diff options
author | Al Viro <viro@zeniv.linux.org.uk> | 2016-09-10 22:44:03 +0200 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2016-09-16 01:51:56 +0200 |
commit | 91344493b7da9487a8dbc1109d7486e51c8e5235 (patch) | |
tree | 134a2ad5c7ecd0f304fa69118b66acc92544b60c /arch/arm/include/asm/uaccess.h | |
parent | arc: don't leak bits of kernel stack into coredump (diff) | |
download | linux-91344493b7da9487a8dbc1109d7486e51c8e5235.tar.xz linux-91344493b7da9487a8dbc1109d7486e51c8e5235.zip |
arm: don't zero in __copy_from_user_inatomic()/__copy_from_user()
adjust copy_from_user(), obviously
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'arch/arm/include/asm/uaccess.h')
-rw-r--r-- | arch/arm/include/asm/uaccess.h | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/arch/arm/include/asm/uaccess.h b/arch/arm/include/asm/uaccess.h index a93c0f99acf7..1f59ea051bab 100644 --- a/arch/arm/include/asm/uaccess.h +++ b/arch/arm/include/asm/uaccess.h @@ -533,11 +533,12 @@ __clear_user(void __user *addr, unsigned long n) static inline unsigned long __must_check copy_from_user(void *to, const void __user *from, unsigned long n) { - if (access_ok(VERIFY_READ, from, n)) - n = __copy_from_user(to, from, n); - else /* security hole - plug it */ - memset(to, 0, n); - return n; + unsigned long res = n; + if (likely(access_ok(VERIFY_READ, from, n))) + res = __copy_from_user(to, from, n); + if (unlikely(res)) + memset(to + (n - res), 0, res); + return res; } static inline unsigned long __must_check copy_to_user(void __user *to, const void *from, unsigned long n) |