summaryrefslogtreecommitdiff
path: root/crypto/async_tx
diff options
context:
space:
mode:
authorJames Hogan <james.hogan@imgtec.com>2017-03-31 10:14:02 (GMT)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2017-04-12 10:41:13 (GMT)
commit3dc0fe517a9fb44f6c45cbb787cc4bdf5e9a3d0f (patch)
tree413d815492f89686b72b5a5628fa6aa9f8fd833c /crypto/async_tx
parent4a93ac814ddcc8d2841f224d9157ab241feab1ac (diff)
downloadlinux-3dc0fe517a9fb44f6c45cbb787cc4bdf5e9a3d0f.tar.xz
metag/usercopy: Zero rest of buffer from copy_from_user
commit 563ddc1076109f2b3f88e6d355eab7b6fd4662cb upstream. Currently we try to zero the destination for a failed read from userland in fixup code in the usercopy.c macros. The rest of the destination buffer is then zeroed from __copy_user_zeroing(), which is used for both copy_from_user() and __copy_from_user(). Unfortunately we fail to zero in the fixup code as D1Ar1 is set to 0 before the fixup code entry labels, and __copy_from_user() shouldn't even be zeroing the rest of the buffer. Move the zeroing out into copy_from_user() and rename __copy_user_zeroing() to raw_copy_from_user() since it no longer does any zeroing. This also conveniently matches the name needed for RAW_COPY_USER support in a later patch. Fixes: 373cd784d0fc ("metag: Memory handling") Reported-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: James Hogan <james.hogan@imgtec.com> Cc: linux-metag@vger.kernel.org Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'crypto/async_tx')
0 files changed, 0 insertions, 0 deletions