Commit c8e25258 authored by H. Peter Anvin's avatar H. Peter Anvin Committed by Linus Torvalds

regset: Prevent null pointer reference on readonly regsets

The regset common infrastructure assumed that regsets would always
have .get and .set methods, but not necessarily .active methods.
Unfortunately people have since written regsets without .set methods.

Rather than putting in stub functions everywhere, handle regsets with
null .get or .set methods explicitly.
Signed-off-by: default avatarH. Peter Anvin <hpa@zytor.com>
Reviewed-by: default avatarOleg Nesterov <oleg@redhat.com>
Acked-by: default avatarRoland McGrath <roland@hack.frob.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent 1f033c1a
...@@ -1421,7 +1421,7 @@ static int fill_thread_core_info(struct elf_thread_core_info *t, ...@@ -1421,7 +1421,7 @@ static int fill_thread_core_info(struct elf_thread_core_info *t,
for (i = 1; i < view->n; ++i) { for (i = 1; i < view->n; ++i) {
const struct user_regset *regset = &view->regsets[i]; const struct user_regset *regset = &view->regsets[i];
do_thread_regset_writeback(t->task, regset); do_thread_regset_writeback(t->task, regset);
if (regset->core_note_type && if (regset->core_note_type && regset->get &&
(!regset->active || regset->active(t->task, regset))) { (!regset->active || regset->active(t->task, regset))) {
int ret; int ret;
size_t size = regset->n * regset->size; size_t size = regset->n * regset->size;
......
...@@ -335,6 +335,9 @@ static inline int copy_regset_to_user(struct task_struct *target, ...@@ -335,6 +335,9 @@ static inline int copy_regset_to_user(struct task_struct *target,
{ {
const struct user_regset *regset = &view->regsets[setno]; const struct user_regset *regset = &view->regsets[setno];
if (!regset->get)
return -EOPNOTSUPP;
if (!access_ok(VERIFY_WRITE, data, size)) if (!access_ok(VERIFY_WRITE, data, size))
return -EIO; return -EIO;
...@@ -358,6 +361,9 @@ static inline int copy_regset_from_user(struct task_struct *target, ...@@ -358,6 +361,9 @@ static inline int copy_regset_from_user(struct task_struct *target,
{ {
const struct user_regset *regset = &view->regsets[setno]; const struct user_regset *regset = &view->regsets[setno];
if (!regset->set)
return -EOPNOTSUPP;
if (!access_ok(VERIFY_READ, data, size)) if (!access_ok(VERIFY_READ, data, size))
return -EIO; return -EIO;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment