On Tue, Aug 30, 2016 at 10:02:38AM -0700, Linus Torvalds wrote:
> On Tue, Aug 30, 2016 at 6:04 AM, Josh Poimboeuf <jpoim...@redhat.com> wrote:
> > There are three usercopy warnings which are currently being silenced for
> > gcc 4.6 and newer:
>
> [.. snip snip ..]
>
> Ok, I'm not entirely happy with the timing, but I think the problem
> counts as a regression since it effectively made all the checks go
> away in practice for most people, so I'm going to apply this patch.
>
> I know Al Viro is working on some uaccess cleanups and trying to make
> a lot of this be generic, so there's hopefully cleanups coming in the
> not too distant future (I say "hopefully", because I worry that
> looking at the mess will make Al dig his eyes out), but this seems to
> be a clear improvement.
>
> I still do wish we'd move the x86 __builtin_constant_p(n) check
> around, so that x86 wouldn't do the run-time check_object_size() for
> the trivially statically correct case, but I guess that's a separate
> issue from this patch anyway.
>
> If somebody has objections to this patch, holler quickly, because it's
> about to get applied. 3.. 2.. 1..
The only thing in my pile it conflicts with is this:
commit 0983ee6305f551faf29b11e59486679f600f1cd9
Author: Al Viro <v...@zeniv.linux.org.uk>
Date: Sat Aug 20 19:03:37 2016 -0400
parisc: fix copy_from_user()
Cc: sta...@vger.kernel.org
Signed-off-by: Al Viro <v...@zeniv.linux.org.uk>
diff --git a/arch/parisc/include/asm/uaccess.h
b/arch/parisc/include/asm/uaccess.h
index 0f59fd9..54cfea9 100644
--- a/arch/parisc/include/asm/uaccess.h
+++ b/arch/parisc/include/asm/uaccess.h
@@ -221,13 +221,14 @@ static inline unsigned long __must_check
copy_from_user(void *to,
unsigned long n)
{
int sz = __compiletime_object_size(to);
- int ret = -EFAULT;
+ unsigned long ret = n;
if (likely(sz == -1 || !__builtin_constant_p(n) || sz >= n))
ret = __copy_from_user(to, from, n);
else
copy_from_user_overflow();
-
+ if (unlikely(ret))
+ memset(to + (n - ret), 0, ret);
return ret;
}
