, int, flags)
|
||||
{
|
||||
return do_signalfd4(ufd, user_mask, sizemask, flags);
|
||||
sigset_t mask;
|
||||
|
||||
if (sizemask != sizeof(sigset_t) ||
|
||||
copy_from_user(&mask, user_mask, sizeof(mask)))
|
||||
return -EINVAL;
|
||||
return do_signalfd4(ufd, &mask, flags);
|
||||
}
|
||||
|
||||
SYSCALL_DEFINE3(signalfd, int, ufd, sigset_t __user *, user_mask,
|
||||
size_t, sizemask)
|
||||
{
|
||||
return do_signalfd4(ufd, user_mask, sizemask, 0);
|
||||
sigset_t mask;
|
||||
|
||||
if (sizemask != sizeof(sigset_t) ||
|
||||
copy_from_user(&mask, user_mask, sizeof(mask)))
|
||||
return -EINVAL;
|
||||
return do_signalfd4(ufd, &mask, 0);
|
||||
}
|
||||
|
||||
#ifdef CONFIG_COMPAT
|
||||
static long do_compat_signalfd4(int ufd,
|
||||
const compat_sigset_t __user *sigmask,
|
||||
const compat_sigset_t __user *user_mask,
|
||||
compat_size_t sigsetsize, int flags)
|
||||
{
|
||||
sigset_t tmp;
|
||||
sigset_t __user *ksigmask;
|
||||
sigset_t mask;
|
||||
|
||||
if (sigsetsize != sizeof(compat_sigset_t))
|
||||
return -EINVAL;
|
||||
if (get_compat_sigset(&tmp, sigmask))
|
||||
if (get_compat_sigset(&mask, user_mask))
|
||||
return -EFAULT;
|
||||
ksigmask = compat_alloc_user_space(sizeof(sigset_t));
|
||||
if (copy_to_user(ksigmask, &tmp, sizeof(sigset_t)))
|
||||
return -EFAULT;
|
||||
|
||||
return do_signalfd4(ufd, ksigmask, sizeof(sigset_t), flags);
|
||||
return do_signalfd4(ufd, &mask, flags);
|
||||
}
|
||||
|
||||
COMPAT_SYSCALL_DEFINE4(signalfd4, int, ufd,
|
||||
const compat_sigset_t __user *, sigmask,
|
||||
const compat_sigset_t __user *, user_mask,
|
||||
compat_size_t, sigsetsize,
|
||||
int, flags)
|
||||
{
|
||||
return do_compat_signalfd4(ufd, sigmask, sigsetsize, flags);
|
||||
return do_compat_signalfd4(ufd, user_mask, sigsetsize, flags);
|
||||
}
|
||||
|
||||
COMPAT_SYSCALL_DEFINE3(signalfd, int, ufd,
|
||||
const compat_sigset_t __user *,sigmask,
|
||||
const compat_sigset_t __user *, user_mask,
|
||||
compat_size_t, sigsetsize)
|
||||
{
|
||||
return do_compat_signalfd4(ufd, sigmask, sigsetsize, 0);
|
||||
return do_compat_signalfd4(ufd, user_mask, sigsetsize, 0);
|
||||
}
|
||||
#endif
|
||||
|
144
fs/splice.c
144
fs/splice.c
@ -1243,38 +1243,26 @@ static int pipe_to_user(struct pipe_inode_info *pipe, struct pipe_buffer *buf,
|
||||
* For lack of a better implementation, implement vmsplice() to userspace
|
||||
* as a simple copy of the pipes pages to the user iov.
