From: Paul Mackerras Date: Sun, 1 May 2005 15:58:42 +0000 (-0700) Subject: [PATCH] ppc32: Fix address checking on lmw/stmw align exception X-Git-Tag: firefly_0821_release~42725^2~225 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=d5812a77e5803468a5033be91af978be0f7a17d9;p=firefly-linux-kernel-4.4.55.git [PATCH] ppc32: Fix address checking on lmw/stmw align exception The handling of misaligned load/store multiple instructions did not check to see if the address was ok to access before using __{get,put}_user(). Signed-off-by: Kumar Gala Signed-off-by: Paul Mackerras Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/arch/ppc/kernel/align.c b/arch/ppc/kernel/align.c index 40d356c66c41..ff81da9598d8 100644 --- a/arch/ppc/kernel/align.c +++ b/arch/ppc/kernel/align.c @@ -290,6 +290,10 @@ fix_alignment(struct pt_regs *regs) /* lwm, stmw */ nb = (32 - reg) * 4; } + + if (!access_ok((flags & ST? VERIFY_WRITE: VERIFY_READ), addr, nb+nb0)) + return -EFAULT; /* bad address */ + rptr = (unsigned char *) ®s->gpr[reg]; if (flags & LD) { for (i = 0; i < nb; ++i)