http://linux.bkbits.net/linux-2.5 torvalds@ppc970.osdl.org|ChangeSet|20040531221846|37060 torvalds # This is a BitKeeper generated diff -Nru style patch. # # net/core/dev.c # 2004/05/30 14:17:01-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: SIOCGIFCONF handling - the rest of it # # ChangeSet # 2004/05/31 15:18:46-07:00 torvalds@ppc970.osdl.org # sparse: make x86 and ppc64 set the architecture-specific #define's # explcitly. # # sparse doesn't set any arch defines itself. # # arch/ppc64/Makefile # 2004/05/31 15:18:41-07:00 torvalds@ppc970.osdl.org +2 -1 # sparse: make x86 and ppc64 set the architecture-specific #define's # explcitly. # # sparse doesn't set any arch defines itself. # # arch/i386/Makefile # 2004/05/31 15:18:41-07:00 torvalds@ppc970.osdl.org +1 -0 # sparse: make x86 and ppc64 set the architecture-specific #define's # explcitly. # # sparse doesn't set any arch defines itself. # # ChangeSet # 2004/05/31 15:11:45-07:00 petero2@telia.com # [PATCH] Avoid excessive stack usage in NFS # # Assigning '*wdata' with a dynamic initializer creates a # temporary structure copy on the stack, and then the final # data is initialized with a "memcpy()". # # As a result, these NFS functions use more than 800 bytes # of stack-space. # # Changing the code to just do a memset followed by explicit # initialization of the non-zero member variables takes the # stack usage down to 36 bytes. # # Here is a patch that does exactly that. # # fs/nfs/write.c # 2004/05/31 14:29:33-07:00 petero2@telia.com +11 -17 # Avoid excessive stack usage in NFS # # fs/nfs/read.c # 2004/05/31 14:29:26-07:00 petero2@telia.com +10 -16 # Avoid excessive stack usage in NFS # # ChangeSet # 2004/05/31 12:35:54-07:00 torvalds@ppc970.osdl.org # ppc64: more user address fixups. # # Removed one (harmless) direct user pointer access. # # arch/ppc64/mm/fault.c # 2004/05/31 12:35:49-07:00 torvalds@ppc970.osdl.org +1 -1 # ppc64: more user address fixups. # # Removed one (harmless) direct user pointer access. # # arch/ppc64/kernel/sys_ppc32.c # 2004/05/31 12:35:49-07:00 torvalds@ppc970.osdl.org +3 -3 # ppc64: more user address fixups. # # Removed one (harmless) direct user pointer access. # # arch/ppc64/kernel/signal32.c # 2004/05/31 12:35:49-07:00 torvalds@ppc970.osdl.org +15 -19 # ppc64: more user address fixups. # # Removed one (harmless) direct user pointer access. # # arch/ppc64/kernel/ptrace32.c # 2004/05/31 12:35:49-07:00 torvalds@ppc970.osdl.org +12 -12 # ppc64: more user address fixups. # # Removed one (harmless) direct user pointer access. # # arch/ppc64/kernel/align.c # 2004/05/31 12:35:49-07:00 torvalds@ppc970.osdl.org +4 -4 # ppc64: more user address fixups. # # Removed one (harmless) direct user pointer access. # # ChangeSet # 2004/05/31 12:21:49-07:00 torvalds@ppc970.osdl.org # ppc64: add more user annotations to ptrace.c # # arch/ppc64/kernel/ptrace.c # 2004/05/31 12:21:43-07:00 torvalds@ppc970.osdl.org +6 -6 # ppc64: add more user annotations to ptrace.c # # ChangeSet # 2004/05/31 12:17:16-07:00 torvalds@ppc970.osdl.org # ppc64: fix more user pointers in signal handling # # arch/ppc64/kernel/signal.c # 2004/05/31 12:17:11-07:00 torvalds@ppc970.osdl.org +9 -9 # ppc64: fix more user pointers in signal handling # # ChangeSet # 2004/05/31 11:19:40-07:00 torvalds@ppc970.osdl.org # sparse: make x86 user pointer checks stricter. # # Also use "__force" when forcing the user address to "unsigned long" # for the address limit check. # # include/asm-i386/uaccess.h # 2004/05/31 11:19:35-07:00 torvalds@ppc970.osdl.org +12 -4 # sparse: make x86 user pointer checks stricter. # # Also use "__force" when forcing the user address to "unsigned long" # for the address limit check. # # ChangeSet # 2004/05/31 10:41:08-07:00 torvalds@ppc970.osdl.org # ppc64: missing __user annotations noticed by stricter checks. # # arch/ppc64/kernel/time.c # 2004/05/31 10:41:03-07:00 torvalds@ppc970.osdl.org +2 -2 # ppc64: missing __user annotations noticed by stricter checks. # # arch/ppc64/kernel/process.c # 2004/05/31 10:41:03-07:00 torvalds@ppc970.osdl.org +3 -3 # ppc64: missing __user annotations noticed by stricter checks. # # ChangeSet # 2004/05/31 10:39:30-07:00 torvalds@ppc970.osdl.org # ppc64: check more of the user access functions for proper arguments. # # include/asm-ppc64/uaccess.h # 2004/05/31 10:39:25-07:00 torvalds@ppc970.osdl.org +8 -2 # ppc64: check more of the user access functions for proper arguments. # # ChangeSet # 2004/05/31 10:38:48-07:00 torvalds@ppc970.osdl.org # sparse: add "__force" type attribute for forcing a cast. # # include/linux/compiler.h # 2004/05/31 10:38:43-07:00 torvalds@ppc970.osdl.org +2 -0 # sparse: add "__force" type attribute for forcing a cast. # # ChangeSet # 2004/05/31 09:59:55-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse: asus_acpi dereference of userland pointers # # Direct sscanf() on userland buffer in procfs ->write_proc(). Fixed. # # drivers/acpi/asus_acpi.c # 2004/05/30 21:10:18-07:00 viro@parcelfarce.linux.theplanet.co.uk +33 -15 # sparse: asus_acpi dereference of userland pointers # # ChangeSet # 2004/05/31 00:38:17-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse: reiserfs annotation # # Everything straigthforward and takes care of almost all sparse warnings # in fs/reiserfs/*. # # fs/reiserfs/ioctl.c # 2004/05/30 19:10:29-07:00 viro@parcelfarce.linux.theplanet.co.uk +4 -4 # sparse: reiserfs annotation # # fs/reiserfs/file.c # 2004/05/30 19:10:29-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse: reiserfs annotation # # ChangeSet # 2004/05/30 23:17:04-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] trivial annotation for arch/i386/kernel/* # # Several places in arch/i386/kernel were still un-annotated - they didn't # trip copy_.._user(), so they stayed alive. Caught and killed. # # That's not all - there's a big cluster of them in vm86.c, but I haven't # looked into that code yet. # # arch/i386/kernel/signal.c # 2004/05/30 18:52:17-07:00 viro@parcelfarce.linux.theplanet.co.uk +12 -12 # trivial annotation for arch/i386/kernel/* # # arch/i386/kernel/ptrace.c # 2004/05/30 18:52:17-07:00 viro@parcelfarce.linux.theplanet.co.uk +17 -16 # trivial annotation for arch/i386/kernel/* # # arch/i386/kernel/msr.c # 2004/05/30 18:52:17-07:00 viro@parcelfarce.linux.theplanet.co.uk +4 -4 # trivial annotation for arch/i386/kernel/* # # arch/i386/kernel/microcode.c # 2004/05/30 18:52:17-07:00 viro@parcelfarce.linux.theplanet.co.uk +3 -3 # trivial annotation for arch/i386/kernel/* # # arch/i386/kernel/i387.c # 2004/05/30 18:52:17-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # trivial annotation for arch/i386/kernel/* # # ChangeSet # 2004/05/30 22:00:08-07:00 torvalds@ppc970.osdl.org # ppc64: mark the "regshere" marker with proper type information. # # arch/ppc64/xmon/xmon.c # 2004/05/30 22:00:02-07:00 torvalds@ppc970.osdl.org +1 -1 # ppc64: mark the "regshere" marker with proper type information. # # arch/ppc64/kernel/process.c # 2004/05/30 22:00:02-07:00 torvalds@ppc970.osdl.org +1 -1 # ppc64: mark the "regshere" marker with proper type information. # # ChangeSet # 2004/05/30 21:35:38-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse alpha: the rest of it # # A bunch of "return in void function" dealt with, removed bogus extern # from definition of __load_new_mm_context(), sanitized fscking ugly # CROSS_64K() helper (even if sparse doesn't segfault on that anymore, # it's _still_ fscking ugly). # # include/asm-alpha/floppy.h # 2004/05/30 17:16:29-07:00 viro@parcelfarce.linux.theplanet.co.uk +5 -4 # sparse alpha: the rest of it # # arch/alpha/mm/fault.c # 2004/05/30 17:16:07-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse alpha: the rest of it # # arch/alpha/kernel/err_titan.c # 2004/05/30 17:15:50-07:00 viro@parcelfarce.linux.theplanet.co.uk +4 -2 # sparse alpha: the rest of it # # arch/alpha/kernel/err_marvel.c # 2004/05/30 17:15:43-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -1 # sparse alpha: the rest of it # # arch/alpha/kernel/core_marvel.c # 2004/05/30 17:15:25-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse alpha: the rest of it # # ChangeSet # 2004/05/30 21:34:09-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse alpha: utimes() # # ... and that's where I'd found do_utimes() crap before I went # grepping ;-) # # arch/alpha/kernel/osf_sys.c # 2004/05/30 17:14:28-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -15 # sparse alpha: utimes() # # ChangeSet # 2004/05/30 21:33:58-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse alpha: trivial parts of __user annotation # # Trivial stuff in arch/alpha annotated; in two cases of # osf_proplist_syscall() dereferencing userland pointers replaced with # get_user # # arch/alpha/math-emu/math.c # 2004/05/30 17:13:06-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse alpha: trivial parts of __user annotation # # arch/alpha/kernel/signal.c # 2004/05/30 17:12:46-07:00 viro@parcelfarce.linux.theplanet.co.uk +15 -14 # sparse alpha: trivial parts of __user annotation # # arch/alpha/kernel/process.c # 2004/05/30 17:12:30-07:00 viro@parcelfarce.linux.theplanet.co.uk +5 -3 # sparse alpha: trivial parts of __user annotation # # arch/alpha/kernel/osf_sys.c # 2004/05/30 17:12:19-07:00 viro@parcelfarce.linux.theplanet.co.uk +75 -79 # sparse alpha: trivial parts of __user annotation # # ChangeSet # 2004/05/30 21:33:47-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse alpha: #if abuses # # #if where #ifdef should've been # # include/asm-alpha/semaphore.h # 2004/05/30 17:07:33-07:00 viro@parcelfarce.linux.theplanet.co.uk +4 -4 # sparse alpha: #if abuses # # include/asm-alpha/core_mcpcia.h # 2004/05/30 17:07:55-07:00 viro@parcelfarce.linux.theplanet.co.uk +5 -5 # sparse alpha: #if abuses # # arch/alpha/kernel/smp.c # 2004/05/30 17:08:47-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse alpha: #if abuses # # arch/alpha/kernel/semaphore.c # 2004/05/30 17:08:36-07:00 viro@parcelfarce.linux.theplanet.co.uk +4 -4 # sparse alpha: #if abuses # # arch/alpha/kernel/machvec_impl.h # 2004/05/30 17:08:14-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse alpha: #if abuses # # ChangeSet # 2004/05/30 21:33:36-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse alpha: long constants # # Long constants marked as such # # include/asm-alpha/pgtable.h # 2004/05/30 17:03:12-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse alpha: long constants # # include/asm-alpha/page.h # 2004/05/30 17:02:59-07:00 viro@parcelfarce.linux.theplanet.co.uk +11 -3 # sparse alpha: long constants # # include/asm-alpha/io.h # 2004/05/30 17:02:42-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse alpha: long constants # # include/asm-alpha/core_polaris.h # 2004/05/30 17:02:29-07:00 viro@parcelfarce.linux.theplanet.co.uk +7 -7 # sparse alpha: long constants # # arch/alpha/mm/init.c # 2004/05/30 17:05:47-07:00 viro@parcelfarce.linux.theplanet.co.uk +5 -5 # sparse alpha: long constants # # arch/alpha/math-emu/math.c # 2004/05/30 17:05:33-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse alpha: long constants # # arch/alpha/kernel/sys_sx164.c # 2004/05/30 17:05:07-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse alpha: long constants # # arch/alpha/kernel/setup.c # 2004/05/30 17:04:53-07:00 viro@parcelfarce.linux.theplanet.co.uk +3 -3 # sparse alpha: long constants # # arch/alpha/kernel/core_wildfire.c # 2004/05/30 17:04:23-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse alpha: long constants # # arch/alpha/kernel/core_titan.c # 2004/05/30 17:04:15-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse alpha: long constants # # arch/alpha/kernel/core_irongate.c # 2004/05/30 17:03:54-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse alpha: long constants # # arch/alpha/kernel/core_cia.c # 2004/05/30 17:03:46-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse alpha: long constants # # ChangeSet # 2004/05/30 21:33:26-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse alpha: beginning of __user annotation # # Copying primitives annotated. # # include/asm-alpha/uaccess.h # 2004/05/30 17:00:07-07:00 viro@parcelfarce.linux.theplanet.co.uk +42 -19 # sparse alpha: beginning of __user annotation # # include/asm-alpha/checksum.h # 2004/05/30 17:00:22-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse alpha: beginning of __user annotation # # arch/alpha/lib/csum_partial_copy.c # 2004/05/30 17:01:21-07:00 viro@parcelfarce.linux.theplanet.co.uk +9 -8 # sparse alpha: beginning of __user annotation # # ChangeSet # 2004/05/30 21:33:10-07:00 torvalds@ppc970.osdl.org # ppc64: more explicitly typed constants # # include/asm-ppc64/pgtable.h # 2004/05/30 21:33:05-07:00 torvalds@ppc970.osdl.org +3 -3 # ppc64: more explicitly typed constants # # ChangeSet # 2004/05/30 20:09:42-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse: SIOCGIFCONF handling - the rest of it # # Fixed the type of SIOCGIFCONF callback; inet instance was already # correctly annotated, decnet one was _not_. Moreover, decnet callback # needed fixing - dereferencing userland address. # # net/decnet/dn_dev.c # 2004/05/30 14:17:01-07:00 viro@parcelfarce.linux.theplanet.co.uk +16 -8 # sparse: SIOCGIFCONF handling - the rest of it # # include/linux/netdevice.h # 2004/05/30 14:17:01-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: SIOCGIFCONF handling - the rest of it # # ChangeSet # 2004/05/30 20:09:31-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse: tty_driver ->write_proc() # # Made ->write_proc in tty_driver suitable for procfs write callback # # include/linux/tty_driver.h # 2004/05/30 13:47:19-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse: tty_driver ->write_proc() # # ChangeSet # 2004/05/30 20:09:21-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse: n_tty annotation # # n_tty annotated, ldisc_struct ->read() and ->write() got __user # on their buf