|
||||
*/
|
||||
static long vmsplice_to_user(struct file *file, const struct iovec __user *uiov,
|
||||
unsigned long nr_segs, unsigned int flags)
|
||||
static long vmsplice_to_user(struct file *file, struct iov_iter *iter,
|
||||
unsigned int flags)
|
||||
{
|
||||
struct pipe_inode_info *pipe;
|
||||
struct splice_desc sd;
|
||||
long ret;
|
||||
struct iovec iovstack[UIO_FASTIOV];
|
||||
struct iovec *iov = iovstack;
|
||||
struct iov_iter iter;
|
||||
struct pipe_inode_info *pipe = get_pipe_info(file);
|
||||
struct splice_desc sd = {
|
||||
.total_len = iov_iter_count(iter),
|
||||
.flags = flags,
|
||||
.u.data = iter
|
||||
};
|
||||
long ret = 0;
|
||||
|
||||
pipe = get_pipe_info(file);
|
||||
if (!pipe)
|
||||
return -EBADF;
|
||||
|
||||
ret = import_iovec(READ, uiov, nr_segs,
|
||||
ARRAY_SIZE(iovstack), &iov, &iter);
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
|
||||
sd.total_len = iov_iter_count(&iter);
|
||||
sd.len = 0;
|
||||
sd.flags = flags;
|
||||
sd.u.data = &iter;
|
||||
sd.pos = 0;
|
||||
|
||||
if (sd.total_len) {
|
||||
pipe_lock(pipe);
|
||||
ret = __splice_from_pipe(pipe, &sd, pipe_to_user);
|
||||
pipe_unlock(pipe);
|
||||
}
|
||||
|
||||
kfree(iov);
|
||||
return ret;
|
||||
}
|
||||
|
||||
@ -1283,14 +1271,11 @@ static long vmsplice_to_user(struct file *file, const struct iovec __user *uiov,
|
||||
* as splice-from-memory, where the regular splice is splice-from-file (or
|
||||
* to file). In both cases the output is a pipe, naturally.
|
||||
*/
|
||||
static long vmsplice_to_pipe(struct file *file, const struct iovec __user *uiov,
|
||||
unsigned long nr_segs, unsigned int flags)
|
||||
static long vmsplice_to_pipe(struct file *file, struct iov_iter *iter,
|
||||
unsigned int flags)
|
||||
{
|
||||
struct pipe_inode_info *pipe;
|
||||
struct iovec iovstack[UIO_FASTIOV];
|
||||
struct iovec *iov = iovstack;
|
||||
struct iov_iter from;
|
||||
long ret;
|
||||
long ret = 0;
|
||||
unsigned buf_flag = 0;
|
||||
|
||||
if (flags & SPLICE_F_GIFT)
|
||||
@ -1300,22 +1285,31 @@ static long vmsplice_to_pipe(struct file *file, const struct iovec __user *uiov,
|
||||
if (!pipe)
|
||||
return -EBADF;
|
||||
|
||||
ret = import_iovec(WRITE, uiov, nr_segs,
|
||||
ARRAY_SIZE(iovstack), &iov, &from);
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
|
||||
pipe_lock(pipe);
|
||||
ret = wait_for_space(pipe, flags);
|
||||
if (!ret)
|
||||
ret = iter_to_pipe(&from, pipe, buf_flag);
|
||||
ret = iter_to_pipe(iter, pipe, buf_flag);
|
||||
pipe_unlock(pipe);
|
||||
if (ret > 0)
|
||||
wakeup_pipe_readers(pipe);
|
||||
kfree(iov);
|
||||
return ret;
|
||||
}
|
||||
|
||||
static int vmsplice_type(struct fd f, int *type)
|
||||
{
|
||||
if (!f.file)
|
||||
return -EBADF;
|
||||
if (f.file->f_mode & FMODE_WRITE) {
|
||||
*type = WRITE;
|
||||
} else if (f.file->f_mode & FMODE_READ) {
|
||||
*type = READ;
|
||||
} else {
|
||||
fdput(f);
|
||||
return -EBADF;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* Note that vmsplice only really supports true splicing _from_ user memory
|
||||
* to a pipe, not the other way around. Splicing from user memory is a simple
|
||||
@ -1332,57 +1326,69 @@ static long vmsplice_to_pipe(struct file *file, const struct iovec __user *uiov,
|
||||
* Currently we punt and implement it as a normal copy, see pipe_to_user().
