summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid S. Miller <davem@davemloft.net>2007-10-18 18:48:42 +0200
committerAdrian Bunk <bunk@kernel.org>2007-10-18 18:48:42 +0200
commitecd7e9d89a57343c5fb687b9651f1fc1adab1dde (patch)
tree83b715a84f4d802259e8772f6d367c65d4f6e9ab
parent43f903ce5f313983fca91a96f786730cf8c8c645 (diff)
downloadlwn-ecd7e9d89a57343c5fb687b9651f1fc1adab1dde.tar.gz
lwn-ecd7e9d89a57343c5fb687b9651f1fc1adab1dde.zip
[SPARC64]: Fix bugs in SYSV IPC handling in 64-bit processes.
Thanks to Tom Callaway for the excellent bug report and test case. sys_ipc() has several problems, most to due with semaphore call handling: 1) 'err' return should be a 'long' 2) "union semun" is passed in a register on 64-bit compared to 32-bit which provides it on the stack and therefore by reference 3) Second and third arguments to SEMCTL are swapped compared to 32-bit. Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Adrian Bunk <bunk@kernel.org>
-rw-r--r--arch/sparc64/kernel/sys_sparc.c15
1 files changed, 4 insertions, 11 deletions
diff --git a/arch/sparc64/kernel/sys_sparc.c b/arch/sparc64/kernel/sys_sparc.c
index b7ebd48da112..8b222f2478f5 100644
--- a/arch/sparc64/kernel/sys_sparc.c
+++ b/arch/sparc64/kernel/sys_sparc.c
@@ -210,7 +210,7 @@ out:
asmlinkage long sys_ipc(unsigned int call, int first, unsigned long second,
unsigned long third, void __user *ptr, long fifth)
{
- int err;
+ long err;
/* No need for backward compatibility. We can start fresh... */
if (call <= SEMCTL) {
@@ -227,16 +227,9 @@ asmlinkage long sys_ipc(unsigned int call, int first, unsigned long second,
err = sys_semget(first, (int)second, (int)third);
goto out;
case SEMCTL: {
- union semun fourth;
- err = -EINVAL;
- if (!ptr)
- goto out;
- err = -EFAULT;
- if (get_user(fourth.__pad,
- (void __user * __user *) ptr))
- goto out;
- err = sys_semctl(first, (int)second | IPC_64,
- (int)third, fourth);
+ err = sys_semctl(first, third,
+ (int)second | IPC_64,
+ (union semun) ptr);
goto out;
}
default: