whack-a-mole: no need to set_fs(USER_DS) in {start,flush}_thread()
authorAl Viro <viro@zeniv.linux.org.uk>
Mon, 23 Feb 2015 08:21:31 +0000 (03:21 -0500)
committerAl Viro <viro@zeniv.linux.org.uk>
Sun, 12 Apr 2015 02:24:31 +0000 (22:24 -0400)
flush_old_exec() has already done that.  Back on 2011 a bunch of
instances like that had been kicked out, but that hadn't taken
care of then-out-of-tree architectures, obviously, and they served
as reinfection vector...

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
arch/arc/kernel/process.c
arch/c6x/kernel/process.c
arch/hexagon/kernel/process.c
arch/metag/include/asm/processor.h
arch/nios2/kernel/process.c
arch/openrisc/kernel/process.c

index 98c00a2d4dd9a57f1c503ac2ebb6d63a3f1a76b4..f46efd14059d302712df70442604c19f1a8f2fe6 100644 (file)
@@ -155,8 +155,6 @@ int copy_thread(unsigned long clone_flags,
  */
 void start_thread(struct pt_regs * regs, unsigned long pc, unsigned long usp)
 {
-       set_fs(USER_DS); /* user space */
-
        regs->sp = usp;
        regs->ret = pc;
 
index 57d2ea8d19773828d620c98b8593f069ff32cd23..3ae9f5a166a0584034dea8fb41ea645ccf88aeea 100644 (file)
@@ -101,7 +101,6 @@ void start_thread(struct pt_regs *regs, unsigned int pc, unsigned long usp)
         */
        usp -= 8;
 
-       set_fs(USER_DS);
        regs->pc  = pc;
        regs->sp  = usp;
        regs->tsr |= 0x40; /* set user mode */
index 0a0dd5c05b46af8fda112b2ab9cc606a08d6d5a5..a9ebd471823a6644a6773ed99d780c5c620f3e56 100644 (file)
@@ -37,8 +37,6 @@
  */
 void start_thread(struct pt_regs *regs, unsigned long pc, unsigned long sp)
 {
-       /* Set to run with user-mode data segmentation */
-       set_fs(USER_DS);
        /* We want to zero all data-containing registers. Is this overkill? */
        memset(regs, 0, sizeof(*regs));
        /* We might want to also zero all Processor registers here */
index 13272fd5a5baec8e3b1a4de778a6982abf0adae7..0838ca69976466bbfc3c3854fecf91566afd6a9b 100644 (file)
@@ -111,7 +111,6 @@ struct thread_struct {
  */
 #define start_thread(regs, pc, usp) do {                                  \
        unsigned int *argc = (unsigned int *) bprm->exec;                  \
-       set_fs(USER_DS);                                                   \
        current->thread.int_depth = 1;                                     \
        /* Force this process down to user land */                         \
        regs->ctx.SaveMask = TBICTX_PRIV_BIT;                              \
index 0e075b5ad2a54298c99ea668848b523c12449b15..2f8c74f93e705a08e28f2c7a9e6ba9da754ff187 100644 (file)
@@ -94,7 +94,6 @@ void show_regs(struct pt_regs *regs)
 
 void flush_thread(void)
 {
-       set_fs(USER_DS);
 }
 
 int copy_thread(unsigned long clone_flags,
index 386af258591dbe7084867f88b79c3eef980ce15b..7095dfe7666ba3dd55a0807ffd7d09b00af3ccc2 100644 (file)
@@ -197,7 +197,6 @@ void start_thread(struct pt_regs *regs, unsigned long pc, unsigned long sp)
 {
        unsigned long sr = mfspr(SPR_SR) & ~SPR_SR_SM;
 
-       set_fs(USER_DS);
        memset(regs, 0, sizeof(struct pt_regs));
 
        regs->pc = pc;