argument. # # include/linux/tty_ldisc.h # 2004/05/30 13:39:05-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse: n_tty annotation # # drivers/char/n_tty.c # 2004/05/30 13:38:40-07:00 viro@parcelfarce.linux.theplanet.co.uk +6 -6 # sparse: n_tty annotation # # ChangeSet # 2004/05/30 20:09:10-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse: vt and friends # # vt, vt_ioctl, consolemap and selection annotated, struct unimapdesc # and struct consolefontdesc got __user on their pointer members. # # include/linux/vt_kern.h # 2004/05/30 13:37:41-07:00 viro@parcelfarce.linux.theplanet.co.uk +8 -8 # sparse: vt and friends # # include/linux/selection.h # 2004/05/30 13:37:36-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse: vt and friends # # include/linux/kd.h # 2004/05/30 13:37:26-07:00 viro@parcelfarce.linux.theplanet.co.uk +3 -2 # sparse: vt and friends # # drivers/char/vt_ioctl.c # 2004/05/30 13:36:38-07:00 viro@parcelfarce.linux.theplanet.co.uk +36 -36 # sparse: vt and friends # # drivers/char/vt.c # 2004/05/30 13:36:33-07:00 viro@parcelfarce.linux.theplanet.co.uk +17 -16 # sparse: vt and friends # # drivers/char/selection.c # 2004/05/30 13:37:00-07:00 viro@parcelfarce.linux.theplanet.co.uk +13 -21 # sparse: vt and friends # # drivers/char/consolemap.c # 2004/05/30 13:36:54-07:00 viro@parcelfarce.linux.theplanet.co.uk +10 -12 # sparse: vt and friends # # ChangeSet # 2004/05/30 20:08:59-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse: tty_ioctl annotation # # tty_ioctl.c annotation # # drivers/char/tty_ioctl.c # 2004/05/30 13:35:31-07:00 viro@parcelfarce.linux.theplanet.co.uk +32 -31 # sparse: tty_ioctl annotation # # ChangeSet # 2004/05/30 20:08:48-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse: tty_io annotation # # tty_io.c annotated # # drivers/char/tty_io.c # 2004/05/30 13:31:55-07:00 viro@parcelfarce.linux.theplanet.co.uk +41 -40 # sparse: tty_io annotation # # ChangeSet # 2004/05/30 20:08:37-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse: fs/compat.c::copy_iocb() cleanup # # That "u64" in there is actually struct iocb __user *. Changed # prototype, killed casts in body and caller... # # fs/compat.c # 2004/05/30 13:14:17-07:00 viro@parcelfarce.linux.theplanet.co.uk +3 -3 # sparse: fs/compat.c::copy_iocb() cleanup # # ChangeSet # 2004/05/30 20:08:26-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse: amd64 - rest # # return void in floppy.h and "conditionally long" constants in page.h. # # Would be useful to teach as(1) about C notation for long... # # include/asm-x86_64/page.h # 2004/05/30 13:09:21-07:00 viro@parcelfarce.linux.theplanet.co.uk +8 -3 # sparse: amd64 - rest # # include/asm-x86_64/floppy.h # 2004/05/30 13:08:29-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: amd64 - rest # # ChangeSet # 2004/05/30 20:08:15-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse: amd64 - long constants # # Long constants marked as such. # # include/asm-x86_64/uaccess.h # 2004/05/30 13:05:01-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: amd64 - long constants # # include/asm-x86_64/processor.h # 2004/05/30 13:04:53-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: amd64 - long constants # # include/asm-x86_64/pgtable.h # 2004/05/30 13:04:43-07:00 viro@parcelfarce.linux.theplanet.co.uk +5 -5 # sparse: amd64 - long constants # # ChangeSet # 2004/05/30 20:08:04-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse: amd64 - #if abuse fixes # # #if where #ifdef should've been. Fixed. # # include/asm-x86_64/semaphore.h # 2004/05/30 13:01:37-07:00 viro@parcelfarce.linux.theplanet.co.uk +7 -7 # sparse: amd64 - #if abuse fixes # # arch/x86_64/kernel/signal.c # 2004/05/30 13:01:01-07:00 viro@parcelfarce.linux.theplanet.co.uk +6 -6 # sparse: amd64 - #if abuse fixes # # ChangeSet # 2004/05/30 20:07:53-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse: amd64 - more trivial annotations # # include/asm-x86_64/checksum.h # 2004/05/30 12:58:19-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse: amd64 - more trivial annotations # # arch/x86_64/ia32/tls32.c # 2004/05/30 12:56:33-07:00 viro@parcelfarce.linux.theplanet.co.uk +7 -6 # sparse: amd64 - more trivial annotations # # arch/x86_64/ia32/sys_ia32.c # 2004/05/30 12:56:26-07:00 viro@parcelfarce.linux.theplanet.co.uk +56 -55 # sparse: amd64 - more trivial annotations # # ChangeSet # 2004/05/30 20:07:42-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse: amd64 annotations - trivial part # # Annotation of amd64 code - just adding __user where needed... # # include/asm-x86_64/sigcontext.h # 2004/05/30 12:51:20-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -1 # sparse: amd64 annotations - trivial part # # include/asm-x86_64/ptrace.h # 2004/05/30 12:51:02-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: amd64 annotations - trivial part # # include/asm-x86_64/ia32.h # 2004/05/30 12:50:34-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse: amd64 annotations - trivial part # # include/asm-x86_64/i387.h # 2004/05/30 12:50:26-07:00 viro@parcelfarce.linux.theplanet.co.uk +5 -5 # sparse: amd64 annotations - trivial part # # include/asm-x86_64/fpu32.h # 2004/05/30 12:50:18-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse: amd64 annotations - trivial part # # arch/x86_64/kernel/sys_x86_64.c # 2004/05/30 12:49:35-07:00 viro@parcelfarce.linux.theplanet.co.uk +4 -4 # sparse: amd64 annotations - trivial part # # arch/x86_64/kernel/signal.c # 2004/05/30 12:49:35-07:00 viro@parcelfarce.linux.theplanet.co.uk +13 -12 # sparse: amd64 annotations - trivial part # # arch/x86_64/kernel/ptrace.c # 2004/05/30 12:49:35-07:00 viro@parcelfarce.linux.theplanet.co.uk +21 -20 # sparse: amd64 annotations - trivial part # # arch/x86_64/kernel/process.c # 2004/05/30 12:49:35-07:00 viro@parcelfarce.linux.theplanet.co.uk +5 -4 # sparse: amd64 annotations - trivial part # # arch/x86_64/kernel/ldt.c # 2004/05/30 12:49:35-07:00 viro@parcelfarce.linux.theplanet.co.uk +4 -4 # sparse: amd64 annotations - trivial part # # arch/x86_64/kernel/i387.c # 2004/05/30 12:49:35-07:00 viro@parcelfarce.linux.theplanet.co.uk +5 -5 # sparse: amd64 annotations - trivial part # # arch/x86_64/ia32/ptrace32.c # 2004/05/30 12:49:35-07:00 viro@parcelfarce.linux.theplanet.co.uk +16 -14 # sparse: amd64 annotations - trivial part # # arch/x86_64/ia32/ia32_signal.c # 2004/05/30 12:49:35-07:00 viro@parcelfarce.linux.theplanet.co.uk +20 -19 # sparse: amd64 annotations - trivial part # # arch/x86_64/ia32/ia32_ioctl.c # 2004/05/30 12:49:35-07:00 viro@parcelfarce.linux.theplanet.co.uk +5 -5 # sparse: amd64 annotations - trivial part # # arch/x86_64/ia32/fpu32.c # 2004/05/30 12:49:35-07:00 viro@parcelfarce.linux.theplanet.co.uk +8 -8 # sparse: amd64 annotations - trivial part # # ChangeSet # 2004/05/30 20:07:30-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse: amd64 annotation - beginning # # Annotated basic primitives (copy_.._user, get_user, ...). # Functions got __user in prototypes, macros (in uaccess.h) got a # conditional check - see CHECK_UPTR() below. If you have more elegant # way to deal with the macros - please, tell. # # include/asm-x86_64/uaccess.h # 2004/05/30 12:35:49-07:00 viro@parcelfarce.linux.theplanet.co.uk +34 -20 # sparse: amd64 annotation - beginning # # include/asm-x86_64/compat.h # 2004/05/30 12:35:02-07:00 viro@parcelfarce.linux.theplanet.co.uk +4 -4 # sparse: amd64 annotation - beginning # # arch/x86_64/lib/usercopy.c # 2004/05/30 12:37:21-07:00 viro@parcelfarce.linux.theplanet.co.uk +8 -8 # sparse: amd64 annotation - beginning # # arch/x86_64/lib/csum-wrappers.c # 2004/05/30 12:37:12-07:00 viro@parcelfarce.linux.theplanet.co.uk +6 -6 # sparse: amd64 annotation - beginning # # ChangeSet # 2004/05/30 20:07:19-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse: net/* non-ANSI argument lists # # net/ipv6/ip6_flowlabel.c # 2004/05/30 12:13:56-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse: net/* non-ANSI argument lists # # net/ipv4/netfilter/ip_conntrack_core.c # 2004/05/30 12:13:35-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: net/* non-ANSI argument lists # # net/core/netpoll.c # 2004/05/30 12:13:16-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: net/* non-ANSI argument lists # # ChangeSet # 2004/05/30 20:07:08-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse: more net/* annotation # # Annotation of net/* ...copy... that deals with userland pointers + # several bits that fell out of previous patch (trivial annotations) # # net/ipv6/af_inet6.c # 2004/05/30 12:08:58-07:00 viro@parcelfarce.linux.theplanet.co.uk +4 -4 # sparse: more net/* annotation # # net/ipv4/tcp.c # 2004/05/30 12:04:58-07:00 viro@parcelfarce.linux.theplanet.co.uk +3 -3 # sparse: more net/* annotation # # net/core/scm.c # 2004/05/30 12:08:14-07:00 viro@parcelfarce.linux.theplanet.co.uk +8 -6 # sparse: more net/* annotation # # net/core/iovec.c # 2004/05/30 12:08:10-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: more net/* annotation # # net/core/datagram.c # 2004/05/30 12:05:59-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse: more net/* annotation # # include/net/checksum.h # 2004/05/30 12:06:38-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse: more net/* annotation # # include/linux/skbuff.h # 2004/05/30 12:09:46-07:00 viro@parcelfarce.linux.theplanet.co.uk +3 -3 # sparse: more net/* annotation # # ChangeSet # 2004/05/30 20:06:56-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse: trivial part of net/* annotation # # net/unix/af_unix.c # 2004/05/30 11:53:02-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse: trivial part of net/* annotation # # net/sunrpc/sysctl.c # 2004/05/30 11:54:02-07:00 viro@parcelfarce.linux.theplanet.co.uk +10 -9 # sparse: trivial part of net/* annotation # # net/sunrpc/rpc_pipe.c # 2004/05/30 11:53:51-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: trivial part of net/* annotation # # net/sunrpc/cache.c # 2004/05/30 11:53:39-07:00 viro@parcelfarce.linux.theplanet.co.uk +5 -5 # sparse: trivial part of net/* annotation # # net/socket.c # 2004/05/30 11:52:51-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse: trivial part of net/* annotation # # net/packet/af_packet.c # 2004/05/30 11:54:22-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse: trivial part of net/* annotation # # net/ipv6/route.c # 2004/05/30 11:55:16-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse: trivial part of net/* annotation # # net/ipv6/raw.c # 2004/05/30 11:55:02-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse: trivial part of net/* annotation # # net/ipv6/addrconf.c # 2004/05/30 11:54:45-07:00 viro@parcelfarce.linux.theplanet.co.uk +9 -8 # sparse: trivial part of net/* annotation # # net/ipv4/udp.c # 2004/05/30 11:57:26-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse: trivial part of net/* annotation # # net/ipv4/tcp.c # 2004/05/30 11:57:18-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: trivial part of net/* annotation # # net/ipv4/sysctl_net_ipv4.c # 2004/05/30 11:56:35-07:00 viro@parcelfarce.linux.theplanet.co.uk +6 -5 # sparse: trivial part of net/* annotation # # net/ipv4/route.c # 2004/05/30 11:56:26-07:00 viro@parcelfarce.linux.theplanet.co.uk +10 -6 # sparse: trivial part of net/* annotation # # net/ipv4/raw.c # 2004/05/30 11:56:17-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse: trivial part of net/* annotation # # net/ipv4/devinet.c # 2004/05/30 11:56:05-07:00 viro@parcelfarce.linux.theplanet.co.uk +8 -8 # sparse: trivial part of net/* annotation # # net/ipv4/arp.c # 2004/05/30 11:55:45-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: trivial part of net/* annotation # # net/ipv4/af_inet.c # 2004/05/30 11:55:36-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse: trivial part of net/* annotation # # net/compat.c # 2004/05/30 11:52:46-07:00 viro@parcelfarce.linux.theplanet.co.uk +39 -40 # sparse: trivial part of net/* annotation # # include/net/ip6_route.h # 2004/05/30 11:58:39-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: trivial part of net/* annotation # # include/net/ip.h # 2004/05/30 11:58:32-07:00 viro@parcelfarce.linux.theplanet.co.uk +4 -4 # sparse: trivial part of net/* annotation # # include/net/compat.h # 2004/05/30 11:58:25-07:00 viro@parcelfarce.linux.theplanet.co.uk +3 -3 # sparse: trivial part of net/* annotation # # include/net/arp.h # 2004/05/30 11:58:15-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: trivial part of net/* annotation # # include/net/addrconf.h # 2004/05/30 11:58:05-07:00 viro@parcelfarce.linux.theplanet.co.uk +3 -3 # sparse: trivial part of net/* annotation # # include/linux/inetdevice.h # 2004/05/30 11:58:54-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: trivial part of net/* annotation # # ChangeSet # 2004/05/30 20:06:44-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse: missed piece of sock_get_timestamp() annotation # # net/atm/ioctl.c # 2004/05/30 11:49:35-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse: missed piece of sock_get_timestamp() annotation # # ChangeSet # 2004/05/30 20:06:33-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse: dev_ioctl() callers # # dev_ioctl() has a __user pointer argument; however, its declaration # lacks that and callers are also wrong. Declaration fixed, callers updated. # # net/x25/af_x25.c # 2004/05/30 11:37:22-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: dev_ioctl() callers # # net/wanrouter/af_wanpipe.c # 2004/05/30 11:37:38-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: dev_ioctl() callers # # net/unix/af_unix.c # 2004/05/30 11:38:09-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: dev_ioctl() callers # # net/socket.c # 2004/05/30 11:37:11-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse: dev_ioctl() callers # # net/rose/af_rose.c # 2004/05/30 11:38:38-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: dev_ioctl() callers # # net/packet/af_packet.c # 2004/05/30 11:39:15-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: dev_ioctl() callers # # net/netrom/af_netrom.c # 2004/05/30 11:39:44-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: dev_ioctl() callers # # net/llc/af_llc.c # 2004/05/30 11:39:55-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: dev_ioctl() callers # # net/irda/af_irda.c # 2004/05/30 11:40:08-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: dev_ioctl() callers # # net/ipx/af_ipx.c # 2004/05/30 11:40:25-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: dev_ioctl() callers # # net/ipv6/af_inet6.c # 2004/05/30 11:41:25-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: dev_ioctl() callers # # net/ipv4/af_inet.c # 2004/05/30 11:42:07-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: dev_ioctl() callers # # net/econet/af_econet.c # 2004/05/30 11:42:44-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: dev_ioctl() callers # # net/decnet/af_decnet.c # 2004/05/30 11:42:55-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: dev_ioctl() callers # # net/ax25/af_ax25.c # 2004/05/30 11:43:08-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: dev_ioctl() callers # # net/appletalk/ddp.c # 2004/05/30 11:43:32-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: dev_ioctl() callers # # include/linux/netdevice.h # 2004/05/30 11:44:27-07:00 viro@parcelfarce.linux.theplanet.co.uk +1 -1 # sparse: dev_ioctl() callers # # ChangeSet # 2004/05/30 20:06:21-07:00 viro@parcelfarce.linux.theplanet.co.uk # [PATCH] sparse: missed setsockopt wrappers # # Here's the tail of setsockopt I've missed - for old protocol families we # have wrappers around those methods. # # include/linux/net.h # 2004/05/30 11:20:58-07:00 viro@parcelfarce.linux.theplanet.co.uk +2 -2 # sparse: missed setsockopt wrappers # # ChangeSet # 2004/05/30 20:01:28-07:00 ak@suse.de # [PATCH] Fix compilation on x86-64 # # I managed to break compilation with my last patch with a last minute edit. # # arch/x86_64/mm/pageattr.c # 2004/05/30 16:08:38-07:00 ak@suse.de +0 -1 # Fix compilation on x86-64 # # ChangeSet # 2004/05/30 19:12:54-07:00 davem@nuts.davemloft.net # [PKT_SCHED]: Missing rta_len init in sch_delay. # # net/sched/sch_delay.c # 2004/05/30 19:12:33-07:00 davem@nuts.davemloft.net +1 -0 # [PKT_SCHED]: Missing rta_len init in sch_delay. # # ChangeSet # 2004/05/30 17:43:22-07:00 davem@nuts.davemloft.net # [SPARC]: Do tty_flip_buffer_push outside of port lock. # # drivers/serial/sunzilog.c # 2004/05/30 17:43:04-07:00 davem@nuts.davemloft.net +16 -7 # [SPARC]: Do tty_flip_buffer_push outside of port lock. # # drivers/serial/sunsu.c # 2004/05/30 17:43:04-07:00 davem@nuts.davemloft.net +16 -4 # [SPARC]: Do tty_flip_buffer_push outside of port lock. # # drivers/serial/sunsab.c # 2004/05/30 17:43:04-07:00 davem@nuts.davemloft.net +19 -10 # [SPARC]: Do tty_flip_buffer_push outside of port lock. # # ChangeSet # 2004/05/30 17:39:32-07:00 davem@nuts.davemloft.net # [SPARC64]: Update defconfig. # # arch/sparc64/defconfig # 2004/05/30 17:39:15-07:00 davem@nuts.davemloft.net +4 -5 # [SPARC64]: Update defconfig. # # ChangeSet # 2004/05/30 12:50:19-07:00 torvalds@ppc970.osdl.org # ppc64: use "ASM_CONST()" to give proper C type to constants # that can also be used in assembly language context. # # This one fixes the common CPU_FTR_COHERENT_ICACHE warning in # asm/cacheflush.h. # # include/asm-ppc64/page.h # 2004/05/30 12:50:14-07:00 torvalds@ppc970.osdl.org +2 -1 # ppc64: use "ASM_CONST()" to give proper C type to constants # that can also be used in assembly language context. # # include/asm-ppc64/cacheflush.h # 2004/05/30 12:50:14-07:00 torvalds@ppc970.osdl.org +1 -1 # ppc64: use "ASM_CONST()" to give proper C type to constants # that can also be used in assembly language context. # # ChangeSet # 2004/05/30 11:55:25-07:00 ak@suse.de # [PATCH] Really fix empty node 0 on x86-64 # # x86-64 shares some numa code with i386, and that didn't handle holes in # the node map properly. Fix this. # # include/asm-i386/cpu.h # 2004/05/23 06:42:44-07:00 ak@suse.de +2 -4 # Really fix empty node 0 on x86-64 # # arch/i386/mach-default/topology.c # 2004/05/18 11:00:04-07:00 ak@suse.de +4 -2 # Really fix empty node 0 on x86-64 # # ChangeSet # 2004/05/30 11:55:13-07:00 ak@suse.de # [PATCH] x86-64 update # # Add accumulated bug fixes for x86-64 and some minor cleanups. # # - Add ptep_set_access_flags from i386 # - Change memory text mapping to 10MB from 40MB to make alias window # smaller # - Disable change_page_attr for kernel mapoing for now (wrong, but the # other code also doesn't work) # - Add .bss.page_aligned and align interrupt/exception stacks (idea from # Matt Mackall) # - Protect sysenter MSR setup against missing registers. # - Set mce tolerance level to 1 (panic instead of deadlock) # - Fix cross 4GB bug in find_first_bit (Michael Matz) # - Add missing memory clobbers in bitops.h (Suresh B. Siddha) # - Check kernel size at boot up # - Set boot cpu online at boot to fix early printk # - Fix EFER bit definitions (Dave Jones) # - Fix comments in 32bit syscall table. # - Quieten all 32bit syscalls that are unimplemented in 32bit. # - Various MCE fixes suggested by Eric Morton, David Boles et.al. # More to come. # - Quieten some printks # - Fix cpu online check in msr driver # - Lower polling interval for machine checks to 5 minutes to avoid # overrunning the registers. # - Make memcpy_{from,to}io more compatible with i386 (Roland Dreier) # # arch/x86_64/kernel/Makefile-HEAD # 2004/05/23 16:18:04-07:00 ak@suse.de +38 -0 # x86-64 update # # include/asm-x86_64/pgtable.h # 2004/05/30 08:07:16-07:00 ak@suse.de +14 -0 # x86-64 update # # include/asm-x86_64/page.h # 2004/05/30 06:56:53-07:00 ak@suse.de +1 -1 # x86-64 update # # include/asm-x86_64/msr.h # 2004/05/25 08:39:30-07:00 ak@suse.de +2 -2 # x86-64 update # # include/asm-x86_64/io.h # 2004/05/17 14:12:13-07:00 ak@suse.de +7 -2 # x86-64 update # # include/asm-x86_64/ia32_unistd.h # 2004/05/23 07:25:41-07:00 ak@suse.de +2 -1 # x86-64 update # # include/asm-x86_64/bitops.h # 2004/05/27 10:18:23-07:00 ak@suse.de +3 -4 # x86-64 update # # arch/x86_64/mm/pageattr.c # 2004/05/30 11:35:44-07:00 ak@suse.de +5 -4 # x86-64 update # # arch/x86_64/mm/init.c # 2004/05/18 10:59:32-07:00 ak@suse.de +1 -3 # x86-64 update # # arch/x86_64/lib/io.c # 2004/05/17 14:12:13-07:00 ak@suse.de +6 -4 # x86-64 update # # arch/x86_64/lib/Makefile # 2004/05/17 14:12:13-07:00 ak@suse.de +3 -1 # x86-64 update # # arch/x86_64/kernel/x8664_ksyms.c # 2004/05/17 14:12:13-07:00 ak@suse.de +0 -3 # x86-64 update # # arch/x86_64/kernel/vmlinux.lds.S # 2004/05/30 04:33:25-07:00 ak@suse.de +3 -2 # x86-64 update # # arch/x86_64/kernel/smpboot.c # 2004/05/30 04:37:23-07:00 ak@suse.de +6 -4 # x86-64 update # # arch/x86_64/kernel/setup64.c # 2004/05/30 04:34:53-07:00 ak@suse.de +3 -2 # x86-64 update # # arch/x86_64/kernel/setup.c # 2004/05/30 04:37:23-07:00 ak@suse.de +2 -2 # x86-64 update # # arch/x86_64/kernel/msr.c # 2004/05/30 07:32:49-07:00 ak@suse.de +1 -1 # x86-64 update # # arch/x86_64/kernel/mpparse.c # 2004/05/21 09:50:37-07:00 ak@suse.de +5 -1 # x86-64 update # # arch/x86_64/kernel/mce.c # 2004/05/30 07:32:49-07:00 ak@suse.de +23 -8 # x86-64 update # # arch/x86_64/kernel/head64.c # 2004/05/27 09:34:10-07:00 ak@suse.de +9 -0 # x86-64 update # # arch/x86_64/kernel/head.S # 2004/05/30 06:59:46-07:00 ak@suse.de +3 -16 # x86-64 update # # arch/x86_64/kernel/acpi/sleep.c # 2004/05/21 09:51:11-07:00 ak@suse.de +1 -1 # x86-64 update # # arch/x86_64/kernel/Makefile-HEAD # 2004/05/23 16:18:04-07:00 ak@suse.de +0 -0 # BitKeeper file /home/torvalds/v2.6/linux/arch/x86_64/kernel/Makefile-HEAD # # arch/x86_64/ia32/syscall32.c # 2004/05/29 05:29:55-07:00 ak@suse.de +3 -3 # x86-64 update # # arch/x86_64/ia32/ia32entry.S # 2004/05/30 10:55:21-07:00 ak@suse.de +31 -30 # x86-64 update # # arch/x86_64/ia32/ia32_signal.c # 2004/05/23 15:29:24-07:00 ak@suse.de +2 -3 # x86-64 update # # ChangeSet # 2004/05/30 11:47:20-07:00 torvalds@ppc970.osdl.org # ppc64: fix untyped large constants so that they don't cause # sparse to warn about implicit typing. # # include/asm-ppc64/iSeries/HvCallSc.h # 2004/05/30 11:47:15-07:00 torvalds@ppc970.osdl.org +8 -8 # ppc64: fix untyped large constants so that they don't cause # sparse to warn about implicit typing. # # ChangeSet # 2004/05/30 11:10:51-07:00 torvalds@ppc970.osdl.org # Add __user annotations to sock_get_timestamp() # # net/x25/af_x25.c # 2004/05/30 11:10:46-07:00 torvalds@ppc970.osdl.org +1 -1 # Add __user annotations to sock_get_timestamp() # # net/wanrouter/af_wanpipe.c # 2004/05/30 11:10:46-07:00 torvalds@ppc970.osdl.org +1 -1 # Add __user annotations to sock_get_timestamp() # # net/rose/af_rose.c # 2004/05/30 11:10:45-07:00 torvalds@ppc970.osdl.org +1 -1 # Add __user annotations to sock_get_timestamp() # # net/packet/af_packet.c # 2004/05/30 11:10:45-07:00 torvalds@ppc970.osdl.org +1 -1 # Add __user annotations to sock_get_timestamp() # # net/netrom/af_netrom.c # 2004/05/30 11:10:45-07:00 torvalds@ppc970.osdl.org +1 -1 # Add __user annotations to sock_get_timestamp() # # net/irda/af_irda.c # 2004/05/30 11:10:45-07:00 torvalds@ppc970.osdl.org +1 -1 # Add __user annotations to sock_get_timestamp() # # net/ipx/af_ipx.c # 2004/05/30 11:10:45-07:00 torvalds@ppc970.osdl.org +1 -1 # Add __user annotations to sock_get_timestamp() # # net/ipv6/af_inet6.c # 2004/05/30 11:10:45-07:00 torvalds@ppc970.osdl.org +1 -1 # Add __user annotations to sock_get_timestamp() # # net/ipv4/af_inet.c # 2004/05/30 11:10:45-07:00 torvalds@ppc970.osdl.org +1 -1 # Add __user annotations to sock_get_timestamp() # # net/econet/af_econet.c # 2004/05/30 11:10:45-07:00 torvalds@ppc970.osdl.org +1 -1 # Add __user annotations to sock_get_timestamp() # # net/core/sock.c # 2004/05/30 11:10:45-07:00 torvalds@ppc970.osdl.org +1 -1 # Add __user annotations to sock_get_timestamp() # # net/ax25/af_ax25.c # 2004/05/30 11:10:45-07:00 torvalds@ppc970.osdl.org +1 -1 # Add __user annotations to sock_get_timestamp() # # net/appletalk/ddp.c # 2004/05/30 11:10:45-07:00 torvalds@ppc970.osdl.org +1 -1 # Add __user annotations to sock_get_timestamp() # # include/net/sock.h # 2004/05/30 11:10:45-07:00 torvalds@ppc970.osdl.org +1 -1 # Add __user annotations to sock_get_timestamp() # # ChangeSet # 2004/05/30 10:32:16-07:00 pepe@attika.ath.cx # [PATCH] make vram boot option actually work # # The following patch makes the vram boot option actually be recognized # and its value assigned to the vram variable. # # Signed-off-by: Linus Torvalds # # drivers/video/vesafb.c # 2004/05/30 09:43:18-07:00 pepe@attika.ath.cx +1 -1 # make vram boot option actually work # # ChangeSet # 2004/05/30 14:40:37+01:00 rmk@flint.arm.linux.org.uk # [ARM] Add two more missing __user annotations for sparse. # # arch/arm/kernel/signal.c # 2004/05/30 14:38:17+01:00 rmk@flint.arm.linux.org.uk +2 -2 # Add missing __user annotation for accessing user stack. # # arch/arm/kernel/ptrace.c # 2004/05/30 14:38:17+01:00 rmk@flint.arm.linux.org.uk +1 -1 # Add missing __user annotation for PTRACE_PEEK{TEXT,DATA} # diff -Nru a/arch/alpha/kernel/core_cia.c b/arch/alpha/kernel/core_cia.c --- a/arch/alpha/kernel/core_cia.c 2004-05-31 15:58:34 -07:00 +++ b/arch/alpha/kernel/core_cia.c 2004-05-31 15:58:34 -07:00 @@ -762,7 +762,7 @@ *(vip)CIA_IOC_PCI_W3_MASK = 0xfff00000; *(vip)CIA_IOC_PCI_T3_BASE = 0 >> 2; - alpha_mv.pci_dac_offset = 0x200000000; + alpha_mv.pci_dac_offset = 0x200000000UL; *(vip)CIA_IOC_PCI_W_DAC = alpha_mv.pci_dac_offset >> 32; } diff -Nru a/arch/alpha/kernel/core_irongate.c b/arch/alpha/kernel/core_irongate.c --- a/arch/alpha/kernel/core_irongate.c 2004-05-31 15:58:34 -07:00 +++ b/arch/alpha/kernel/core_irongate.c 2004-05-31 15:58:34 -07:00 @@ -287,9 +287,9 @@ hose->sparse_mem_base = 0; hose->sparse_io_base = 0; hose->dense_mem_base - = (IRONGATE_MEM & 0xffffffffff) | 0x80000000000; + = (IRONGATE_MEM & 0xffffffffffUL) | 0x80000000000UL; hose->dense_io_base - = (IRONGATE_IO & 0xffffffffff) | 0x80000000000; + = (IRONGATE_IO & 0xffffffffffUL) | 0x80000000000UL; hose->sg_isa = hose->sg_pci = NULL; __direct_map_base = 0; diff -Nru a/arch/alpha/kernel/core_marvel.c b/arch/alpha/kernel/core_marvel.c --- a/arch/alpha/kernel/core_marvel.c 2004-05-31 15:58:34 -07:00 +++ b/arch/alpha/kernel/core_marvel.c 2004-05-31 15:58:34 -07:00 @@ -718,7 +718,7 @@ if (((long)addr >> 41) == -2) return; /* kseg map, nothing to do */ if (addr) - return vfree((void *)(PAGE_MASK & addr)); + vfree((void *)(PAGE_MASK & addr)); } #ifndef CONFIG_ALPHA_GENERIC diff -Nru a/arch/alpha/kernel/core_titan.c b/arch/alpha/kernel/core_titan.c --- a/arch/alpha/kernel/core_titan.c 2004-05-31 15:58:34 -07:00 +++ b/arch/alpha/kernel/core_titan.c 2004-05-31 15:58:34 -07:00 @@ -258,9 +258,9 @@ hose->sparse_mem_base = 0; hose->sparse_io_base = 0; hose->dense_mem_base - = (TITAN_MEM(index) & 0xffffffffff) | 0x80000000000; + = (TITAN_MEM(index) & 0xffffffffffUL) | 0x80000000000UL; hose->dense_io_base - = (TITAN_IO(index) & 0xffffffffff) | 0x80000000000; + = (TITAN_IO(index) & 0xffffffffffUL) | 0x80000000000UL; hose->config_space_base = TITAN_CONF(index); hose->index = index; diff -Nru a/arch/alpha/kernel/core_wildfire.c b/arch/alpha/kernel/core_wildfire.c --- a/arch/alpha/kernel/core_wildfire.c 2004-05-31 15:58:34 -07:00 +++ b/arch/alpha/kernel/core_wildfire.c 2004-05-31 15:58:34 -07:00 @@ -285,8 +285,8 @@ fe = WILDFIRE_fe(soft_qbb, i); if ((iop->iop_hose[i].init.csr & 1) == 1 && - ((ne->ne_what_am_i.csr & 0xf00000300) == 0x100000300) && - ((fe->fe_what_am_i.csr & 0xf00000300) == 0x100000200)) + ((ne->ne_what_am_i.csr & 0xf00000300UL) == 0x100000300UL) && + ((fe->fe_what_am_i.csr & 0xf00000300UL) == 0x100000200UL)) { wildfire_pca_mask |= 1 << ((soft_qbb << 2) + i); } diff -Nru a/arch/alpha/kernel/err_marvel.c b/arch/alpha/kernel/err_marvel.c --- a/arch/alpha/kernel/err_marvel.c 2004-05-31 15:58:34 -07:00 +++ b/arch/alpha/kernel/err_marvel.c 2004-05-31 15:58:34 -07:00 @@ -1077,7 +1077,8 @@ default: /* Don't know it - pass it up. */ - return ev7_machine_check(vector, la_ptr, regs); + ev7_machine_check(vector, la_ptr, regs); + return; } /* diff -Nru a/arch/alpha/kernel/err_titan.c b/arch/alpha/kernel/err_titan.c --- a/arch/alpha/kernel/err_titan.c 2004-05-31 15:58:34 -07:00 +++ b/arch/alpha/kernel/err_titan.c 2004-05-31 15:58:34 -07:00 @@ -407,8 +407,10 @@ /* * Only handle system errors here */ - if ((vector != SCB_Q_SYSMCHK) && (vector != SCB_Q_SYSERR)) - return ev6_machine_check(vector, la_ptr, regs); + if ((vector != SCB_Q_SYSMCHK) && (vector != SCB_Q_SYSERR)) { + ev6_machine_check(vector, la_ptr, regs); + return; + } /* * It's a system error, handle it here diff -Nru a/arch/alpha/kernel/machvec_impl.h b/arch/alpha/kernel/machvec_impl.h --- a/arch/alpha/kernel/machvec_impl.h 2004-05-31 15:58:34 -07:00 +++ b/arch/alpha/kernel/machvec_impl.h 2004-05-31 15:58:34 -07:00 @@ -20,10 +20,10 @@ #define TITAN_HAE_ADDRESS (&alpha_mv.hae_cache) #define WILDFIRE_HAE_ADDRESS (&alpha_mv.hae_cache) -#if CIA_ONE_HAE_WINDOW +#ifdef CIA_ONE_HAE_WINDOW #define CIA_HAE_ADDRESS (&alpha_mv.hae_cache) #endif -#if MCPCIA_ONE_HAE_WINDOW +#ifdef MCPCIA_ONE_HAE_WINDOW #define MCPCIA_HAE_ADDRESS (&alpha_mv.hae_cache) #endif diff -Nru a/arch/alpha/kernel/osf_sys.c b/arch/alpha/kernel/osf_sys.c --- a/arch/alpha/kernel/osf_sys.c 2004-05-31 15:58:34 -07:00 +++ b/arch/alpha/kernel/osf_sys.c 2004-05-31 15:58:34 -07:00 @@ -91,7 +91,7 @@ * braindamage (it can't really handle filesystems where the directory * offset differences aren't the same as "d_reclen"). */ -#define NAME_OFFSET(de) ((int) ((de)->d_name - (char *) (de))) +#define NAME_OFFSET(de) ((int) ((de)->d_name - (char __user *) (de))) #define ROUND_UP(x) (((x)+3) & ~3) struct osf_dirent { @@ -102,8 +102,8 @@ }; struct osf_dirent_callback { - struct osf_dirent *dirent; - long *basep; + struct osf_dirent __user *dirent; + long __user *basep; unsigned int count; int error; }; @@ -112,7 +112,7 @@ osf_filldir(void *__buf, const char *name, int namlen, loff_t offset, ino_t ino, unsigned int d_type) { - struct osf_dirent *dirent; + struct osf_dirent __user *dirent; struct osf_dirent_callback *buf = (struct osf_dirent_callback *) __buf; unsigned int reclen = ROUND_UP(NAME_OFFSET(dirent) + namlen + 1); @@ -131,15 +131,15 @@ if (copy_to_user(dirent->d_name, name, namlen) || put_user(0, dirent->d_name + namlen)) return -EFAULT; - dirent = (void *)dirent + reclen; + dirent = (void __user *)dirent + reclen; buf->dirent = dirent; buf->count -= reclen; return 0; } asmlinkage int -osf_getdirentries(unsigned int fd, struct osf_dirent *dirent, - unsigned int count, long *basep) +osf_getdirentries(unsigned int fd, struct osf_dirent __user *dirent, + unsigned int count, long __user *basep) { int error; struct file *file; @@ -215,10 +215,10 @@ int f_files; int f_ffree; __kernel_fsid_t f_fsid; -} *osf_stat; +}; static int -linux_to_osf_statfs(struct kstatfs *linux_stat, struct osf_statfs *osf_stat, +linux_to_osf_statfs(struct kstatfs *linux_stat, struct osf_statfs __user *osf_stat, unsigned long bufsiz) { struct osf_statfs tmp_stat; @@ -239,7 +239,7 @@ } static int -do_osf_statfs(struct dentry * dentry, struct osf_statfs *buffer, +do_osf_statfs(struct dentry * dentry, struct osf_statfs __user *buffer, unsigned long bufsiz) { struct kstatfs linux_stat; @@ -250,7 +250,7 @@ } asmlinkage int -osf_statfs(char *path, struct osf_statfs *buffer, unsigned long bufsiz) +osf_statfs(char __user *path, struct osf_statfs __user *buffer, unsigned long bufsiz) { struct nameidata nd; int retval; @@ -264,7 +264,7 @@ } asmlinkage int -osf_fstatfs(unsigned long fd, struct osf_statfs *buffer, unsigned long bufsiz) +osf_fstatfs(unsigned long fd, struct osf_statfs __user *buffer, unsigned long bufsiz) { struct file *file; int retval; @@ -284,13 +284,13 @@ * Although to be frank, neither are the native Linux/i386 ones.. */ struct ufs_args { - char *devname; + char __user *devname; int flags; uid_t exroot; }; struct cdfs_args { - char *devname; + char __user *devname; int flags; uid_t exroot; @@ -299,7 +299,7 @@ }; struct procfs_args { - char *devname; + char __user *devname; int flags; uid_t exroot; }; @@ -313,7 +313,7 @@ * unhappy with OSF UFS. [CHECKME] */ static int -osf_ufs_mount(char *dirname, struct ufs_args *args, int flags) +osf_ufs_mount(char *dirname, struct ufs_args __user *args, int flags) { int retval; struct cdfs_args tmp; @@ -333,7 +333,7 @@ } static int -osf_cdfs_mount(char *dirname, struct cdfs_args *args, int flags) +osf_cdfs_mount(char *dirname, struct cdfs_args __user *args, int flags) { int retval; struct cdfs_args tmp; @@ -353,7 +353,7 @@ } static int -osf_procfs_mount(char *dirname, struct procfs_args *args, int flags) +osf_procfs_mount(char *dirname, struct procfs_args __user *args, int flags) { struct procfs_args tmp; @@ -364,7 +364,7 @@ } asmlinkage int -osf_mount(unsigned long typenr, char *path, int flag, void *data) +osf_mount(unsigned long typenr, char __user *path, int flag, void __user *data) { int retval = -EINVAL; char *name; @@ -377,13 +377,13 @@ goto out; switch (typenr) { case 1: - retval = osf_ufs_mount(name, (struct ufs_args *) data, flag); + retval = osf_ufs_mount(name, data, flag); break; case 6: - retval = osf_cdfs_mount(name, (struct cdfs_args *) data, flag); + retval = osf_cdfs_mount(name, data, flag); break; case 9: - retval = osf_procfs_mount(name, (struct procfs_args *) data, flag); + retval = osf_procfs_mount(name, data, flag); break; default: printk("osf_mount(%ld, %x)\n", typenr, flag); @@ -395,7 +395,7 @@ } asmlinkage int -osf_utsname(char *name) +osf_utsname(char __user *name) { int error; @@ -434,7 +434,7 @@ * For compatibility with OSF/1 only. Use utsname(2) instead. */ asmlinkage int -osf_getdomainname(char *name, int namelen) +osf_getdomainname(char __user *name, int namelen) { unsigned len; int i, error; @@ -459,7 +459,7 @@ } asmlinkage long -osf_shmat(int shmid, void *shmaddr, int shmflg) +osf_shmat(int shmid, void __user *shmaddr, int shmflg) { unsigned long raddr; long err; @@ -497,39 +497,39 @@ union pl_args { struct setargs { - char *path; + char __user *path; long follow; long nbytes; - char *buf; + char __user *buf; } set; struct fsetargs { long fd; long nbytes; - char *buf; + char __user *buf; } fset; struct getargs { - char *path; + char __user *path; long follow; - struct proplistname_args *name_args; + struct proplistname_args __user *name_args; long nbytes; - char *buf; - int *min_buf_size; + char __user *buf; + int __user *min_buf_size; } get; struct fgetargs { long fd; - struct proplistname_args *name_args; + struct proplistname_args __user *name_args; long nbytes; - char *buf; - int *min_buf_size; + char __user *buf; + int __user *min_buf_size; } fget; struct delargs { - char *path; + char __user *path; long follow; - struct proplistname_args *name_args; + struct proplistname_args __user *name_args; } del; struct fdelargs { long fd; - struct proplistname_args *name_args; + struct proplistname_args __user *name_args; } fdel; }; @@ -540,24 +540,20 @@ }; asmlinkage long -osf_proplist_syscall(enum pl_code code, union pl_args *args) +osf_proplist_syscall(enum pl_code code, union pl_args __user *args) { long error; - int *min_buf_size_ptr; + int __user *min_buf_size_ptr; lock_kernel(); switch (code) { case PL_SET: - error = verify_area(VERIFY_READ, &args->set.nbytes, - sizeof(args->set.nbytes)); - if (!error) - error = args->set.nbytes; + if (get_user(error, &args->set.nbytes)) + error = -EFAULT; break; case PL_FSET: - error = verify_area(VERIFY_READ, &args->fset.nbytes, - sizeof(args->fset.nbytes)); - if (!error) - error = args->fset.nbytes; + if (get_user(error, &args->fset.nbytes)) + error = -EFAULT; break; case PL_GET: error = get_user(min_buf_size_ptr, &args->get.min_buf_size); @@ -584,7 +580,7 @@ } asmlinkage int -osf_sigstack(struct sigstack *uss, struct sigstack *uoss) +osf_sigstack(struct sigstack __user *uss, struct sigstack __user *uoss) { unsigned long usp = rdusp(); unsigned long oss_sp = current->sas_ss_sp + current->sas_ss_size; @@ -625,7 +621,7 @@ } asmlinkage long -osf_sysinfo(int command, char *buf, long count) +osf_sysinfo(int command, char __user *buf, long count) { static char * sysinfo_table[] = { system_utsname.sysname, @@ -664,8 +660,8 @@ } asmlinkage unsigned long -osf_getsysinfo(unsigned long op, void *buffer, unsigned long nbytes, - int *start, void *arg) +osf_getsysinfo(unsigned long op, void __user *buffer, unsigned long nbytes, + int __user *start, void __user *arg) { unsigned long w; struct percpu_struct *cpu; @@ -677,7 +673,7 @@ w = current_thread_info()->ieee_state & IEEE_SW_MASK; w = swcr_update_status(w, rdfpcr()); - if (put_user(w, (unsigned long *) buffer)) + if (put_user(w, (unsigned long __user *) buffer)) return -EFAULT; return 0; @@ -693,7 +689,7 @@ if (nbytes < sizeof(unsigned int)) return -EINVAL; w = (current_thread_info()->flags >> UAC_SHIFT) & UAC_BITMASK; - if (put_user(w, (unsigned int *)buffer)) + if (put_user(w, (unsigned int __user *)buffer)) return -EFAULT; return 1; @@ -703,7 +699,7 @@ cpu = (struct percpu_struct*) ((char*)hwrpb + hwrpb->processor_offset); w = cpu->type; - if (put_user(w, (unsigned long *)buffer)) + if (put_user(w, (unsigned long __user*)buffer)) return -EFAULT; return 1; @@ -722,8 +718,8 @@ } asmlinkage unsigned long -osf_setsysinfo(unsigned long op, void *buffer, unsigned long nbytes, - int *start, void *arg) +osf_setsysinfo(unsigned long op, void __user *buffer, unsigned long nbytes, + int __user *start, void __user *arg) { switch (op) { case SSI_IEEE_FP_CONTROL: { @@ -737,7 +733,7 @@ */ /* Update softare trap enable bits. */ - if (get_user(swcr, (unsigned long *)buffer)) + if (get_user(swcr, (unsigned long __user *)buffer)) return -EFAULT; current_thread_info()->ieee_state = ((current_thread_info()->ieee_state & ~IEEE_SW_MASK) @@ -788,9 +784,9 @@ for (i = 0; i < nbytes; ++i) { - if (get_user(v, 2*i + (unsigned int *)buffer)) + if (get_user(v, 2*i + (unsigned int __user *)buffer)) return -EFAULT; - if (get_user(w, 2*i + 1 + (unsigned int *)buffer)) + if (get_user(w, 2*i + 1 + (unsigned int __user *)buffer)) return -EFAULT; switch (v) { case SSIN_UACPROC: @@ -835,7 +831,7 @@ }; static inline long -get_tv32(struct timeval *o, struct timeval32 *i) +get_tv32(struct timeval *o, struct timeval32 __user *i) { return (!access_ok(VERIFY_READ, i, sizeof(*i)) || (__get_user(o->tv_sec, &i->tv_sec) | @@ -843,7 +839,7 @@ } static inline long -put_tv32(struct timeval32 *o, struct timeval *i) +put_tv32(struct timeval32 __user *o, struct timeval *i) { return (!access_ok(VERIFY_WRITE, o, sizeof(*o)) || (__put_user(i->tv_sec, &o->tv_sec) | @@ -851,7 +847,7 @@ } static inline long -get_it32(struct itimerval *o, struct itimerval32 *i) +get_it32(struct itimerval *o, struct itimerval32 __user *i) { return (!access_ok(VERIFY_READ, i, sizeof(*i)) || (__get_user(o->it_interval.tv_sec, &i->it_interval.tv_sec) | @@ -861,7 +857,7 @@ } static inline long -put_it32(struct itimerval32 *o, struct itimerval *i) +put_it32(struct itimerval32 __user *o, struct itimerval *i) { return (!access_ok(VERIFY_WRITE, o, sizeof(*o)) || (__put_user(i->it_interval.tv_sec, &o->it_interval.tv_sec) | @@ -878,7 +874,7 @@ } asmlinkage int -osf_gettimeofday(struct timeval32 *tv, struct timezone *tz) +osf_gettimeofday(struct timeval32 __user *tv, struct timezone __user *tz) { if (tv) { struct timeval ktv; @@ -894,7 +890,7 @@ } asmlinkage int -osf_settimeofday(struct timeval32 *tv, struct timezone *tz) +osf_settimeofday(struct timeval32 __user *tv, struct timezone __user *tz) { struct timespec kts; struct timezone ktz; @@ -914,7 +910,7 @@ } asmlinkage int -osf_getitimer(int which, struct itimerval32 *it) +osf_getitimer(int which, struct itimerval32 __user *it) { struct itimerval kit; int error; @@ -927,7 +923,7 @@ } asmlinkage int -osf_setitimer(int which, struct itimerval32 *in, struct itimerval32 *out) +osf_setitimer(int which, struct itimerval32 __user *in, struct itimerval32 __user *out) { struct itimerval kin, kout; int error; @@ -950,16 +946,9 @@ } asmlinkage int -osf_utimes(const char *filename, struct timeval32 *tvs) +osf_utimes(char __user *filename, struct timeval32 __user *tvs) { - char *kfilename; struct timeval ktvs[2]; - mm_segment_t old_fs; - int ret; - - kfilename = getname(filename); - if (IS_ERR(kfilename)) - return PTR_ERR(kfilename); if (tvs) { if (get_tv32(&ktvs[0], &tvs[0]) || @@ -967,22 +956,15 @@ return -EFAULT; } - old_fs = get_fs(); - set_fs(KERNEL_DS); - ret = sys_utimes(kfilename, tvs ? ktvs : 0); - set_fs(old_fs); - - putname(kfilename); - - return ret; + return do_utimes(filename, tvs ? ktvs : 0); } #define MAX_SELECT_SECONDS \ ((unsigned long) (MAX_SCHEDULE_TIMEOUT / HZ)-1) asmlinkage int -osf_select(int n, fd_set *inp, fd_set *outp, fd_set *exp, - struct timeval32 *tvp) +osf_select(int n, fd_set __user *inp, fd_set __user *outp, fd_set __user *exp, + struct timeval32 __user *tvp) { fd_set_bits fds; char *bits; @@ -1081,7 +1063,7 @@ }; asmlinkage int -osf_getrusage(int who, struct rusage32 *ru) +osf_getrusage(int who, struct rusage32 __user *ru) { struct rusage32 r; @@ -1116,7 +1098,7 @@ } asmlinkage int -osf_wait4(pid_t pid, int *ustatus, int options, struct rusage32 *ur) +osf_wait4(pid_t pid, int __user *ustatus, int options, struct rusage32 __user *ur) { if (!ur) { return sys_wait4(pid, ustatus, options, NULL); @@ -1163,7 +1145,7 @@ * one is the time remaining.. Ho humm.. No documentation. */ asmlinkage int -osf_usleep_thread(struct timeval32 *sleep, struct timeval32 *remain) +osf_usleep_thread(struct timeval32 __user *sleep, struct timeval32 __user *remain) { struct timeval tmp; unsigned long ticks; @@ -1221,7 +1203,7 @@ }; asmlinkage int -sys_old_adjtimex(struct timex32 *txc_p) +sys_old_adjtimex(struct timex32 __user *txc_p) { struct timex txc; int ret; @@ -1316,12 +1298,12 @@ compatibility with old versions of OSF/1 where iov_len was defined as int. */ static int -osf_fix_iov_len(const struct iovec *iov, unsigned long count) +osf_fix_iov_len(const struct iovec __user *iov, unsigned long count) { unsigned long i; for (i = 0 ; i < count ; i++) { - int *iov_len_high = (int *)&iov[i].iov_len + 1; + int *iov_len_high = (int __user *)&iov[i].iov_len + 1; if (put_user(0, iov_len_high)) return -EFAULT; @@ -1330,7 +1312,7 @@ } asmlinkage ssize_t -osf_readv(unsigned long fd, const struct iovec * vector, unsigned long count) +osf_readv(unsigned long fd, const struct iovec __user * vector, unsigned long count) { if (unlikely(personality(current->personality) == PER_OSF4)) if (osf_fix_iov_len(vector, count)) @@ -1339,7 +1321,7 @@ } asmlinkage ssize_t -osf_writev(unsigned long fd, const struct iovec * vector, unsigned long count) +osf_writev(unsigned long fd, const struct iovec __user * vector, unsigned long count) { if (unlikely(personality(current->personality) == PER_OSF4)) if (osf_fix_iov_len(vector, count)) diff -Nru a/arch/alpha/kernel/process.c b/arch/alpha/kernel/process.c --- a/arch/alpha/kernel/process.c 2004-05-31 15:58:34 -07:00 +++ b/arch/alpha/kernel/process.c 2004-05-31 15:58:34 -07:00 @@ -239,8 +239,9 @@ * with parameters (SIGCHLD, 0). */ int -alpha_clone(unsigned long clone_flags, unsigned long usp, int *parent_tid, - int *child_tid, unsigned long tls_value, struct pt_regs *regs) +alpha_clone(unsigned long clone_flags, unsigned long usp, + int __user *parent_tid, int __user *child_tid, + unsigned long tls_value, struct pt_regs *regs) { if (!usp) usp = rdusp(); @@ -464,7 +465,8 @@ * Don't do this at home. */ asmlinkage int -sys_execve(char *ufilename, char **argv, char **envp, +sys_execve(char __user *ufilename, char __user * __user *argv, + char __user * __user *envp, unsigned long a3, unsigned long a4, unsigned long a5, struct pt_regs regs) { diff -Nru a/arch/alpha/kernel/semaphore.c b/arch/alpha/kernel/semaphore.c --- a/arch/alpha/kernel/semaphore.c 2004-05-31 15:58:34 -07:00 +++ b/arch/alpha/kernel/semaphore.c 2004-05-31 15:58:34 -07:00 @@ -163,7 +163,7 @@ void __sched down(struct semaphore *sem) { -#if WAITQUEUE_DEBUG +#ifdef WAITQUEUE_DEBUG CHECK_MAGIC(sem->__magic); #endif #ifdef CONFIG_DEBUG_SEMAPHORE @@ -177,7 +177,7 @@ int __sched down_interruptible(struct semaphore *sem) { -#if WAITQUEUE_DEBUG +#ifdef WAITQUEUE_DEBUG CHECK_MAGIC(sem->__magic); #endif #ifdef CONFIG_DEBUG_SEMAPHORE @@ -193,7 +193,7 @@ { int ret; -#if WAITQUEUE_DEBUG +#ifdef WAITQUEUE_DEBUG CHECK_MAGIC(sem->__magic); #endif @@ -212,7 +212,7 @@ void up(struct semaphore *sem) { -#if WAITQUEUE_DEBUG +#ifdef WAITQUEUE_DEBUG CHECK_MAGIC(sem->__magic); #endif #ifdef CONFIG_DEBUG_SEMAPHORE diff -Nru a/arch/alpha/kernel/setup.c b/arch/alpha/kernel/setup.c --- a/arch/alpha/kernel/setup.c 2004-05-31 15:58:34 -07:00 +++ b/arch/alpha/kernel/setup.c 2004-05-31 15:58:34 -07:00 @@ -1359,7 +1359,7 @@ L1I = L1D = CSHAPE(8*1024, 5, 1); L3 = -1; - car = *(vuip) phys_to_virt (0x120000078); + car = *(vuip) phys_to_virt (0x120000078UL); size = 64*1024 * (1 << ((car >> 5) & 7)); /* No typo -- 8 byte cacheline size. Whodathunk. */ L2 = (car & 1 ? CSHAPE (size, 3, 1) : -1); @@ -1374,7 +1374,7 @@ L1I = L1D = CSHAPE(8*1024, 5, 1); /* Check the line size of the Scache. */ - sc_ctl = *(vulp) phys_to_virt (0xfffff000a8); + sc_ctl = *(vulp) phys_to_virt (0xfffff000a8UL); width = sc_ctl & 0x1000 ? 6 : 5; L2 = CSHAPE (96*1024, width, 3); @@ -1406,7 +1406,7 @@ } L3 = -1; - cbox_config = *(vulp) phys_to_virt (0xfffff00008); + cbox_config = *(vulp) phys_to_virt (0xfffff00008UL); size = 512*1024 * (1 << ((cbox_config >> 12) & 3)); #if 0 diff -Nru a/arch/alpha/kernel/signal.c b/arch/alpha/kernel/signal.c --- a/arch/alpha/kernel/signal.c 2004-05-31 15:58:34 -07:00 +++ b/arch/alpha/kernel/signal.c 2004-05-31 15:58:34 -07:00 @@ -84,8 +84,8 @@ } asmlinkage int -osf_sigaction(int sig, const struct osf_sigaction *act, - struct osf_sigaction *oact) +osf_sigaction(int sig, const struct osf_sigaction __user *act, + struct osf_sigaction __user *oact) { struct k_sigaction new_ka, old_ka; int ret; @@ -115,8 +115,9 @@ } asmlinkage long -sys_rt_sigaction(int sig, const struct sigaction *act, struct sigaction *oact, - size_t sigsetsize, void *restorer) +sys_rt_sigaction(int sig, const struct sigaction __user *act, + struct sigaction __user *oact, + size_t sigsetsize, void __user *restorer) { struct k_sigaction new_ka, old_ka; int ret; @@ -165,7 +166,7 @@ } asmlinkage int -do_rt_sigsuspend(sigset_t *uset, size_t sigsetsize, +do_rt_sigsuspend(sigset_t __user *uset, size_t sigsetsize, struct pt_regs *reg, struct switch_stack *sw) { sigset_t oldset, set; @@ -192,7 +193,7 @@ } asmlinkage int -sys_sigaltstack(const stack_t *uss, stack_t *uoss) +sys_sigaltstack(const stack_t __user *uss, stack_t __user *uoss) { return do_sigaltstack(uss, uoss, rdusp()); } @@ -223,7 +224,7 @@ #define INSN_CALLSYS 0x00000083 static long -restore_sigcontext(struct sigcontext *sc, struct pt_regs *regs, +restore_sigcontext(struct sigcontext __user *sc, struct pt_regs *regs, struct switch_stack *sw) { unsigned long usp; @@ -276,7 +277,7 @@ registers and transfer control from userland. */ asmlinkage void -do_sigreturn(struct sigcontext *sc, struct pt_regs *regs, +do_sigreturn(struct sigcontext __user *sc, struct pt_regs *regs, struct switch_stack *sw) { sigset_t set; @@ -314,7 +315,7 @@ } asmlinkage void -do_rt_sigreturn(struct rt_sigframe *frame, struct pt_regs *regs, +do_rt_sigreturn(struct rt_sigframe __user *frame, struct pt_regs *regs, struct switch_stack *sw) { sigset_t set; @@ -356,17 +357,17 @@ * Set up a signal frame. */ -static inline void * +static inline void __user * get_sigframe(struct k_sigaction *ka, unsigned long sp, size_t frame_size) { if ((ka->sa.sa_flags & SA_ONSTACK) != 0 && ! on_sig_stack(sp)) sp = current->sas_ss_sp + current->sas_ss_size; - return (void *)((sp - frame_size) & -32ul); + return (void __user *)((sp - frame_size) & -32ul); } static long -setup_sigcontext(struct sigcontext *sc, struct pt_regs *regs, +setup_sigcontext(struct sigcontext __user *sc, struct pt_regs *regs, struct switch_stack *sw, unsigned long mask, unsigned long sp) { long i, err = 0; @@ -426,7 +427,7 @@ struct pt_regs *regs, struct switch_stack * sw) { unsigned long oldsp, r26, err = 0; - struct sigframe *frame; + struct sigframe __user *frame; oldsp = rdusp(); frame = get_sigframe(ka, oldsp, sizeof(*frame)); @@ -479,7 +480,7 @@ sigset_t *set, struct pt_regs *regs, struct switch_stack * sw) { unsigned long oldsp, r26, err = 0; - struct rt_sigframe *frame; + struct rt_sigframe __user *frame; oldsp = rdusp(); frame = get_sigframe(ka, oldsp, sizeof(*frame)); diff -Nru a/arch/alpha/kernel/smp.c b/arch/alpha/kernel/smp.c --- a/arch/alpha/kernel/smp.c 2004-05-31 15:58:34 -07:00 +++ b/arch/alpha/kernel/smp.c 2004-05-31 15:58:34 -07:00 @@ -779,7 +779,7 @@ void smp_send_reschedule(int cpu) { -#if DEBUG_IPI_MSG +#ifdef DEBUG_IPI_MSG if (cpu == hard_smp_processor_id()) printk(KERN_WARNING "smp_send_reschedule: Sending IPI to self.\n"); @@ -791,7 +791,7 @@ smp_send_stop(void) { unsigned long to_whom = cpu_present_mask & ~(1UL << smp_processor_id()); -#if DEBUG_IPI_MSG +#ifdef DEBUG_IPI_MSG if (hard_smp_processor_id() != boot_cpu_id) printk(KERN_WARNING "smp_send_stop: Not on boot cpu.\n"); #endif diff -Nru a/arch/alpha/kernel/sys_sx164.c b/arch/alpha/kernel/sys_sx164.c --- a/arch/alpha/kernel/sys_sx164.c 2004-05-31 15:58:34 -07:00 +++ b/arch/alpha/kernel/sys_sx164.c 2004-05-31 15:58:34 -07:00 @@ -51,7 +51,7 @@ if (alpha_using_srm) init_srm_irqs(40, 0x3f0000); else - init_pyxis_irqs(0xff00003f0000); + init_pyxis_irqs(0xff00003f0000UL); setup_irq(16+6, &timer_cascade_irqaction); } diff -Nru a/arch/alpha/lib/csum_partial_copy.c b/arch/alpha/lib/csum_partial_copy.c --- a/arch/alpha/lib/csum_partial_copy.c 2004-05-31 15:58:34 -07:00 +++ b/arch/alpha/lib/csum_partial_copy.c 2004-05-31 15:58:34 -07:00 @@ -99,7 +99,7 @@ * Ok. This isn't fun, but this is the EASY case. */ static inline unsigned long -csum_partial_cfu_aligned(const unsigned long *src, unsigned long *dst, +csum_partial_cfu_aligned(const unsigned long __user *src, unsigned long *dst, long len, unsigned long checksum, int *errp) { @@ -139,7 +139,8 @@ * easy. */ static inline unsigned long -csum_partial_cfu_dest_aligned(const unsigned long *src, unsigned long *dst, +csum_partial_cfu_dest_aligned(const unsigned long __user *src, + unsigned long *dst, unsigned long soff, long len, unsigned long checksum, int *errp) @@ -327,7 +328,7 @@ } static unsigned int -do_csum_partial_copy_from_user(const char *src, char *dst, int len, +do_csum_partial_copy_from_user(const char __user *src, char *dst, int len, unsigned int sum, int *errp) { unsigned long checksum = (unsigned) sum; @@ -338,12 +339,12 @@ if (!doff) { if (!soff) checksum = csum_partial_cfu_aligned( - (const unsigned long *) src, + (const unsigned long __user *) src, (unsigned long *) dst, len-8, checksum, errp); else checksum = csum_partial_cfu_dest_aligned( - (const unsigned long *) src, + (const unsigned long __user *) src, (unsigned long *) dst, soff, len-8, checksum, errp); } else { @@ -351,13 +352,13 @@ ldq_u(partial_dest, dst); if (!soff) checksum = csum_partial_cfu_src_aligned( - (const unsigned long *) src, + (const unsigned long __user *) src, (unsigned long *) dst, doff, len-8, checksum, partial_dest, errp); else checksum = csum_partial_cfu_unaligned( - (const unsigned long *) src, + (const unsigned long __user *) src, (unsigned long *) dst, soff, doff, len-8, checksum, partial_dest, errp); @@ -368,7 +369,7 @@ } unsigned int -csum_partial_copy_from_user(const char *src, char *dst, int len, +csum_partial_copy_from_user(const char __user *src, char *dst, int len, unsigned int sum, int *errp) { if (!access_ok(src, len, VERIFY_READ)) { diff -Nru a/arch/alpha/math-emu/math.c b/arch/alpha/math-emu/math.c --- a/arch/alpha/math-emu/math.c 2004-05-31 15:58:34 -07:00 +++ b/arch/alpha/math-emu/math.c 2004-05-31 15:58:34 -07:00 @@ -106,7 +106,7 @@ __u32 insn; long si_code; - get_user(insn, (__u32*)pc); + get_user(insn, (__u32 __user *)pc); fc = (insn >> 0) & 0x1f; /* destination register */ fb = (insn >> 16) & 0x1f; fa = (insn >> 21) & 0x1f; @@ -171,7 +171,7 @@ _FP_FRAC_SET_1(DB, _FP_ZEROFRAC_1); } FP_CMP_D(res, DA, DB, 3); - vc = 0x4000000000000000; + vc = 0x4000000000000000UL; /* CMPTEQ, CMPTUN don't trap on QNaN, while CMPTLT and CMPTLE do */ if (res == 3 @@ -351,7 +351,7 @@ * up to the first occurrence of such an instruction. */ while (write_mask) { - get_user(insn, (__u32*)(trigger_pc)); + get_user(insn, (__u32 __user *)(trigger_pc)); opcode = insn >> 26; rc = insn & 0x1f; diff -Nru a/arch/alpha/mm/fault.c b/arch/alpha/mm/fault.c --- a/arch/alpha/mm/fault.c 2004-05-31 15:58:34 -07:00 +++ b/arch/alpha/mm/fault.c 2004-05-31 15:58:34 -07:00 @@ -40,7 +40,7 @@ unsigned long last_asn = ASN_FIRST_VERSION; #endif -extern void +void __load_new_mm_context(struct mm_struct *next_mm) { unsigned long mmc; diff -Nru a/arch/alpha/mm/init.c b/arch/alpha/mm/init.c --- a/arch/alpha/mm/init.c 2004-05-31 15:58:34 -07:00 +++ b/arch/alpha/mm/init.c 2004-05-31 15:58:34 -07:00 @@ -152,9 +152,9 @@ /* Set the vptb. This is often done by the bootloader, but shouldn't be required. */ - if (hwrpb->vptb != 0xfffffffe00000000) { - wrvptptr(0xfffffffe00000000); - hwrpb->vptb = 0xfffffffe00000000; + if (hwrpb->vptb != 0xfffffffe00000000UL) { + wrvptptr(0xfffffffe00000000UL); + hwrpb->vptb = 0xfffffffe00000000UL; hwrpb_update_checksum(hwrpb); } @@ -301,8 +301,8 @@ /* Move the vptb back to where the SRM console expects it. */ swapper_pg_dir[1] = swapper_pg_dir[1023]; tbia(); - wrvptptr(0x200000000); - hwrpb->vptb = 0x200000000; + wrvptptr(0x200000000UL); + hwrpb->vptb = 0x200000000UL; hwrpb_update_checksum(hwrpb); /* Reload the page tables that the console had in use. */ diff -Nru a/arch/arm/kernel/ptrace.c b/arch/arm/kernel/ptrace.c --- a/arch/arm/kernel/ptrace.c 2004-05-31 15:58:34 -07:00 +++ b/arch/arm/kernel/ptrace.c 2004-05-31 15:58:34 -07:00 @@ -622,7 +622,7 @@ ret = access_process_vm(child, addr, &tmp, sizeof(unsigned long), 0); if (ret == sizeof(unsigned long)) - ret = put_user(tmp, (unsigned long *) data); + ret = put_user(tmp, (unsigned long __user *) data); else ret = -EIO; break; diff -Nru a/arch/arm/kernel/signal.c b/arch/arm/kernel/signal.c --- a/arch/arm/kernel/signal.c 2004-05-31 15:58:34 -07:00 +++ b/arch/arm/kernel/signal.c 2004-05-31 15:58:34 -07:00 @@ -564,10 +564,10 @@ regs->ARM_r7 = __NR_restart_syscall; regs->ARM_pc -= 2; } else { - u32 *usp; + u32 __user *usp; regs->ARM_sp -= 12; - usp = (u32 *)regs->ARM_sp; + usp = (u32 __user *)regs->ARM_sp; put_user(regs->ARM_pc, &usp[0]); /* swi __NR_restart_syscall */ diff -Nru a/arch/i386/Makefile b/arch/i386/Makefile --- a/arch/i386/Makefile 2004-05-31 15:58:34 -07:00 +++ b/arch/i386/Makefile 2004-05-31 15:58:34 -07:00 @@ -18,6 +18,7 @@ LDFLAGS := -m elf_i386 OBJCOPYFLAGS := -O binary -R .note -R .comment -S LDFLAGS_vmlinux := +CHECK := $(CHECK) -D__i386__=1 CFLAGS += -pipe -msoft-float diff -Nru a/arch/i386/kernel/i387.c b/arch/i386/kernel/i387.c --- a/arch/i386/kernel/i387.c 2004-05-31 15:58:34 -07:00 +++ b/arch/i386/kernel/i387.c 2004-05-31 15:58:34 -07:00 @@ -246,7 +246,7 @@ to = &buf->_st[0]; from = (struct _fpxreg *) &fxsave->st_space[0]; for ( i = 0 ; i < 8 ; i++, to++, from++ ) { - unsigned long *t = (unsigned long *)to; + unsigned long __user *t = (unsigned long __user *)to; unsigned long *f = (unsigned long *)from; if (__put_user(*f, t) || @@ -281,7 +281,7 @@ from = &buf->_st[0]; for ( i = 0 ; i < 8 ; i++, to++, from++ ) { unsigned long *t = (unsigned long *)to; - unsigned long *f = (unsigned long *)from; + unsigned long __user *f = (unsigned long __user *)from; if (__get_user(*t, f) || __get_user(*(t + 1), f + 1) || diff -Nru a/arch/i386/kernel/microcode.c b/arch/i386/kernel/microcode.c --- a/arch/i386/kernel/microcode.c 2004-05-31 15:58:34 -07:00 +++ b/arch/i386/kernel/microcode.c 2004-05-31 15:58:34 -07:00 @@ -113,7 +113,7 @@ /* no concurrent ->write()s are allowed on /dev/cpu/microcode */ static DECLARE_MUTEX(microcode_sem); -static void *user_buffer; /* user area microcode data buffer */ +static void __user *user_buffer; /* user area microcode data buffer */ static unsigned int user_buffer_size; /* it's size */ typedef enum mc_error_code { @@ -425,7 +425,7 @@ return error; } -static ssize_t microcode_write (struct file *file, const char *buf, size_t len, loff_t *ppos) +static ssize_t microcode_write (struct file *file, const char __user *buf, size_t len, loff_t *ppos) { ssize_t ret; @@ -441,7 +441,7 @@ down(µcode_sem); - user_buffer = (void *) buf; + user_buffer = (void __user *) buf; user_buffer_size = (int) len; ret = do_microcode_update(); diff -Nru a/arch/i386/kernel/msr.c b/arch/i386/kernel/msr.c --- a/arch/i386/kernel/msr.c 2004-05-31 15:58:34 -07:00 +++ b/arch/i386/kernel/msr.c 2004-05-31 15:58:34 -07:00 @@ -184,7 +184,7 @@ static ssize_t msr_read(struct file *file, char __user * buf, size_t count, loff_t * ppos) { - u32 *tmp = (u32 *) buf; + u32 __user *tmp = (u32 __user *) buf; u32 data[2]; size_t rv; u32 reg = *ppos; @@ -203,13 +203,13 @@ tmp += 2; } - return ((char *)tmp) - buf; + return ((char __user *)tmp) - buf; } static ssize_t msr_write(struct file *file, const char __user *buf, size_t count, loff_t *ppos) { - const u32 *tmp = (const u32 *)buf; + const u32 __user *tmp = (const u32 __user *)buf; u32 data[2]; size_t rv; u32 reg = *ppos; @@ -228,7 +228,7 @@ tmp += 2; } - return ((char *)tmp) - buf; + return ((char __user *)tmp) - buf; } static int msr_open(struct inode *inode, struct file *file) diff -Nru a/arch/i386/kernel/ptrace.c b/arch/i386/kernel/ptrace.c --- a/arch/i386/kernel/ptrace.c 2004-05-31 15:58:34 -07:00 +++ b/arch/i386/kernel/ptrace.c 2004-05-31 15:58:34 -07:00 @@ -235,6 +235,7 @@ struct task_struct *child; struct user * dummy = NULL; int i, ret; + unsigned long __user *datap = (unsigned long __user *)data; lock_kernel(); ret = -EPERM; @@ -283,7 +284,7 @@ ret = -EIO; if (copied != sizeof(tmp)) break; - ret = put_user(tmp,(unsigned long *) data); + ret = put_user(tmp, datap); break; } @@ -305,7 +306,7 @@ addr = addr >> 2; tmp = child->thread.debugreg[addr]; } - ret = put_user(tmp,(unsigned long *) data); + ret = put_user(tmp, datap); break; } @@ -423,13 +424,13 @@ break; case PTRACE_GETREGS: { /* Get all gp regs from the child. */ - if (!access_ok(VERIFY_WRITE, (unsigned *)data, FRAME_SIZE*sizeof(long))) { + if (!access_ok(VERIFY_WRITE, datap, FRAME_SIZE*sizeof(long))) { ret = -EIO; break; } for ( i = 0; i < FRAME_SIZE*sizeof(long); i += sizeof(long) ) { - __put_user(getreg(child, i),(unsigned long *) data); - data += sizeof(long); + __put_user(getreg(child, i), datap); + datap++; } ret = 0; break; @@ -437,21 +438,21 @@ case PTRACE_SETREGS: { /* Set all gp regs in the child. */ unsigned long tmp; - if (!access_ok(VERIFY_READ, (unsigned *)data, FRAME_SIZE*sizeof(long))) { + if (!access_ok(VERIFY_READ, datap, FRAME_SIZE*sizeof(long))) { ret = -EIO; break; } for ( i = 0; i < FRAME_SIZE*sizeof(long); i += sizeof(long) ) { - __get_user(tmp, (unsigned long *) data); + __get_user(tmp, datap); putreg(child, i, tmp); - data += sizeof(long); + datap++; } ret = 0; break; } case PTRACE_GETFPREGS: { /* Get the child FPU state. */ - if (!access_ok(VERIFY_WRITE, (unsigned *)data, + if (!access_ok(VERIFY_WRITE, datap, sizeof(struct user_i387_struct))) { ret = -EIO; break; @@ -464,7 +465,7 @@ } case PTRACE_SETFPREGS: { /* Set the child FPU state. */ - if (!access_ok(VERIFY_READ, (unsigned *)data, + if (!access_ok(VERIFY_READ, datap, sizeof(struct user_i387_struct))) { ret = -EIO; break; @@ -476,7 +477,7 @@ } case PTRACE_GETFPXREGS: { /* Get the child extended FPU state. */ - if (!access_ok(VERIFY_WRITE, (unsigned *)data, + if (!access_ok(VERIFY_WRITE, datap, sizeof(struct user_fxsr_struct))) { ret = -EIO; break; @@ -488,7 +489,7 @@ } case PTRACE_SETFPXREGS: { /* Set the child extended FPU state. */ - if (!access_ok(VERIFY_READ, (unsigned *)data, + if (!access_ok(VERIFY_READ, datap, sizeof(struct user_fxsr_struct))) { ret = -EIO; break; @@ -499,13 +500,13 @@ } case PTRACE_GET_THREAD_AREA: - ret = ptrace_get_thread_area(child, - addr, (struct user_desc __user *) data); + ret = ptrace_get_thread_area(child, addr, + (struct user_desc __user *) data); break; case PTRACE_SET_THREAD_AREA: - ret = ptrace_set_thread_area(child, - addr, (struct user_desc __user *) data); + ret = ptrace_set_thread_area(child, addr, + (struct user_desc __user *) data); break; default: diff -Nru a/arch/i386/kernel/signal.c b/arch/i386/kernel/signal.c --- a/arch/i386/kernel/signal.c 2004-05-31 15:58:34 -07:00 +++ b/arch/i386/kernel/signal.c 2004-05-31 15:58:34 -07:00 @@ -269,12 +269,12 @@ tmp = 0; __asm__("movl %%gs,%0" : "=r"(tmp): "0"(tmp)); - err |= __put_user(tmp, (unsigned int *)&sc->gs); + err |= __put_user(tmp, (unsigned int __user *)&sc->gs); __asm__("movl %%fs,%0" : "=r"(tmp): "0"(tmp)); - err |= __put_user(tmp, (unsigned int *)&sc->fs); + err |= __put_user(tmp, (unsigned int __user *)&sc->fs); - err |= __put_user(regs->xes, (unsigned int *)&sc->es); - err |= __put_user(regs->xds, (unsigned int *)&sc->ds); + err |= __put_user(regs->xes, (unsigned int __user *)&sc->es); + err |= __put_user(regs->xds, (unsigned int __user *)&sc->ds); err |= __put_user(regs->edi, &sc->edi); err |= __put_user(regs->esi, &sc->esi); err |= __put_user(regs->ebp, &sc->ebp); @@ -286,10 +286,10 @@ err |= __put_user(current->thread.trap_no, &sc->trapno); err |= __put_user(current->thread.error_code, &sc->err); err |= __put_user(regs->eip, &sc->eip); - err |= __put_user(regs->xcs, (unsigned int *)&sc->cs); + err |= __put_user(regs->xcs, (unsigned int __user *)&sc->cs); err |= __put_user(regs->eflags, &sc->eflags); err |= __put_user(regs->esp, &sc->esp_at_signal); - err |= __put_user(regs->xss, (unsigned int *)&sc->ss); + err |= __put_user(regs->xss, (unsigned int __user *)&sc->ss); tmp = save_i387(fpstate); if (tmp < 0) @@ -381,9 +381,9 @@ * reasons and because gdb uses it as a signature to notice * signal handler stack frames. */ - err |= __put_user(0xb858, (short *)(frame->retcode+0)); - err |= __put_user(__NR_sigreturn, (int *)(frame->retcode+2)); - err |= __put_user(0x80cd, (short *)(frame->retcode+6)); + err |= __put_user(0xb858, (short __user *)(frame->retcode+0)); + err |= __put_user(__NR_sigreturn, (int __user *)(frame->retcode+2)); + err |= __put_user(0x80cd, (short __user *)(frame->retcode+6)); if (err) goto give_sigsegv; @@ -462,9 +462,9 @@ * reasons and because gdb uses it as a signature to notice * signal handler stack frames. */ - err |= __put_user(0xb8, (char *)(frame->retcode+0)); - err |= __put_user(__NR_rt_sigreturn, (int *)(frame->retcode+1)); - err |= __put_user(0x80cd, (short *)(frame->retcode+5)); + err |= __put_user(0xb8, (char __user *)(frame->retcode+0)); + err |= __put_user(__NR_rt_sigreturn, (int __user *)(frame->retcode+1)); + err |= __put_user(0x80cd, (short __user *)(frame->retcode+5)); if (err) goto give_sigsegv; diff -Nru a/arch/i386/mach-default/topology.c b/arch/i386/mach-default/topology.c --- a/arch/i386/mach-default/topology.c 2004-05-31 15:58:34 -07:00 +++ b/arch/i386/mach-default/topology.c 2004-05-31 15:58:34 -07:00 @@ -41,8 +41,10 @@ { int i; - for (i = 0; i < num_online_nodes(); i++) - arch_register_node(i); + for (i = 0; i < MAX_NUMNODES; i++) { + if (node_online(i)) + arch_register_node(i); + } for (i = 0; i < NR_CPUS; i++) if (cpu_possible(i)) arch_register_cpu(i); return 0; diff -Nru a/arch/ppc64/Makefile b/arch/ppc64/Makefile --- a/arch/ppc64/Makefile 2004-05-31 15:58:34 -07:00 +++ b/arch/ppc64/Makefile 2004-05-31 15:58:34 -07:00 @@ -20,8 +20,9 @@ AS := $(AS) -64 LD := $(LD) -m elf64ppc CC := $(CC) -m64 -CHECK := $(CHECK) -m64 endif + +CHECK := $(CHECK) -m64 -D__powerpc__=1 LDFLAGS := -m elf64ppc LDFLAGS_vmlinux := -Bstatic -e $(KERNELLOAD) -Ttext $(KERNELLOAD) diff -Nru a/arch/ppc64/kernel/align.c b/arch/ppc64/kernel/align.c --- a/arch/ppc64/kernel/align.c 2004-05-31 15:58:34 -07:00 +++ b/arch/ppc64/kernel/align.c 2004-05-31 15:58:34 -07:00 @@ -217,7 +217,7 @@ unsigned dsisr; unsigned char __user *addr; unsigned char __user *p; - unsigned long *lp; + unsigned long __user *lp; union { long ll; double dd; @@ -242,9 +242,9 @@ if (cur_cpu_spec->cpu_features & CPU_FTR_NODSISRALIGN) { unsigned int real_instr; - if (__get_user(real_instr, (unsigned int *)regs->nip)) + if (__get_user(real_instr, (unsigned int __user *)regs->nip)) return 0; - dsisr = make_dsisr(*((unsigned *)regs->nip)); + dsisr = make_dsisr(real_instr); } /* extract the operation and registers from the dsisr */ @@ -361,7 +361,7 @@ p = addr; switch (nb) { case 128: /* Special case - must be dcbz */ - lp = (unsigned long *)p; + lp = (unsigned long __user *)p; for (i = 0; i < L1_CACHE_BYTES / sizeof(long); ++i) ret |= __put_user(0, lp++); break; diff -Nru a/arch/ppc64/kernel/process.c b/arch/ppc64/kernel/process.c --- a/arch/ppc64/kernel/process.c 2004-05-31 15:58:34 -07:00 +++ b/arch/ppc64/kernel/process.c 2004-05-31 15:58:34 -07:00 @@ -332,8 +332,8 @@ * entry is the TOC value we need to use. */ set_fs(USER_DS); - __get_user(entry, (unsigned long *)fdptr); - __get_user(toc, (unsigned long *)fdptr+1); + __get_user(entry, (unsigned long __user *)fdptr); + __get_user(toc, (unsigned long __user *)fdptr+1); /* Check whether the e_entry function descriptor entries * need to be relocated before we can use them. @@ -386,7 +386,7 @@ unsigned int val; val = __unpack_fe01(tsk->thread.fpexc_mode); - return put_user(val, (unsigned int *) adr); + return put_user(val, (unsigned int __user *) adr); } int sys_clone(unsigned long clone_flags, unsigned long p2, unsigned long p3, @@ -546,7 +546,7 @@ * We look for the "regshere" marker in the current frame. */ if (validate_sp(sp, p, sizeof(struct pt_regs) + 400) - && _sp[12] == 0x7265677368657265) { + && _sp[12] == 0x7265677368657265ul) { struct pt_regs *regs = (struct pt_regs *) (sp + STACK_FRAME_OVERHEAD); printk("--- Exception: %lx", regs->trap); diff -Nru a/arch/ppc64/kernel/ptrace.c b/arch/ppc64/kernel/ptrace.c --- a/arch/ppc64/kernel/ptrace.c 2004-05-31 15:58:34 -07:00 +++ b/arch/ppc64/kernel/ptrace.c 2004-05-31 15:58:34 -07:00 @@ -101,7 +101,7 @@ ret = -EIO; if (copied != sizeof(tmp)) break; - ret = put_user(tmp,(unsigned long *) data); + ret = put_user(tmp,(unsigned long __user *) data); break; } @@ -123,7 +123,7 @@ giveup_fpu(child); tmp = ((unsigned long *)child->thread.fpr)[index - PT_FPR0]; } - ret = put_user(tmp,(unsigned long *) data); + ret = put_user(tmp,(unsigned long __user *) data); break; } @@ -213,7 +213,7 @@ case PPC_PTRACE_GETREGS: { /* Get GPRs 0 - 31. */ int i; unsigned long *reg = &((unsigned long *)child->thread.regs)[0]; - unsigned long *tmp = (unsigned long *)addr; + unsigned long __user *tmp = (unsigned long __user *)addr; for (i = 0; i < 32; i++) { ret = put_user(*reg, tmp); @@ -228,7 +228,7 @@ case PPC_PTRACE_SETREGS: { /* Set GPRs 0 - 31. */ int i; unsigned long *reg = &((unsigned long *)child->thread.regs)[0]; - unsigned long *tmp = (unsigned long *)addr; + unsigned long __user *tmp = (unsigned long __user *)addr; for (i = 0; i < 32; i++) { ret = get_user(*reg, tmp); @@ -243,7 +243,7 @@ case PPC_PTRACE_GETFPREGS: { /* Get FPRs 0 - 31. */ int i; unsigned long *reg = &((unsigned long *)child->thread.fpr)[0]; - unsigned long *tmp = (unsigned long *)addr; + unsigned long __user *tmp = (unsigned long __user *)addr; if (child->thread.regs->msr & MSR_FP) giveup_fpu(child); @@ -261,7 +261,7 @@ case PPC_PTRACE_SETFPREGS: { /* Get FPRs 0 - 31. */ int i; unsigned long *reg = &((unsigned long *)child->thread.fpr)[0]; - unsigned long *tmp = (unsigned long *)addr; + unsigned long __user *tmp = (unsigned long __user *)addr; if (child->thread.regs->msr & MSR_FP) giveup_fpu(child); diff -Nru a/arch/ppc64/kernel/ptrace32.c b/arch/ppc64/kernel/ptrace32.c --- a/arch/ppc64/kernel/ptrace32.c 2004-05-31 15:58:34 -07:00 +++ b/arch/ppc64/kernel/ptrace32.c 2004-05-31 15:58:34 -07:00 @@ -89,7 +89,7 @@ ret = -EIO; if (copied != sizeof(tmp)) break; - ret = put_user(tmp, (u32*)data); + ret = put_user(tmp, (u32 __user *)data); break; } @@ -106,19 +106,19 @@ case PPC_PTRACE_PEEKDATA_3264: { u32 tmp; int copied; - u32* addrOthers; + u32 __user * addrOthers; ret = -EIO; /* Get the addr in the other process that we want to read */ - if (get_user(addrOthers, (u32**)addr) != 0) + if (get_user(addrOthers, (u32 __user * __user *)addr) != 0) break; copied = access_process_vm(child, (u64)addrOthers, &tmp, sizeof(tmp), 0); if (copied != sizeof(tmp)) break; - ret = put_user(tmp, (u32*)data); + ret = put_user(tmp, (u32 __user *)data); break; } @@ -145,7 +145,7 @@ */ tmp = ((unsigned int *)child->thread.fpr)[index - PT_FPR0]; } - ret = put_user((unsigned int)tmp, (u32*)data); + ret = put_user((unsigned int)tmp, (u32 __user *)data); break; } @@ -186,7 +186,7 @@ tmp = get_reg(child, numReg); } reg32bits = ((u32*)&tmp)[part]; - ret = put_user(reg32bits, (u32*)data); + ret = put_user(reg32bits, (u32 __user *)data); break; } @@ -215,11 +215,11 @@ case PPC_PTRACE_POKETEXT_3264: case PPC_PTRACE_POKEDATA_3264: { u32 tmp = data; - u32* addrOthers; + u32 __user * addrOthers; /* Get the addr in the other process that we want to write into */ ret = -EIO; - if (get_user(addrOthers, (u32**)addr) != 0) + if (get_user(addrOthers, (u32 __user * __user *)addr) != 0) break; ret = 0; if (access_process_vm(child, (u64)addrOthers, &tmp, @@ -347,7 +347,7 @@ case PPC_PTRACE_GETREGS: { /* Get GPRs 0 - 31. */ int i; unsigned long *reg = &((unsigned long *)child->thread.regs)[0]; - unsigned int *tmp = (unsigned int *)addr; + unsigned int __user *tmp = (unsigned int __user *)addr; for (i = 0; i < 32; i++) { ret = put_user(*reg, tmp); @@ -362,7 +362,7 @@ case PPC_PTRACE_SETREGS: { /* Set GPRs 0 - 