Merge branch 'parisc-3.17-7' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux

Pull parisc fixes from Helge Deller:
 "We avoid using -mfast-indirect-calls for 64bit kernel builds to
  prevent building an unbootable kernel due to latest gcc changes.

  In the pdc_stable/firmware-access driver we fix a few possible stack
  overflows and we now call secure_computing_strict() instead of
  secure_computing() which fixes upcoming SECCOMP patches in the
  for-next trees"

* 'parisc-3.17-7' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux:
  parisc: Only use -mfast-indirect-calls option for 32-bit kernel builds
  parisc: pdc_stable.c: Avoid potential stack overflows
  parisc: pdc_stable.c: Cleaning up unnecessary use of memset in conjunction with strncpy
  parisc: ptrace: use secure_computing_strict()
This commit is contained in:
Linus Torvalds 2014-09-23 14:05:32 -07:00
commit d19eff3acf
3 changed files with 17 additions and 11 deletions

View File

@ -48,7 +48,12 @@ cflags-y := -pipe
# These flags should be implied by an hppa-linux configuration, but they # These flags should be implied by an hppa-linux configuration, but they
# are not in gcc 3.2. # are not in gcc 3.2.
cflags-y += -mno-space-regs -mfast-indirect-calls cflags-y += -mno-space-regs
# -mfast-indirect-calls is only relevant for 32-bit kernels.
ifndef CONFIG_64BIT
cflags-y += -mfast-indirect-calls
endif
# Currently we save and restore fpregs on all kernel entry/interruption paths. # Currently we save and restore fpregs on all kernel entry/interruption paths.
# If that gets optimized, we might need to disable the use of fpregs in the # If that gets optimized, we might need to disable the use of fpregs in the

View File

@ -17,6 +17,7 @@
#include <linux/user.h> #include <linux/user.h>
#include <linux/personality.h> #include <linux/personality.h>
#include <linux/security.h> #include <linux/security.h>
#include <linux/seccomp.h>
#include <linux/compat.h> #include <linux/compat.h>
#include <linux/signal.h> #include <linux/signal.h>
#include <linux/audit.h> #include <linux/audit.h>
@ -271,10 +272,7 @@ long do_syscall_trace_enter(struct pt_regs *regs)
long ret = 0; long ret = 0;
/* Do the secure computing check first. */ /* Do the secure computing check first. */
if (secure_computing(regs->gr[20])) { secure_computing_strict(regs->gr[20]);
/* seccomp failures shouldn't expose any additional code. */
return -1;
}
if (test_thread_flag(TIF_SYSCALL_TRACE) && if (test_thread_flag(TIF_SYSCALL_TRACE) &&
tracehook_report_syscall_entry(regs)) tracehook_report_syscall_entry(regs))

View File

@ -278,7 +278,7 @@ pdcspath_hwpath_write(struct pdcspath_entry *entry, const char *buf, size_t coun
{ {
struct hardware_path hwpath; struct hardware_path hwpath;
unsigned short i; unsigned short i;
char in[count+1], *temp; char in[64], *temp;
struct device *dev; struct device *dev;
int ret; int ret;
@ -286,8 +286,9 @@ pdcspath_hwpath_write(struct pdcspath_entry *entry, const char *buf, size_t coun
return -EINVAL; return -EINVAL;
/* We'll use a local copy of buf */ /* We'll use a local copy of buf */
memset(in, 0, count+1); count = min_t(size_t, count, sizeof(in)-1);
strncpy(in, buf, count); strncpy(in, buf, count);
in[count] = '\0';
/* Let's clean up the target. 0xff is a blank pattern */ /* Let's clean up the target. 0xff is a blank pattern */
memset(&hwpath, 0xff, sizeof(hwpath)); memset(&hwpath, 0xff, sizeof(hwpath));
@ -393,14 +394,15 @@ pdcspath_layer_write(struct pdcspath_entry *entry, const char *buf, size_t count
{ {
unsigned int layers[6]; /* device-specific info (ctlr#, unit#, ...) */ unsigned int layers[6]; /* device-specific info (ctlr#, unit#, ...) */
unsigned short i; unsigned short i;
char in[count+1], *temp; char in[64], *temp;
if (!entry || !buf || !count) if (!entry || !buf || !count)
return -EINVAL; return -EINVAL;
/* We'll use a local copy of buf */ /* We'll use a local copy of buf */
memset(in, 0, count+1); count = min_t(size_t, count, sizeof(in)-1);
strncpy(in, buf, count); strncpy(in, buf, count);
in[count] = '\0';
/* Let's clean up the target. 0 is a blank pattern */ /* Let's clean up the target. 0 is a blank pattern */
memset(&layers, 0, sizeof(layers)); memset(&layers, 0, sizeof(layers));
@ -755,7 +757,7 @@ static ssize_t pdcs_auto_write(struct kobject *kobj,
{ {
struct pdcspath_entry *pathentry; struct pdcspath_entry *pathentry;
unsigned char flags; unsigned char flags;
char in[count+1], *temp; char in[8], *temp;
char c; char c;
if (!capable(CAP_SYS_ADMIN)) if (!capable(CAP_SYS_ADMIN))
@ -765,8 +767,9 @@ static ssize_t pdcs_auto_write(struct kobject *kobj,
return -EINVAL; return -EINVAL;
/* We'll use a local copy of buf */ /* We'll use a local copy of buf */
memset(in, 0, count+1); count = min_t(size_t, count, sizeof(in)-1);
strncpy(in, buf, count); strncpy(in, buf, count);
in[count] = '\0';
/* Current flags are stored in primary boot path entry */ /* Current flags are stored in primary boot path entry */
pathentry = &pdcspath_entry_primary; pathentry = &pdcspath_entry_primary;