From fe5c873459a973e59854bd235a7e6b3eaa8e5fe0 Mon Sep 17 00:00:00 2001 From: Helge Deller Date: Sun, 21 Sep 2014 21:01:15 +0200 Subject: [PATCH 1/4] parisc: ptrace: use secure_computing_strict() Signed-off-by: Helge Deller --- arch/parisc/kernel/ptrace.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/arch/parisc/kernel/ptrace.c b/arch/parisc/kernel/ptrace.c index 3bab72462ab5..92438c21d453 100644 --- a/arch/parisc/kernel/ptrace.c +++ b/arch/parisc/kernel/ptrace.c @@ -17,6 +17,7 @@ #include #include #include +#include #include #include #include @@ -271,10 +272,7 @@ long do_syscall_trace_enter(struct pt_regs *regs) long ret = 0; /* Do the secure computing check first. */ - if (secure_computing(regs->gr[20])) { - /* seccomp failures shouldn't expose any additional code. */ - return -1; - } + secure_computing_strict(regs->gr[20]); if (test_thread_flag(TIF_SYSCALL_TRACE) && tracehook_report_syscall_entry(regs)) From 94c457deff2a211f8372f69a4d7b0d288183756a Mon Sep 17 00:00:00 2001 From: Rickard Strandqvist Date: Sun, 14 Sep 2014 18:02:12 +0200 Subject: [PATCH 2/4] parisc: pdc_stable.c: Cleaning up unnecessary use of memset in conjunction with strncpy Using memset before strncpy just to ensure a trailing null character is an unnecessary double writing of a string Patch modified by Helge Deller to additionally reduce stack usage. Signed-off-by: Rickard Strandqvist Signed-off-by: Helge Deller --- drivers/parisc/pdc_stable.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/drivers/parisc/pdc_stable.c b/drivers/parisc/pdc_stable.c index 0f54ab6260df..e4b73c2a053a 100644 --- a/drivers/parisc/pdc_stable.c +++ b/drivers/parisc/pdc_stable.c @@ -755,7 +755,7 @@ static ssize_t pdcs_auto_write(struct kobject *kobj, { struct pdcspath_entry *pathentry; unsigned char flags; - char in[count+1], *temp; + char in[8], *temp; char c; if (!capable(CAP_SYS_ADMIN)) @@ -765,8 +765,9 @@ static ssize_t pdcs_auto_write(struct kobject *kobj, return -EINVAL; /* We'll use a local copy of buf */ - memset(in, 0, count+1); + count = min_t(size_t, count, 7); strncpy(in, buf, count); + in[count] = '\0'; /* Current flags are stored in primary boot path entry */ pathentry = &pdcspath_entry_primary; From c735483de1a2cd5d6c6b67bf49cfb2991eae6ea6 Mon Sep 17 00:00:00 2001 From: Helge Deller Date: Sun, 21 Sep 2014 22:31:08 +0200 Subject: [PATCH 3/4] parisc: pdc_stable.c: Avoid potential stack overflows Signed-off-by: Helge Deller --- drivers/parisc/pdc_stable.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/drivers/parisc/pdc_stable.c b/drivers/parisc/pdc_stable.c index e4b73c2a053a..3651c3871d5b 100644 --- a/drivers/parisc/pdc_stable.c +++ b/drivers/parisc/pdc_stable.c @@ -278,7 +278,7 @@ pdcspath_hwpath_write(struct pdcspath_entry *entry, const char *buf, size_t coun { struct hardware_path hwpath; unsigned short i; - char in[count+1], *temp; + char in[64], *temp; struct device *dev; int ret; @@ -286,8 +286,9 @@ pdcspath_hwpath_write(struct pdcspath_entry *entry, const char *buf, size_t coun return -EINVAL; /* We'll use a local copy of buf */ - memset(in, 0, count+1); + count = min_t(size_t, count, sizeof(in)-1); strncpy(in, buf, count); + in[count] = '\0'; /* Let's clean up the target. 0xff is a blank pattern */ memset(&hwpath, 0xff, sizeof(hwpath)); @@ -393,14 +394,15 @@ pdcspath_layer_write(struct pdcspath_entry *entry, const char *buf, size_t count { unsigned int layers[6]; /* device-specific info (ctlr#, unit#, ...) */ unsigned short i; - char in[count+1], *temp; + char in[64], *temp; if (!entry || !buf || !count) return -EINVAL; /* We'll use a local copy of buf */ - memset(in, 0, count+1); + count = min_t(size_t, count, sizeof(in)-1); strncpy(in, buf, count); + in[count] = '\0'; /* Let's clean up the target. 0 is a blank pattern */ memset(&layers, 0, sizeof(layers)); @@ -765,7 +767,7 @@ static ssize_t pdcs_auto_write(struct kobject *kobj, return -EINVAL; /* We'll use a local copy of buf */ - count = min_t(size_t, count, 7); + count = min_t(size_t, count, sizeof(in)-1); strncpy(in, buf, count); in[count] = '\0'; From d26a7730b5874a5fa6779c62f4ad7c5065a94723 Mon Sep 17 00:00:00 2001 From: John David Anglin Date: Mon, 22 Sep 2014 20:54:50 -0400 Subject: [PATCH 4/4] parisc: Only use -mfast-indirect-calls option for 32-bit kernel builds In spite of what the GCC manual says, the -mfast-indirect-calls has never been supported in the 64-bit parisc compiler. Indirect calls have always been done using function descriptors irrespective of the -mfast-indirect-calls option. Recently, it was noticed that a function descriptor was always requested when the -mfast-indirect-calls option was specified. This caused problems when the option was used in application code and doesn't make any sense because the whole point of the option is to avoid using a function descriptor for indirect calls. Fixing this broke 64-bit kernel builds. I will fix GCC but for now we need the attached change. This results in the same kernel code as before. Signed-off-by: John David Anglin Cc: stable@vger.kernel.org # v3.0+ Signed-off-by: Helge Deller --- arch/parisc/Makefile | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/arch/parisc/Makefile b/arch/parisc/Makefile index 7187664034c3..5db8882f732c 100644 --- a/arch/parisc/Makefile +++ b/arch/parisc/Makefile @@ -48,7 +48,12 @@ cflags-y := -pipe # These flags should be implied by an hppa-linux configuration, but they # are not in gcc 3.2. -cflags-y += -mno-space-regs -mfast-indirect-calls +cflags-y += -mno-space-regs + +# -mfast-indirect-calls is only relevant for 32-bit kernels. +ifndef CONFIG_64BIT +cflags-y += -mfast-indirect-calls +endif # Currently we save and restore fpregs on all kernel entry/interruption paths. # If that gets optimized, we might need to disable the use of fpregs in the