[PATCH] sys_pselect7 vs compat_sys_pselect7 uaccess error handling
authorHeiko Carstens <heiko.carstens@de.ibm.com>
Fri, 3 Nov 2006 06:06:58 +0000 (22:06 -0800)
committerLinus Torvalds <torvalds@g5.osdl.org>
Fri, 3 Nov 2006 20:27:55 +0000 (12:27 -0800)
758333458aa719bfc26ec16eafd4ad3a9e96014d fixes the not checked copy_to_user
return value of compat_sys_pselect7.  I ran into this too because of an old
source tree, but my fix would look quite a bit different to Andi's fix.

The reason is that the compat function IMHO should behave the very same as
the non-compat function if possible.  Since sys_pselect7 does not return
-EFAULT in this specific case, change the compat code so it behaves like
sys_pselect7.

Cc: David Woodhouse <dwmw2@infradead.org>
Cc: Andi Kleen <ak@suse.de>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
fs/compat.c

index 50624d4a70c6c771b14c6ff12de3fbde65175aa7..8d0a0018a7d2cfc934934a992e98bcfabf45755c 100644 (file)
@@ -1835,9 +1835,12 @@ asmlinkage long compat_sys_pselect7(int n, compat_ulong_t __user *inp,
 
        } while (!ret && !timeout && tsp && (ts.tv_sec || ts.tv_nsec));
 
-       if (ret == 0 && tsp && !(current->personality & STICKY_TIMEOUTS)) {
+       if (tsp) {
                struct compat_timespec rts;
 
+               if (current->personality & STICKY_TIMEOUTS)
+                       goto sticky;
+
                rts.tv_sec = timeout / HZ;
                rts.tv_nsec = (timeout % HZ) * (NSEC_PER_SEC/HZ);
                if (rts.tv_nsec >= NSEC_PER_SEC) {
@@ -1846,8 +1849,19 @@ asmlinkage long compat_sys_pselect7(int n, compat_ulong_t __user *inp,
                }
                if (compat_timespec_compare(&rts, &ts) >= 0)
                        rts = ts;
-               if (copy_to_user(tsp, &rts, sizeof(rts)))
-                       ret = -EFAULT;
+               if (copy_to_user(tsp, &rts, sizeof(rts))) {
+sticky:
+                       /*
+                        * If an application puts its timeval in read-only
+                        * memory, we don't want the Linux-specific update to
+                        * the timeval to cause a fault after the select has
+                        * completed successfully. However, because we're not
+                        * updating the timeval, we can't restart the system
+                        * call.
+                        */
+                       if (ret == -ERESTARTNOHAND)
+                               ret = -EINTR;
+               }
        }
 
        if (ret == -ERESTARTNOHAND) {