projects / GitHub / LineageOS / android_kernel_motorola_exynos9610.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b0bb945)
mips: make copy_from_user() zero tail explicitly
authorAl Viro <viro@zeniv.linux.org.uk>
Mon, 20 Mar 2017 15:54:21 +0000 (11:54 -0400)
committerAl Viro <viro@zeniv.linux.org.uk>
Thu, 6 Apr 2017 06:08:08 +0000 (02:08 -0400)
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
arch/mips/include/asm/uaccess.h patch | blob | blame | history

diff --git a/arch/mips/include/asm/uaccess.h b/arch/mips/include/asm/uaccess.h
index 9c05262a85f30fdeb79f00f3f21bbf498f2b2319..712dc40625b69a01bb918901e2d85b102be78d7e 100644 (file)
--- a/arch/mips/include/asm/uaccess.h
+++ b/arch/mips/include/asm/uaccess.h
@@ -1080,29 +1080,29 @@ extern size_t __copy_user_inatomic(void *__to, const void *__from, size_t __n);
 ({                                                                     \
        void *__cu_to;                                                  \
        const void __user *__cu_from;                                   \
-       long __cu_len;                                                  \
+       long __cu_len, __cu_res;                                        \
                                                                        \
        __cu_to = (to);                                                 \
        __cu_from = (from);                                             \
-       __cu_len = (n);                                                 \
+       __cu_res = __cu_len = (n);                                      \
                                                                        \
        check_object_size(__cu_to, __cu_len, false);                    \
                                                                        \
        if (eva_kernel_access()) {                                      \
-               __cu_len = __invoke_copy_from_kernel(__cu_to,           \
+               __cu_res = __invoke_copy_from_kernel(__cu_to,           \
                                                     __cu_from,         \
                                                     __cu_len);         \
        } else {                                                        \
                if (access_ok(VERIFY_READ, __cu_from, __cu_len)) {      \
                        might_fault();                                  \
-                       __cu_len = __invoke_copy_from_user(__cu_to,     \
+                       __cu_res = __invoke_copy_from_user(__cu_to,     \
                                                           __cu_from,   \
                                                           __cu_len);   \
-               } else {                                                \
-                       memset(__cu_to, 0, __cu_len);                   \
                }                                                       \
        }                                                               \
-       __cu_len;                                                       \
+       if (unlikely(__cu_res))                                         \
+               memset(__cu_to + __cu_len - __cu_res, 0, __cu_res);     \
+       __cu_res;                                                       \
 })
 
 #define __copy_in_user(to, from, n)                                    \