summaryrefslogtreecommitdiff
path: root/fs/autofs
diff options
context:
space:
mode:
authorGuillem Jover <guillem@hadrons.org>2019-08-21 06:38:20 +0300
committerAl Viro <viro@zeniv.linux.org.uk>2019-10-22 02:12:19 +0300
commit97eba80fcca754856d09e048f469db22773bec68 (patch)
treea9894bc3a904db4aac3c0eee631852598351bb7f /fs/autofs
parent0ecee66990644c3482209ff7c12faa7bc40449b1 (diff)
downloadlinux-97eba80fcca754856d09e048f469db22773bec68.tar.xz
aio: Fix io_pgetevents() struct __compat_aio_sigset layout
This type is used to pass the sigset_t from userland to the kernel, but it was using the kernel native pointer type for the member representing the compat userland pointer to the userland sigset_t. This messes up the layout, and makes the kernel eat up both the userland pointer and the size members into the kernel pointer, and then reads garbage into the kernel sigsetsize. Which makes the sigset_t size consistency check fail, and consequently the syscall always returns -EINVAL. This breaks both libaio and strace on 32-bit userland running on 64-bit kernels. And there are apparently no users in the wild of the current broken layout (at least according to codesearch.debian.org and a brief check over github.com search). So it looks safe to fix this directly in the kernel, instead of either letting userland deal with this permanently with the additional overhead or trying to make the syscall infer what layout userland used, even though this is also being worked around in libaio to temporarily cope with kernels that have not yet been fixed. We use a proper compat_uptr_t instead of a compat_sigset_t pointer. Fixes: 7a074e96dee6 ("aio: implement io_pgetevents") Signed-off-by: Guillem Jover <guillem@hadrons.org> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'fs/autofs')
0 files changed, 0 insertions, 0 deletions