summaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2019-01-03 18:57:57 -0800
committerLinus Torvalds <torvalds@linux-foundation.org>2019-01-03 18:57:57 -0800
commit96d4f267e40f9509e8a66e2b39e8b95655617693 (patch)
treedf03d142d405652392707b1b80c284d68d6ea6ab /lib
parent135143b2cac43d2a1ec73b53033b9473fbbcce6d (diff)
downloadlinux-0-day-96d4f267e40f9509e8a66e2b39e8b95655617693.tar.gz
linux-0-day-96d4f267e40f9509e8a66e2b39e8b95655617693.tar.xz
Remove 'type' argument from access_ok() function
Nobody has actually used the type (VERIFY_READ vs VERIFY_WRITE) argument of the user address range verification function since we got rid of the old racy i386-only code to walk page tables by hand. It existed because the original 80386 would not honor the write protect bit when in kernel mode, so you had to do COW by hand before doing any user access. But we haven't supported that in a long time, and these days the 'type' argument is a purely historical artifact. A discussion about extending 'user_access_begin()' to do the range checking resulted this patch, because there is no way we're going to move the old VERIFY_xyz interface to that model. And it's best done at the end of the merge window when I've done most of my merges, so let's just get this done once and for all. This patch was mostly done with a sed-script, with manual fix-ups for the cases that weren't of the trivial 'access_ok(VERIFY_xyz' form. There were a couple of notable cases: - csky still had the old "verify_area()" name as an alias. - the iter_iov code had magical hardcoded knowledge of the actual values of VERIFY_{READ,WRITE} (not that they mattered, since nothing really used it) - microblaze used the type argument for a debug printout but other than those oddities this should be a total no-op patch. I tried to fix up all architectures, did fairly extensive grepping for access_ok() uses, and the changes are trivial, but I may have missed something. Any missed conversion should be trivially fixable, though. Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'lib')
-rw-r--r--lib/bitmap.c4
-rw-r--r--lib/iov_iter.c8
-rw-r--r--lib/usercopy.c4
3 files changed, 8 insertions, 8 deletions
diff --git a/lib/bitmap.c b/lib/bitmap.c
index eead55aa71706..98872e9025dab 100644
--- a/lib/bitmap.c
+++ b/lib/bitmap.c
@@ -443,7 +443,7 @@ int bitmap_parse_user(const char __user *ubuf,
unsigned int ulen, unsigned long *maskp,
int nmaskbits)
{
- if (!access_ok(VERIFY_READ, ubuf, ulen))
+ if (!access_ok(ubuf, ulen))
return -EFAULT;
return __bitmap_parse((const char __force *)ubuf,
ulen, 1, maskp, nmaskbits);
@@ -641,7 +641,7 @@ int bitmap_parselist_user(const char __user *ubuf,
unsigned int ulen, unsigned long *maskp,
int nmaskbits)
{
- if (!access_ok(VERIFY_READ, ubuf, ulen))
+ if (!access_ok(ubuf, ulen))
return -EFAULT;
return __bitmap_parselist((const char __force *)ubuf,
ulen, 1, maskp, nmaskbits);
diff --git a/lib/iov_iter.c b/lib/iov_iter.c
index 1928009f506e8..c93870987b582 100644
--- a/lib/iov_iter.c
+++ b/lib/iov_iter.c
@@ -136,7 +136,7 @@
static int copyout(void __user *to, const void *from, size_t n)
{
- if (access_ok(VERIFY_WRITE, to, n)) {
+ if (access_ok(to, n)) {
kasan_check_read(from, n);
n = raw_copy_to_user(to, from, n);
}
@@ -145,7 +145,7 @@ static int copyout(void __user *to, const void *from, size_t n)
static int copyin(void *to, const void __user *from, size_t n)
{
- if (access_ok(VERIFY_READ, from, n)) {
+ if (access_ok(from, n)) {
kasan_check_write(to, n);
n = raw_copy_from_user(to, from, n);
}
@@ -614,7 +614,7 @@ EXPORT_SYMBOL(_copy_to_iter);
#ifdef CONFIG_ARCH_HAS_UACCESS_MCSAFE
static int copyout_mcsafe(void __user *to, const void *from, size_t n)
{
- if (access_ok(VERIFY_WRITE, to, n)) {
+ if (access_ok(to, n)) {
kasan_check_read(from, n);
n = copy_to_user_mcsafe((__force void *) to, from, n);
}
@@ -1663,7 +1663,7 @@ int import_single_range(int rw, void __user *buf, size_t len,
{
if (len > MAX_RW_COUNT)
len = MAX_RW_COUNT;
- if (unlikely(!access_ok(!rw, buf, len)))
+ if (unlikely(!access_ok(buf, len)))
return -EFAULT;
iov->iov_base = buf;
diff --git a/lib/usercopy.c b/lib/usercopy.c
index 3744b2a8e591c..c2bfbcaeb3dc5 100644
--- a/lib/usercopy.c
+++ b/lib/usercopy.c
@@ -8,7 +8,7 @@ unsigned long _copy_from_user(void *to, const void __user *from, unsigned long n
{
unsigned long res = n;
might_fault();
- if (likely(access_ok(VERIFY_READ, from, n))) {
+ if (likely(access_ok(from, n))) {
kasan_check_write(to, n);
res = raw_copy_from_user(to, from, n);
}
@@ -23,7 +23,7 @@ EXPORT_SYMBOL(_copy_from_user);
unsigned long _copy_to_user(void __user *to, const void *from, unsigned long n)
{
might_fault();
- if (likely(access_ok(VERIFY_WRITE, to, n))) {
+ if (likely(access_ok(to, n))) {
kasan_check_read(from, n);
n = raw_copy_to_user(to, from, n);
}