31. */ int i; unsigned long *reg = &((unsigned long *)child->thread.regs)[0]; - unsigned int *tmp = (unsigned int *)addr; + unsigned int __user *tmp = (unsigned int __user *)addr; for (i = 0; i < 32; i++) { ret = get_user(*reg, tmp); @@ -377,7 +377,7 @@ case PPC_PTRACE_GETFPREGS: { /* Get FPRs 0 - 31. */ int i; unsigned long *reg = &((unsigned long *)child->thread.fpr)[0]; - unsigned int *tmp = (unsigned int *)addr; + unsigned int __user *tmp = (unsigned int __user *)addr; if (child->thread.regs->msr & MSR_FP) giveup_fpu(child); @@ -395,7 +395,7 @@ case PPC_PTRACE_SETFPREGS: { /* Get FPRs 0 - 31. */ int i; unsigned long *reg = &((unsigned long *)child->thread.fpr)[0]; - unsigned int *tmp = (unsigned int *)addr; + unsigned int __user *tmp = (unsigned int __user *)addr; if (child->thread.regs->msr & MSR_FP) giveup_fpu(child); diff -Nru a/arch/ppc64/kernel/signal.c b/arch/ppc64/kernel/signal.c --- a/arch/ppc64/kernel/signal.c 2004-05-31 15:58:34 -07:00 +++ b/arch/ppc64/kernel/signal.c 2004-05-31 15:58:34 -07:00 @@ -154,7 +154,7 @@ /* We always copy to/from vrsave, it's 0 if we don't have or don't * use altivec. */ - err |= __put_user(current->thread.vrsave, (u32 *)&v_regs[33]); + err |= __put_user(current->thread.vrsave, (u32 __user *)&v_regs[33]); #else /* CONFIG_ALTIVEC */ err |= __put_user(0, &sc->v_regs); #endif /* CONFIG_ALTIVEC */ @@ -216,7 +216,7 @@ memset(¤t->thread.vr, 0, 33); /* Always get VRSAVE back */ if (v_regs != 0) - err |= __get_user(current->thread.vrsave, (u32 *)&v_regs[33]); + err |= __get_user(current->thread.vrsave, (u32 __user *)&v_regs[33]); else current->thread.vrsave = 0; #endif /* CONFIG_ALTIVEC */ @@ -311,8 +311,8 @@ if (new_ctx == NULL) return 0; if (verify_area(VERIFY_READ, new_ctx, sizeof(*new_ctx)) - || __get_user(tmp, (u8 *) new_ctx) - || __get_user(tmp, (u8 *) (new_ctx + 1) - 1)) + || __get_user(tmp, (u8 __user *) new_ctx) + || __get_user(tmp, (u8 __user *) (new_ctx + 1) - 1)) return -EFAULT; /* @@ -384,7 +384,7 @@ * descriptor is the entry address of signal and the second * entry is the TOC value we need to use. */ - func_descr_t *funct_desc_ptr; + func_descr_t __user *funct_desc_ptr; struct rt_sigframe __user *frame; unsigned long newsp = 0; long err = 0; @@ -418,11 +418,11 @@ if (err) goto badframe; - funct_desc_ptr = (func_descr_t *) ka->sa.sa_handler; + funct_desc_ptr = (func_descr_t __user *) ka->sa.sa_handler; /* Allocate a dummy caller frame for the signal handler. */ newsp = (unsigned long)frame - __SIGNAL_FRAMESIZE; - err |= put_user(0, (unsigned long *)newsp); + err |= put_user(0, (unsigned long __user *)newsp); /* Set up "regs" so we "return" to the signal handler. */ err |= get_user(regs->nip, &funct_desc_ptr->entry); @@ -432,8 +432,8 @@ regs->gpr[3] = signr; regs->result = 0; if (ka->sa.sa_flags & SA_SIGINFO) { - err |= get_user(regs->gpr[4], (unsigned long *)&frame->pinfo); - err |= get_user(regs->gpr[5], (unsigned long *)&frame->puc); + err |= get_user(regs->gpr[4], (unsigned long __user *)&frame->pinfo); + err |= get_user(regs->gpr[5], (unsigned long __user *)&frame->puc); regs->gpr[6] = (unsigned long) frame; } else { regs->gpr[4] = (unsigned long)&frame->uc.uc_mcontext; diff -Nru a/arch/ppc64/kernel/signal32.c b/arch/ppc64/kernel/signal32.c --- a/arch/ppc64/kernel/signal32.c 2004-05-31 15:58:34 -07:00 +++ b/arch/ppc64/kernel/signal32.c 2004-05-31 15:58:34 -07:00 @@ -165,7 +165,7 @@ * significant bits of a vector, we "cheat" and stuff VRSAVE in the * most significant bits of that same vector. --BenH */ - if (__put_user(current->thread.vrsave, (u32 *)&frame->mc_vregs[32])) + if (__put_user(current->thread.vrsave, (u32 __user *)&frame->mc_vregs[32])) return 1; #endif /* CONFIG_ALTIVEC */ @@ -232,7 +232,7 @@ memset(¤t->thread.vr, 0, ELF_NVRREG32 * sizeof(vector128)); /* Always get VRSAVE back */ - if (__get_user(current->thread.vrsave, (u32 *)&sr->mc_vregs[32])) + if (__get_user(current->thread.vrsave, (u32 __user *)&sr->mc_vregs[32])) return 1; #endif /* CONFIG_ALTIVEC */ @@ -289,8 +289,8 @@ } } -long sys32_sigaction(int sig, struct old_sigaction32 *act, - struct old_sigaction32 *oact) +long sys32_sigaction(int sig, struct old_sigaction32 __user *act, + struct old_sigaction32 __user *oact) { struct k_sigaction new_ka, old_ka; int ret; @@ -589,9 +589,11 @@ * sigaltatck sys32_sigaltstack */ -int sys32_sigaltstack(u32 newstack, u32 oldstack, int r5, +int sys32_sigaltstack(u32 __new, u32 __old, int r5, int r6, int r7, int r8, struct pt_regs *regs) { + stack_32_t __user * newstack = (stack_32_t __user *)(long) __new; + stack_32_t __user * oldstack = (stack_32_t __user *)(long) __old; stack_t uss, uoss; int ret; mm_segment_t old_fs; @@ -605,12 +607,9 @@ /* Put new stack info in local 64 bit stack struct */ if (newstack && - (get_user((long)uss.ss_sp, - &((stack_32_t *)(long)newstack)->ss_sp) || - __get_user(uss.ss_flags, - &((stack_32_t *)(long)newstack)->ss_flags) || - __get_user(uss.ss_size, - &((stack_32_t *)(long)newstack)->ss_size))) + (get_user((long)uss.ss_sp, &newstack->ss_sp) || + __get_user(uss.ss_flags, &newstack->ss_flags) || + __get_user(uss.ss_size, &newstack->ss_size))) return -EFAULT; old_fs = get_fs(); @@ -623,12 +622,9 @@ set_fs(old_fs); /* Copy the stack information to the user output buffer */ if (!ret && oldstack && - (put_user((long)uoss.ss_sp, - &((stack_32_t *)(long)oldstack)->ss_sp) || - __put_user(uoss.ss_flags, - &((stack_32_t *)(long)oldstack)->ss_flags) || - __put_user(uoss.ss_size, - &((stack_32_t *)(long)oldstack)->ss_size))) + (put_user((long)uoss.ss_sp, &oldstack->ss_sp) || + __put_user(uoss.ss_flags, &oldstack->ss_flags) || + __put_user(uoss.ss_size, &oldstack->ss_size))) return -EFAULT; return ret; } @@ -746,8 +742,8 @@ if (new_ctx == NULL) return 0; if (verify_area(VERIFY_READ, new_ctx, sizeof(*new_ctx)) - || __get_user(tmp, (u8 *) new_ctx) - || __get_user(tmp, (u8 *) (new_ctx + 1) - 1)) + || __get_user(tmp, (u8 __user *) new_ctx) + || __get_user(tmp, (u8 __user *) (new_ctx + 1) - 1)) return -EFAULT; /* diff -Nru a/arch/ppc64/kernel/sys_ppc32.c b/arch/ppc64/kernel/sys_ppc32.c --- a/arch/ppc64/kernel/sys_ppc32.c 2004-05-31 15:58:34 -07:00 +++ b/arch/ppc64/kernel/sys_ppc32.c 2004-05-31 15:58:34 -07:00 @@ -173,7 +173,7 @@ goto efault; if (__put_user(0, dirent->d_name + namlen)) goto efault; - if (__put_user(d_type, (char *) dirent + reclen - 1)) + if (__put_user(d_type, (char __user *) dirent + reclen - 1)) goto efault; buf->previous = dirent; dirent = (void __user *)dirent + reclen; @@ -1105,7 +1105,7 @@ int error; size_t oldlen; size_t __user *oldlenp = NULL; - unsigned long addr = (((long)&args->__unused[0]) + 7) & ~7; + unsigned long addr = (((unsigned long)&args->__unused[0]) + 7) & ~7; if (copy_from_user(&tmp, args, sizeof(tmp))) return -EFAULT; @@ -1118,7 +1118,7 @@ glibc's __sysctl uses rw memory for the structure anyway. */ oldlenp = (size_t __user *)addr; - if (get_user(oldlen, (u32 *)A(tmp.oldlenp)) || + if (get_user(oldlen, (u32 __user *)A(tmp.oldlenp)) || put_user(oldlen, oldlenp)) return -EFAULT; } diff -Nru a/arch/ppc64/kernel/time.c b/arch/ppc64/kernel/time.c --- a/arch/ppc64/kernel/time.c 2004-05-31 15:58:34 -07:00 +++ b/arch/ppc64/kernel/time.c 2004-05-31 15:58:34 -07:00 @@ -430,7 +430,7 @@ * fields itself. This way, the fields which are used for * do_settimeofday get updated too. */ -long ppc64_sys32_stime(int* tptr) +long ppc64_sys32_stime(int __user * tptr) { int value; struct timespec myTimeval; @@ -455,7 +455,7 @@ * fields itself. This way, the fields which are used for * do_settimeofday get updated too. */ -long ppc64_sys_stime(long* tptr) +long ppc64_sys_stime(long __user * tptr) { long value; struct timespec myTimeval; diff -Nru a/arch/ppc64/mm/fault.c b/arch/ppc64/mm/fault.c --- a/arch/ppc64/mm/fault.c 2004-05-31 15:58:34 -07:00 +++ b/arch/ppc64/mm/fault.c 2004-05-31 15:58:34 -07:00 @@ -45,7 +45,7 @@ { unsigned int inst; - if (get_user(inst, (unsigned int *)regs->nip)) + if (get_user(inst, (unsigned int __user *)regs->nip)) return 0; /* check for 1 in the rA field */ if (((inst >> 16) & 0x1f) != 1) diff -Nru a/arch/ppc64/xmon/xmon.c b/arch/ppc64/xmon/xmon.c --- a/arch/ppc64/xmon/xmon.c 2004-05-31 15:58:34 -07:00 +++ b/arch/ppc64/xmon/xmon.c 2004-05-31 15:58:34 -07:00 @@ -1402,7 +1402,7 @@ /* Look for "regshere" marker to see if this is an exception frame. */ if (mread(sp + 0x60, &marker, sizeof(unsigned long)) - && marker == 0x7265677368657265) { + && marker == 0x7265677368657265ul) { if (mread(sp + 0x70, ®s, sizeof(regs)) != sizeof(regs)) { printf("Couldn't read registers at %lx\n", diff -Nru a/arch/sparc64/defconfig b/arch/sparc64/defconfig --- a/arch/sparc64/defconfig 2004-05-31 15:58:34 -07:00 +++ b/arch/sparc64/defconfig 2004-05-31 15:58:34 -07:00 @@ -864,8 +864,9 @@ # CONFIG_VIA_RHINE_MMIO is not set # -# Ethernet (1000 Mbit) +# Gigabit Ethernet (1000/10000 Mbit) # +CONFIG_NET_GIGE=y CONFIG_ACENIC=m # CONFIG_ACENIC_OMIT_TIGON_I is not set CONFIG_DL2K=m @@ -878,10 +879,6 @@ CONFIG_R8169=m CONFIG_SK98LIN=m CONFIG_TIGON3=m - -# -# Ethernet (10000 Mbit) -# CONFIG_IXGB=m CONFIG_IXGB_NAPI=y CONFIG_S2IO=m @@ -1133,6 +1130,7 @@ CONFIG_SENSORS_LM83=m CONFIG_SENSORS_LM85=m CONFIG_SENSORS_LM90=m +CONFIG_SENSORS_MAX1619=m CONFIG_SENSORS_VIA686A=m CONFIG_SENSORS_W83781D=m CONFIG_SENSORS_W83L785TS=m @@ -1255,6 +1253,7 @@ CONFIG_SMB_FS=m # CONFIG_SMB_NLS_DEFAULT is not set CONFIG_CIFS=m +# CONFIG_CIFS_STATS is not set CONFIG_NCP_FS=m # CONFIG_NCPFS_PACKET_SIGNING is not set # CONFIG_NCPFS_IOCTL_LOCKING is not set diff -Nru a/arch/x86_64/ia32/fpu32.c b/arch/x86_64/ia32/fpu32.c --- a/arch/x86_64/ia32/fpu32.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/ia32/fpu32.c 2004-05-31 15:58:34 -07:00 @@ -72,15 +72,15 @@ static inline int convert_fxsr_from_user(struct i387_fxsave_struct *fxsave, - struct _fpstate_ia32 *buf) + struct _fpstate_ia32 __user *buf) { struct _fpxreg *to; - struct _fpreg *from; + struct _fpreg __user *from; int i; u32 v; int err = 0; -#define G(num,val) err |= __get_user(val, num + (u32 *)buf) +#define G(num,val) err |= __get_user(val, num + (u32 __user *)buf) G(0, fxsave->cwd); G(1, fxsave->swd); G(2, fxsave->twd); @@ -104,12 +104,12 @@ } -static inline int convert_fxsr_to_user(struct _fpstate_ia32 *buf, +static inline int convert_fxsr_to_user(struct _fpstate_ia32 __user *buf, struct i387_fxsave_struct *fxsave, struct pt_regs *regs, struct task_struct *tsk) { - struct _fpreg *to; + struct _fpreg __user *to; struct _fpxreg *from; int i; u16 cs,ds; @@ -125,7 +125,7 @@ cs = regs->cs; } -#define P(num,val) err |= __put_user(val, num + (u32 *)buf) +#define P(num,val) err |= __put_user(val, num + (u32 __user *)buf) P(0, (u32)fxsave->cwd | 0xffff0000); P(1, (u32)fxsave->swd | 0xffff0000); P(2, twd_fxsr_to_i387(fxsave)); @@ -147,7 +147,7 @@ return 0; } -int restore_i387_ia32(struct task_struct *tsk, struct _fpstate_ia32 *buf, int fsave) +int restore_i387_ia32(struct task_struct *tsk, struct _fpstate_ia32 __user *buf, int fsave) { clear_fpu(tsk); if (!fsave) { @@ -162,7 +162,7 @@ } int save_i387_ia32(struct task_struct *tsk, - struct _fpstate_ia32 *buf, + struct _fpstate_ia32 __user *buf, struct pt_regs *regs, int fsave) { diff -Nru a/arch/x86_64/ia32/ia32_ioctl.c b/arch/x86_64/ia32/ia32_ioctl.c --- a/arch/x86_64/ia32/ia32_ioctl.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/ia32/ia32_ioctl.c 2004-05-31 15:58:34 -07:00 @@ -21,7 +21,7 @@ #ifndef TIOCGDEV #define TIOCGDEV _IOR('T',0x32, unsigned int) #endif -static int tiocgdev(unsigned fd, unsigned cmd, unsigned int *ptr) +static int tiocgdev(unsigned fd, unsigned cmd, unsigned int __user *ptr) { struct file *file = fget(fd); @@ -54,7 +54,7 @@ ret = sys_ioctl(fd, RTC_IRQP_READ, (unsigned long)&val); set_fs(oldfs); if (!ret) - ret = put_user(val, (unsigned int*) arg); + ret = put_user(val, (unsigned int __user *) arg); return ret; case RTC_IRQP_SET32: @@ -66,7 +66,7 @@ ret = sys_ioctl(fd, RTC_EPOCH_READ, (unsigned long) &val); set_fs(oldfs); if (!ret) - ret = put_user(val, (unsigned int*) arg); + ret = put_user(val, (unsigned int __user *) arg); return ret; case RTC_EPOCH_SET32: @@ -113,7 +113,7 @@ struct mtrr_gentry g; struct mtrr_sentry s; int get = 0, err = 0; - struct mtrr_gentry32 *g32 = (struct mtrr_gentry32 *)arg; + struct mtrr_gentry32 __user *g32 = (struct mtrr_gentry32 __user *)arg; mm_segment_t oldfs = get_fs(); switch (cmd) { @@ -139,7 +139,7 @@ arg = (unsigned long)&g; } else { - struct mtrr_sentry32 *s32 = (struct mtrr_sentry32 *)arg; + struct mtrr_sentry32 __user *s32 = (struct mtrr_sentry32 __user *)arg; err = get_user(s.base, &s32->base); err |= get_user(s.size, &s32->size); err |= get_user(s.type, &s32->type); diff -Nru a/arch/x86_64/ia32/ia32_signal.c b/arch/x86_64/ia32/ia32_signal.c --- a/arch/x86_64/ia32/ia32_signal.