regset: Prevent null pointer reference on readonly regsets
authorH. Peter Anvin <hpa@zytor.com>
Fri, 2 Mar 2012 18:43:48 +0000 (10:43 -0800)
committerLinus Torvalds <torvalds@linux-foundation.org>
Fri, 2 Mar 2012 19:38:15 +0000 (11:38 -0800)
The regset common infrastructure assumed that regsets would always
have .get and .set methods, but not necessarily .active methods.
Unfortunately people have since written regsets without .set methods.

Rather than putting in stub functions everywhere, handle regsets with
null .get or .set methods explicitly.

Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Reviewed-by: Oleg Nesterov <oleg@redhat.com>
Acked-by: Roland McGrath <roland@hack.frob.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
fs/binfmt_elf.c
include/linux/regset.h

index bcb884e2d613e76d94570dd81b99ba27e3906a66..07d096c49920cf21308480da107a6064a889db47 100644 (file)
@@ -1421,7 +1421,7 @@ static int fill_thread_core_info(struct elf_thread_core_info *t,
        for (i = 1; i < view->n; ++i) {
                const struct user_regset *regset = &view->regsets[i];
                do_thread_regset_writeback(t->task, regset);
-               if (regset->core_note_type &&
+               if (regset->core_note_type && regset->get &&
                    (!regset->active || regset->active(t->task, regset))) {
                        int ret;
                        size_t size = regset->n * regset->size;
index 8abee65562230fe05174d2ded6bc8ec50249348b..5150fd16ef93cbb38a840fb6667b56b937697f51 100644 (file)
@@ -335,6 +335,9 @@ static inline int copy_regset_to_user(struct task_struct *target,
 {
        const struct user_regset *regset = &view->regsets[setno];
 
+       if (!regset->get)
+               return -EOPNOTSUPP;
+
        if (!access_ok(VERIFY_WRITE, data, size))
                return -EIO;
 
@@ -358,6 +361,9 @@ static inline int copy_regset_from_user(struct task_struct *target,
 {
        const struct user_regset *regset = &view->regsets[setno];
 
+       if (!regset->set)
+               return -EOPNOTSUPP;
+
        if (!access_ok(VERIFY_READ, data, size))
                return -EIO;