[tip:x86/urgent] x86: copy_from_user() should not return -EFAULT

All of lore.kernel.org
 help / color / mirror / Atom feed

From: tip-bot for Heiko Carstens <heiko.carstens@de.ibm.com>
To: linux-tip-commits@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, hpa@zytor.com, mingo@redhat.com,
	arjan@linux.intel.com, heiko.carstens@de.ibm.com,
	tglx@linutronix.de
Subject: [tip:x86/urgent] x86: copy_from_user() should not return -EFAULT
Date: Tue, 5 Jan 2010 22:15:43 GMT	[thread overview]
Message-ID: <tip-409d02ef6d74f5e91f5ea4c587b2ee1375f106fc@git.kernel.org> (raw)
In-Reply-To: <20100105131911.GC5480@osiris.boeblingen.de.ibm.com>

Commit-ID:  409d02ef6d74f5e91f5ea4c587b2ee1375f106fc
Gitweb:     http://git.kernel.org/tip/409d02ef6d74f5e91f5ea4c587b2ee1375f106fc
Author:     Heiko Carstens <heiko.carstens@de.ibm.com>
AuthorDate: Tue, 5 Jan 2010 14:19:11 +0100
Committer:  H. Peter Anvin <hpa@zytor.com>
CommitDate: Tue, 5 Jan 2010 13:45:06 -0800

x86: copy_from_user() should not return -EFAULT

Callers of copy_from_user() expect it to return the number of bytes
it could not copy. In no case it is supposed to return -EFAULT.

In case of a detected buffer overflow just return the requested
length. In addition one could think of a memset that would clear
the size of the target object.

[ hpa: code is not in .32 so not needed for -stable ]

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Acked-by: Arjan van de Ven <arjan@linux.intel.com>
LKML-Reference: <20100105131911.GC5480@osiris.boeblingen.de.ibm.com>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
---
 arch/x86/include/asm/uaccess_32.h |    5 ++---
 arch/x86/include/asm/uaccess_64.h |    5 ++---
 2 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/arch/x86/include/asm/uaccess_32.h b/arch/x86/include/asm/uaccess_32.h
index 0c9825e..088d09f 100644
--- a/arch/x86/include/asm/uaccess_32.h
+++ b/arch/x86/include/asm/uaccess_32.h
@@ -205,14 +205,13 @@ static inline unsigned long __must_check copy_from_user(void *to,
 					  unsigned long n)
 {
 	int sz = __compiletime_object_size(to);
-	int ret = -EFAULT;
 
 	if (likely(sz == -1 || sz >= n))
-		ret = _copy_from_user(to, from, n);
+		n = _copy_from_user(to, from, n);
 	else
 		copy_from_user_overflow();
 
-	return ret;
+	return n;
 }
 
 long __must_check strncpy_from_user(char *dst, const char __user *src,
diff --git a/arch/x86/include/asm/uaccess_64.h b/arch/x86/include/asm/uaccess_64.h
index 46324c6..535e421 100644
--- a/arch/x86/include/asm/uaccess_64.h
+++ b/arch/x86/include/asm/uaccess_64.h
@@ -30,16 +30,15 @@ static inline unsigned long __must_check copy_from_user(void *to,
 					  unsigned long n)
 {
 	int sz = __compiletime_object_size(to);
-	int ret = -EFAULT;
 
 	might_fault();
 	if (likely(sz == -1 || sz >= n))
-		ret = _copy_from_user(to, from, n);
+		n = _copy_from_user(to, from, n);
 #ifdef CONFIG_DEBUG_VM
 	else
 		WARN(1, "Buffer overflow detected!\n");
 #endif
-	return ret;
+	return n;
 }
 
 static __always_inline __must_check

next prev parent reply	other threads:[~2010-01-05 22:16 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-01-04 15:43 strict copy_from_user checks issues? Heiko Carstens
2010-01-05  1:43 ` Arjan van de Ven
2010-01-05  7:35   ` Ingo Molnar
2010-01-05  9:48   ` Heiko Carstens
2010-01-05 12:47     ` Arnd Bergmann
2010-01-05 13:19       ` Heiko Carstens
2010-01-05 13:31         ` Arjan van de Ven
2010-01-05 15:22           ` [PATCH] sparc: copy_from_user() should not return -EFAULT Heiko Carstens
2010-01-05 17:27             ` Andi Kleen
2010-01-05 20:47               ` David Miller
2010-01-06  3:20               ` Arjan van de Ven
2010-01-05 17:55             ` Arnd Bergmann
2010-01-06  4:42             ` David Miller
2010-01-05 22:15         ` tip-bot for Heiko Carstens [this message]
2010-01-05 13:34     ` strict copy_from_user checks issues? Arjan van de Ven
2010-01-05 13:36       ` Arjan van de Ven
2010-01-05 13:45       ` Arnd Bergmann
2010-01-05 13:52         ` Arjan van de Ven
2010-01-05 15:20           ` Arnd Bergmann
2010-01-05 21:44             ` H. Peter Anvin
2010-01-07 14:02               ` Arnd Bergmann
2010-01-07 23:57                 ` H. Peter Anvin
2010-01-09  0:07                   ` Arnd Bergmann
2010-01-09  0:10                     ` H. Peter Anvin
2010-01-09  8:01                       ` Arnd Bergmann
2010-01-09 20:57                         ` H. Peter Anvin

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:0c9825e dfblob:088d09f dfblob:46324c6 dfblob:535e421 )
 OR (
bs:"[tip:x86/urgent] x86: copy_from_user() should not return -EFAULT" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=tip-409d02ef6d74f5e91f5ea4c587b2ee1375f106fc@git.kernel.org \
    --to=heiko.carstens@de.ibm.com \
    --cc=arjan@linux.intel.com \
    --cc=hpa@zytor.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-tip-commits@vger.kernel.org \
    --cc=mingo@redhat.com \
    --cc=tglx@linutronix.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.