From: Carsten Haitzler carsten.haitzler@foss.arm.com
Fix the kcmp syscall (when CONFIG_CHECKPOINT_RESTORE is enabled) for the case that the idx arguemnts might be pointers (capabilites) passed in. One of the kcmp types uses idx2 to carry a capability pointer to extended structure information copied in from userspace. This allows for idx2 and idx1 to potentially do this now.
Signed-off-by: Carsten Haitzler carsten.haitzler@foss.arm.com --- kernel/kcmp.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/kernel/kcmp.c b/kernel/kcmp.c index 5353edfad8e1..6f29a94b07d4 100644 --- a/kernel/kcmp.c +++ b/kernel/kcmp.c @@ -133,13 +133,12 @@ static int kcmp_epoll_target(struct task_struct *task1, #endif
SYSCALL_DEFINE5(kcmp, pid_t, pid1, pid_t, pid2, int, type, - unsigned long, idx1, unsigned long, idx2) + user_uintptr_t, idx1, user_uintptr_t, idx2) { struct task_struct *task1, *task2; int ret;
rcu_read_lock(); - /* * Tasks are looked up in caller's PID namespace only. */ @@ -204,7 +203,7 @@ SYSCALL_DEFINE5(kcmp, pid_t, pid1, pid_t, pid2, int, type, #endif break; case KCMP_EPOLL_TFD: - ret = kcmp_epoll_target(task1, task2, idx1, (void *)idx2); + ret = kcmp_epoll_target(task1, task2, idx1, (struct kcmp_epoll_slot __user *)idx2); break; default: ret = -EINVAL;