openkylin
/
linux
mirror of https://gitee.com/openkylin/linux.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

PARISC fixes on 20121122 

This is two bug fixes: one fixes a loophole where rt_sigprocmask() with the
 wrong values panics the box (Denial of Service) and the other fixes an
 aliasing problem with get_shared_area() which could cause data corruption.
 
 Signed-off-by: James Bottomley <JBottomley@Parallels.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.19 (GNU/Linux)
 
 iQEcBAABAgAGBQJQrfisAAoJEDeqqVYsXL0MabcIALeL/hMtLSdwo01AG47Z6v6u
 jNuQIE6v3mvsaoJ5zxhM570/SZc+waDojfNpax+RjJc4vppDHq40xhI19RHczCvo
 AIASYIZynMHF1kqXsFpWfDtOGUzRtFjn8g60rfX593ghtpuliTXm+WgYCl43SyYm
 Ee1rLAFrEiXKAHyTO+QXi/EiTHPDGxw84fZdypIC7Bxi0JZg7SX5g/KXwGC2JT7M
 fRW2SmrfgFOLMvmYYbyk4BWvZ4dneikcUhOJGiLcpSy++MJF6ccjbfiCD4i6gD9e
 cM57jLnHnV2U+qp4e2Rcosi9AQwfSYRkr7j37/OT0KoCLmSRZbwqpF1RMjMKyGM=
 =ckHH
 -----END PGP SIGNATURE-----

Merge tag 'parisc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/parisc-2.6

Pull PARISC fixes from James Bottomley:
 "This is two bug fixes: one fixes a loophole where rt_sigprocmask()
  with the wrong values panics the box (Denial of Service) and the other
  fixes an aliasing problem with get_shared_area() which could cause
  data corruption.

  Signed-off-by: James Bottomley <JBottomley@Parallels.com>"

* tag 'parisc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/parisc-2.6:
  [PARISC] fix user-triggerable panic on parisc
  [PARISC] fix virtual aliasing issue in get_shared_area()
This commit is contained in:
Linus Torvalds 2012-11-22 09:16:29 -10:00
parent a2d2eda7bf 441a179daf
commit b80d60e1c3
2 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
arch/parisc/kernel/signal32.c
View File

@ -65,7 +65,8 @@ put_sigset32(compat_sigset_t __user *up, sigset_t *set, size_t sz)
{
compat_sigset_t s;
if (sz != sizeof *set) panic("put_sigset32()");
if (sz != sizeof *set)
return -EINVAL;
sigset_64to32(&s, set);
return copy_to_user(up, &s, sizeof s);
@ -77,7 +78,8 @@ get_sigset32(compat_sigset_t __user *up, sigset_t *set, size_t sz)
compat_sigset_t s;
int r;
if (sz != sizeof *set) panic("put_sigset32()");
if (sz != sizeof *set)
return -EINVAL;
if ((r = copy_from_user(&s, up, sz)) == 0) {
sigset_32to64(set, &s);

2
arch/parisc/kernel/sys_parisc.c
View File

@ -73,6 +73,8 @@ static unsigned long get_shared_area(struct address_space *mapping,
struct vm_area_struct *vma;
int offset = mapping ? get_offset(mapping) : 0;
offset = (offset + (pgoff << PAGE_SHIFT)) & 0x3FF000;
addr = DCACHE_ALIGN(addr - offset) + offset;
for (vma = find_vma(current->mm, addr); ; vma = vma->vm_next) {