From d5812a77e5803468a5033be91af978be0f7a17d9 Mon Sep 17 00:00:00 2001 From: Paul Mackerras Date: Sun, 1 May 2005 08:58:42 -0700 Subject: [PATCH] ppc32: Fix address checking on lmw/stmw align exception The handling of misaligned load/store multiple instructions did not check to see if the address was ok to access before using __{get,put}_user(). Signed-off-by: Kumar Gala Signed-off-by: Paul Mackerras Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- arch/ppc/kernel/align.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'arch/ppc') diff --git a/arch/ppc/kernel/align.c b/arch/ppc/kernel/align.c index 40d356c66c4..ff81da9598d 100644 --- a/arch/ppc/kernel/align.c +++ b/arch/ppc/kernel/align.c @@ -290,6 +290,10 @@ fix_alignment(struct pt_regs *regs) /* lwm, stmw */ nb = (32 - reg) * 4; } + + if (!access_ok((flags & ST? VERIFY_WRITE: VERIFY_READ), addr, nb+nb0)) + return -EFAULT; /* bad address */ + rptr = (unsigned char *) ®s->gpr[reg]; if (flags & LD) { for (i = 0; i < nb; ++i) -- cgit v1.2.3-70-g09d2