|
||||
*
|
||||
*/
|
||||
static long do_vmsplice(int fd, const struct iovec __user *iov,
|
||||
unsigned long nr_segs, unsigned int flags)
|
||||
static long do_vmsplice(struct file *f, struct iov_iter *iter, unsigned int flags)
|
||||
{
|
||||
struct fd f;
|
||||
long error;
|
||||
|
||||
if (unlikely(flags & ~SPLICE_F_ALL))
|
||||
return -EINVAL;
|
||||
if (unlikely(nr_segs > UIO_MAXIOV))
|
||||
return -EINVAL;
|
||||
else if (unlikely(!nr_segs))
|
||||
|
||||
if (!iov_iter_count(iter))
|
||||
return 0;
|
||||
|
||||
error = -EBADF;
|
||||
f = fdget(fd);
|
||||
if (f.file) {
|
||||
if (f.file->f_mode & FMODE_WRITE)
|
||||
error = vmsplice_to_pipe(f.file, iov, nr_segs, flags);
|
||||
else if (f.file->f_mode & FMODE_READ)
|
||||
error = vmsplice_to_user(f.file, iov, nr_segs, flags);
|
||||
|
||||
fdput(f);
|
||||
if (iov_iter_rw(iter) == WRITE)
|
||||
return vmsplice_to_pipe(f, iter, flags);
|
||||
else
|
||||
return vmsplice_to_user(f, iter, flags);
|
||||
}
|
||||
|
||||
return error;
|
||||
}
|
||||
|
||||
SYSCALL_DEFINE4(vmsplice, int, fd, const struct iovec __user *, iov,
|
||||
SYSCALL_DEFINE4(vmsplice, int, fd, const struct iovec __user *, uiov,
|
||||
unsigned long, nr_segs, unsigned int, flags)
|
||||
{
|
||||
return do_vmsplice(fd, iov, nr_segs, flags);
|
||||
struct iovec iovstack[UIO_FASTIOV];
|
||||
struct iovec *iov = iovstack;
|
||||
struct iov_iter iter;
|
||||
long error;
|
||||
struct fd f;
|
||||
int type;
|
||||
|
||||
f = fdget(fd);
|
||||
error = vmsplice_type(f, &type);
|
||||
if (error)
|
||||
return error;
|
||||
|
||||
error = import_iovec(type, uiov, nr_segs,
|
||||
ARRAY_SIZE(iovstack), &iov, &iter);
|
||||
if (!error) {
|
||||
error = do_vmsplice(f.file, &iter, flags);
|
||||
kfree(iov);
|
||||
}
|
||||
fdput(f);
|
||||
return error;
|
||||
}
|
||||
|
||||
#ifdef CONFIG_COMPAT
|
||||
COMPAT_SYSCALL_DEFINE4(vmsplice, int, fd, const struct compat_iovec __user *, iov32,
|
||||
unsigned int, nr_segs, unsigned int, flags)
|
||||
{
|
||||
unsigned i;
|
||||
struct iovec __user *iov;
|
||||
if (nr_segs > UIO_MAXIOV)
|
||||
return -EINVAL;
|
||||
iov = compat_alloc_user_space(nr_segs * sizeof(struct iovec));
|
||||
for (i = 0; i < nr_segs; i++) {
|
||||
struct compat_iovec v;
|
||||
if (get_user(v.iov_base, &iov32[i].iov_base) ||
|
||||
get_user(v.iov_len, &iov32[i].iov_len) ||
|
||||
put_user(compat_ptr(v.iov_base), &iov[i].iov_base) ||
|
||||
put_user(v.iov_len, &iov[i].iov_len))
|
||||
return -EFAULT;
|
||||
struct iovec iovstack[UIO_FASTIOV];
|
||||
struct iovec *iov = iovstack;
|
||||
struct iov_iter iter;
|
||||
long error;
|
||||
struct fd f;
|
||||
int type;
|
||||
|
||||
f = fdget(fd);
|
||||
error = vmsplice_type(f, &type);
|
||||
if (error)
|
||||
return error;
|
||||
|
||||
error = compat_import_iovec(type, iov32, nr_segs,
|
||||
ARRAY_SIZE(iovstack), &iov, &iter);
|
||||
if (!error) {
|
||||
error = do_vmsplice(f.file, &iter, flags);
|
||||
kfree(iov);
|
||||
}
|
||||
return do_vmsplice(fd, iov, nr_segs, flags);
|
||||
fdput(f);
|
||||
return error;
|
||||
}
|
||||
#endif
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user