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/ia32/ia32_signal.c 2004-05-31 15:58:34 -07:00 @@ -42,7 +42,7 @@ #define _BLOCKABLE (~(sigmask(SIGKILL) | sigmask(SIGSTOP))) asmlinkage int do_signal(struct pt_regs *regs, sigset_t *oldset); -void signal_fault(struct pt_regs *regs, void *frame, char *where); +void signal_fault(struct pt_regs *regs, void __user *frame, char *where); int ia32_copy_siginfo_to_user(siginfo_t32 __user *to, siginfo_t *from) { @@ -136,8 +136,9 @@ } asmlinkage long -sys32_sigaltstack(const stack_ia32_t *uss_ptr, stack_ia32_t *uoss_ptr, - struct pt_regs regs) +sys32_sigaltstack(const stack_ia32_t __user *uss_ptr, + stack_ia32_t __user *uoss_ptr, + struct pt_regs regs) { stack_t uss,uoss; int ret; @@ -193,7 +194,7 @@ }; static int -ia32_restore_sigcontext(struct pt_regs *regs, struct sigcontext_ia32 *sc, unsigned int *peax) +ia32_restore_sigcontext(struct pt_regs *regs, struct sigcontext_ia32 __user *sc, unsigned int *peax) { unsigned int err = 0; @@ -252,9 +253,9 @@ { u32 tmp; - struct _fpstate_ia32 * buf; + struct _fpstate_ia32 __user * buf; err |= __get_user(tmp, &sc->fpstate); - buf = (struct _fpstate_ia32 *) (u64)tmp; + buf = compat_ptr(tmp); if (buf) { if (verify_area(VERIFY_READ, buf, sizeof(*buf))) goto badframe; @@ -275,7 +276,7 @@ asmlinkage long sys32_sigreturn(struct pt_regs regs) { - struct sigframe *frame = (struct sigframe *)(regs.rsp - 8); + struct sigframe __user *frame = (struct sigframe __user *)(regs.rsp-8); sigset_t set; unsigned int eax; @@ -304,9 +305,8 @@ asmlinkage long sys32_rt_sigreturn(struct pt_regs regs) { - struct rt_sigframe *frame = (struct rt_sigframe *)(regs.rsp - 4); + struct rt_sigframe __user *frame = (struct rt_sigframe __user *)(regs.rsp - 4); sigset_t set; - stack_t st; unsigned int eax; if (verify_area(VERIFY_READ, frame, sizeof(*frame))) @@ -338,20 +338,20 @@ */ static int -ia32_setup_sigcontext(struct sigcontext_ia32 *sc, struct _fpstate_ia32 *fpstate, +ia32_setup_sigcontext(struct sigcontext_ia32 __user *sc, struct _fpstate_ia32 __user *fpstate, struct pt_regs *regs, unsigned int mask) { int tmp, err = 0; tmp = 0; __asm__("movl %%gs,%0" : "=r"(tmp): "0"(tmp)); - err |= __put_user(tmp, (unsigned int *)&sc->gs); + err |= __put_user(tmp, (unsigned int __user *)&sc->gs); __asm__("movl %%fs,%0" : "=r"(tmp): "0"(tmp)); - err |= __put_user(tmp, (unsigned int *)&sc->fs); + err |= __put_user(tmp, (unsigned int __user *)&sc->fs); __asm__("movl %%ds,%0" : "=r"(tmp): "0"(tmp)); - err |= __put_user(tmp, (unsigned int *)&sc->ds); + err |= __put_user(tmp, (unsigned int __user *)&sc->ds); __asm__("movl %%es,%0" : "=r"(tmp): "0"(tmp)); - err |= __put_user(tmp, (unsigned int *)&sc->es); + err |= __put_user(tmp, (unsigned int __user *)&sc->es); err |= __put_user((u32)regs->rdi, &sc->edi); err |= __put_user((u32)regs->rsi, &sc->esi); @@ -388,7 +388,7 @@ /* * Determine which stack to use.. */ -static void * +static void __user * get_sigframe(struct k_sigaction *ka, struct pt_regs * regs, size_t frame_size) { unsigned long rsp; @@ -409,13 +409,13 @@ rsp = (unsigned long) ka->sa.sa_restorer; } - return (void *)((rsp - frame_size) & -8UL); + return (void __user *)((rsp - frame_size) & -8UL); } void ia32_setup_frame(int sig, struct k_sigaction *ka, compat_sigset_t *set, struct pt_regs * regs) { - struct sigframe *frame; + struct sigframe __user *frame; int err = 0; frame = get_sigframe(ka, regs, sizeof(*frame)); @@ -502,7 +502,7 @@ void ia32_setup_rt_frame(int sig, struct k_sigaction *ka, siginfo_t *info, compat_sigset_t *set, struct pt_regs * regs) { - struct rt_sigframe *frame; + struct rt_sigframe __user *frame; int err = 0; frame = get_sigframe(ka, regs, sizeof(*frame)); diff -Nru a/arch/x86_64/ia32/ia32entry.S b/arch/x86_64/ia32/ia32entry.S --- a/arch/x86_64/ia32/ia32entry.S 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/ia32/ia32entry.S 2004-05-31 15:58:34 -07:00 @@ -322,7 +322,7 @@ .quad sys_mknod .quad sys_chmod /* 15 */ .quad sys_lchown16 - .quad ni_syscall /* old break syscall holder */ + .quad quiet_ni_syscall /* old break syscall holder */ .quad sys_stat .quad sys32_lseek .quad sys_getpid /* 20 */ @@ -336,11 +336,11 @@ .quad sys_fstat /* (old)fstat */ .quad sys_pause .quad compat_sys_utime /* 30 */ - .quad ni_syscall /* old stty syscall holder */ - .quad ni_syscall /* old gtty syscall holder */ + .quad quiet_ni_syscall /* old stty syscall holder */ + .quad quiet_ni_syscall /* old gtty syscall holder */ .quad sys_access .quad sys_nice - .quad ni_syscall /* 35 */ /* old ftime syscall holder */ + .quad quiet_ni_syscall /* 35 */ /* old ftime syscall holder */ .quad sys_sync .quad sys32_kill .quad sys_rename @@ -349,7 +349,7 @@ .quad sys_dup .quad sys32_pipe .quad compat_sys_times - .quad ni_syscall /* old prof syscall holder */ + .quad quiet_ni_syscall /* old prof syscall holder */ .quad sys_brk /* 45 */ .quad sys_setgid16 .quad sys_getgid16 @@ -358,12 +358,12 @@ .quad sys_getegid16 /* 50 */ .quad sys_acct .quad sys_umount /* new_umount */ - .quad ni_syscall /* old lock syscall holder */ + .quad quiet_ni_syscall /* old lock syscall holder */ .quad compat_sys_ioctl .quad compat_sys_fcntl64 /* 55 */ - .quad ni_syscall /* old mpx syscall holder */ + .quad quiet_ni_syscall /* old mpx syscall holder */ .quad sys_setpgid - .quad ni_syscall /* old ulimit syscall holder */ + .quad quiet_ni_syscall /* old ulimit syscall holder */ .quad sys32_olduname .quad sys_umask /* 60 */ .quad sys_chroot @@ -403,7 +403,7 @@ .quad sys_fchown16 /* 95 */ .quad sys_getpriority .quad sys_setpriority - .quad ni_syscall /* old profil syscall holder */ + .quad quiet_ni_syscall /* old profil syscall holder */ .quad compat_sys_statfs .quad compat_sys_fstatfs /* 100 */ .quad sys_ioperm @@ -417,7 +417,7 @@ .quad sys32_uname .quad stub32_iopl /* 110 */ .quad sys_vhangup - .quad ni_syscall /* old "idle" system call */ + .quad quiet_ni_syscall /* old "idle" system call */ .quad sys32_vm86_warning /* vm86old */ .quad compat_sys_wait4 .quad sys_swapoff /* 115 */ @@ -442,7 +442,7 @@ .quad quiet_ni_syscall /* bdflush */ .quad sys_sysfs /* 135 */ .quad sys_personality - .quad ni_syscall /* for afs_syscall */ + .quad quiet_ni_syscall /* for afs_syscall */ .quad sys_setfsuid16 .quad sys_setfsgid16 .quad sys_llseek /* 140 */ @@ -493,8 +493,8 @@ .quad sys_capset .quad stub32_sigaltstack .quad sys32_sendfile - .quad ni_syscall /* streams1 */ - .quad ni_syscall /* streams2 */ + .quad quiet_ni_syscall /* streams1 */ + .quad quiet_ni_syscall /* streams2 */ .quad stub32_vfork /* 190 */ .quad compat_sys_getrlimit .quad sys32_mmap2 @@ -543,51 +543,52 @@ .quad sys_removexattr /* 235 */ .quad sys_lremovexattr .quad sys_fremovexattr - .quad sys_tkill /* 238 */ + .quad sys_tkill .quad sys_sendfile64 .quad compat_sys_futex /* 240 */ - .quad compat_sys_sched_setaffinity - .quad compat_sys_sched_getaffinity + .quad compat_sys_sched_setaffinity + .quad compat_sys_sched_getaffinity .quad sys32_set_thread_area .quad sys32_get_thread_area - .quad sys32_io_setup + .quad sys32_io_setup /* 245 */ .quad sys_io_destroy .quad sys32_io_getevents .quad sys32_io_submit .quad sys_io_cancel - .quad sys_fadvise64 - .quad quiet_ni_syscall /* free_huge_pages */ - .quad sys_exit_group /* exit_group */ + .quad sys_fadvise64 /* 250 */ + .quad quiet_ni_syscall /* free_huge_pages */ + .quad sys_exit_group .quad sys_lookup_dcookie .quad sys_epoll_create - .quad sys_epoll_ctl + .quad sys_epoll_ctl /* 255 */ .quad sys_epoll_wait .quad sys_remap_file_pages .quad sys_set_tid_address .quad sys32_timer_create - .quad compat_timer_settime + .quad compat_timer_settime /* 260 */ .quad compat_timer_gettime .quad sys_timer_getoverrun .quad sys_timer_delete .quad compat_clock_settime - .quad compat_clock_gettime + .quad compat_clock_gettime /* 265 */ .quad compat_clock_getres .quad compat_clock_nanosleep - .quad compat_statfs64 /* statfs64 */ - .quad compat_fstatfs64 /* fstatfs64 */ - .quad sys_tgkill + .quad compat_statfs64 + .quad compat_fstatfs64 + .quad sys_tgkill /* 270 */ .quad compat_sys_utimes .quad sys32_fadvise64_64 - .quad sys_ni_syscall /* sys_vserver */ - .quad sys_ni_syscall /* sys_mbind */ - .quad sys_ni_syscall /* 275 sys_get_mempolicy */ - .quad sys_ni_syscall /* sys_set_mempolicy */ + .quad quiet_ni_syscall /* sys_vserver */ + .quad sys_mbind + .quad compat_get_mempolicy /* 275 */ + .quad sys_set_mempolicy .quad compat_sys_mq_open .quad sys_mq_unlink .quad compat_sys_mq_timedsend .quad compat_sys_mq_timedreceive /* 280 */ .quad compat_sys_mq_notify .quad compat_sys_mq_getsetattr + .quad quiet_ni_syscall /* reserved for kexec */ /* don't forget to change IA32_NR_syscalls */ ia32_syscall_end: .rept IA32_NR_syscalls-(ia32_syscall_end-ia32_sys_call_table)/8 diff -Nru a/arch/x86_64/ia32/ptrace32.c b/arch/x86_64/ia32/ptrace32.c --- a/arch/x86_64/ia32/ptrace32.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/ia32/ptrace32.c 2004-05-31 15:58:34 -07:00 @@ -19,6 +19,7 @@ #include #include #include +#include #include #include #include @@ -228,6 +229,7 @@ { struct task_struct *child; struct pt_regs *childregs; + void __user *datap = compat_ptr(data); int ret; __u32 val; @@ -264,7 +266,7 @@ if (access_process_vm(child, addr, &val, sizeof(u32), 0)!=sizeof(u32)) ret = -EIO; else - ret = put_user(val, (unsigned int *)(u64)data); + ret = put_user(val, (unsigned int __user *)datap); break; case PTRACE_POKEDATA: @@ -277,7 +279,7 @@ case PTRACE_PEEKUSR: ret = getreg32(child, addr, &val); if (ret == 0) - ret = put_user(val, (__u32 *)(unsigned long) data); + ret = put_user(val, (__u32 __user *)datap); break; case PTRACE_POKEUSR: @@ -286,15 +288,15 @@ case PTRACE_GETREGS: { /* Get all gp regs from the child. */ int i; - if (!access_ok(VERIFY_WRITE, (unsigned *)(unsigned long)data, 16*4)) { + if (!access_ok(VERIFY_WRITE, datap, 16*4)) { ret = -EIO; break; } ret = 0; for ( i = 0; i <= 16*4 ; i += sizeof(__u32) ) { getreg32(child, i, &val); - ret |= __put_user(val,(u32 *) (unsigned long) data); - data += sizeof(u32); + ret |= __put_user(val,(u32 __user *)datap); + datap += sizeof(u32); } break; } @@ -302,40 +304,40 @@ case PTRACE_SETREGS: { /* Set all gp regs in the child. */ unsigned long tmp; int i; - if (!access_ok(VERIFY_READ, (unsigned *)(unsigned long)data, 16*4)) { + if (!access_ok(VERIFY_READ, datap, 16*4)) { ret = -EIO; break; } ret = 0; for ( i = 0; i <= 16*4; i += sizeof(u32) ) { - ret |= __get_user(tmp, (u32 *) (unsigned long) data); + ret |= __get_user(tmp, (u32 __user *)datap); putreg32(child, i, tmp); - data += sizeof(u32); + datap += sizeof(u32); } break; } case PTRACE_GETFPREGS: ret = -EIO; - if (!access_ok(VERIFY_READ, (void *)(u64)data, + if (!access_ok(VERIFY_READ, compat_ptr(data), sizeof(struct user_i387_struct))) break; - save_i387_ia32(child, (void *)(u64)data, childregs, 1); + save_i387_ia32(child, datap, childregs, 1); ret = 0; break; case PTRACE_SETFPREGS: ret = -EIO; - if (!access_ok(VERIFY_WRITE, (void *)(u64)data, + if (!access_ok(VERIFY_WRITE, datap, sizeof(struct user_i387_struct))) break; ret = 0; /* don't check EFAULT to be bug-to-bug compatible to i386 */ - restore_i387_ia32(child, (void *)(u64)data, 1); + restore_i387_ia32(child, datap, 1); break; case PTRACE_GETFPXREGS: { - struct user32_fxsr_struct *u = (void *)(u64)data; + struct user32_fxsr_struct __user *u = datap; init_fpu(child); ret = -EIO; if (!access_ok(VERIFY_WRITE, u, sizeof(*u))) @@ -348,7 +350,7 @@ break; } case PTRACE_SETFPXREGS: { - struct user32_fxsr_struct *u = (void *)(u64)data; + struct user32_fxsr_struct __user *u = datap; unlazy_fpu(child); ret = -EIO; if (!access_ok(VERIFY_READ, u, sizeof(*u))) diff -Nru a/arch/x86_64/ia32/sys_ia32.c b/arch/x86_64/ia32/sys_ia32.c --- a/arch/x86_64/ia32/sys_ia32.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/ia32/sys_ia32.c 2004-05-31 15:58:34 -07:00 @@ -76,9 +76,9 @@ #define A(__x) ((unsigned long)(__x)) #define AA(__x) ((unsigned long)(__x)) #define ROUND_UP(x,a) ((__typeof__(x))(((unsigned long)(x) + ((a) - 1)) & ~((a) - 1))) -#define NAME_OFFSET(de) ((int) ((de)->d_name - (char *) (de))) +#define NAME_OFFSET(de) ((int) ((de)->d_name - (char __user *) (de))) -int cp_compat_stat(struct kstat *kbuf, struct compat_stat *ubuf) +int cp_compat_stat(struct kstat *kbuf, struct compat_stat __user *ubuf) { typeof(ubuf->st_uid) uid = 0; typeof(ubuf->st_gid) gid = 0; @@ -110,7 +110,7 @@ } asmlinkage long -sys32_truncate64(char * filename, unsigned long offset_low, unsigned long offset_high) +sys32_truncate64(char __user * filename, unsigned long offset_low, unsigned long offset_high) { return sys_truncate(filename, ((loff_t) offset_high << 32) | offset_low); } @@ -125,7 +125,7 @@ support for 64bit inode numbers. */ static int -cp_stat64(struct stat64 *ubuf, struct kstat *stat) +cp_stat64(struct stat64 __user *ubuf, struct kstat *stat) { typeof(ubuf->st_uid) uid = 0; typeof(ubuf->st_gid) gid = 0; @@ -154,7 +154,7 @@ } asmlinkage long -sys32_stat64(char * filename, struct stat64 *statbuf) +sys32_stat64(char __user * filename, struct stat64 __user *statbuf) { struct kstat stat; int ret = vfs_stat(filename, &stat); @@ -164,7 +164,7 @@ } asmlinkage long -sys32_lstat64(char * filename, struct stat64 *statbuf) +sys32_lstat64(char __user * filename, struct stat64 __user *statbuf) { struct kstat stat; int ret = vfs_lstat(filename, &stat); @@ -174,7 +174,7 @@ } asmlinkage long -sys32_fstat64(unsigned int fd, struct stat64 *statbuf) +sys32_fstat64(unsigned int fd, struct stat64 __user *statbuf) { struct kstat stat; int ret = vfs_fstat(fd, &stat); @@ -199,7 +199,7 @@ }; asmlinkage long -sys32_mmap(struct mmap_arg_struct *arg) +sys32_mmap(struct mmap_arg_struct __user *arg) { struct mmap_arg_struct a; struct file *file = NULL; @@ -241,7 +241,7 @@ } asmlinkage long -sys32_pipe(int *fd) +sys32_pipe(int __user *fd) { int retval; int fds[2]; @@ -256,8 +256,8 @@ } asmlinkage long -sys32_rt_sigaction(int sig, struct sigaction32 *act, - struct sigaction32 *oact, unsigned int sigsetsize) +sys32_rt_sigaction(int sig, struct sigaction32 __user *act, + struct sigaction32 __user *oact, unsigned int sigsetsize) { struct k_sigaction new_ka, old_ka; int ret; @@ -321,7 +321,7 @@ } asmlinkage long -sys32_sigaction (int sig, struct old_sigaction32 *act, struct old_sigaction32 *oact) +sys32_sigaction (int sig, struct old_sigaction32 __user *act, struct old_sigaction32 __user *oact) { struct k_sigaction new_ka, old_ka; int ret; @@ -395,7 +395,7 @@ } static inline long -get_tv32(struct timeval *o, struct compat_timeval *i) +get_tv32(struct timeval *o, struct compat_timeval __user *i) { int err = -EFAULT; if (access_ok(VERIFY_READ, i, sizeof(*i))) { @@ -406,7 +406,7 @@ } static inline long -put_tv32(struct compat_timeval *o, struct timeval *i) +put_tv32(struct compat_timeval __user *o, struct timeval *i) { int err = -EFAULT; if (access_ok(VERIFY_WRITE, o, sizeof(*o))) { @@ -442,7 +442,7 @@ extern struct timezone sys_tz; asmlinkage long -sys32_gettimeofday(struct compat_timeval *tv, struct timezone *tz) +sys32_gettimeofday(struct compat_timeval __user *tv, struct timezone __user *tz) { if (tv) { struct timeval ktv; @@ -458,7 +458,7 @@ } asmlinkage long -sys32_settimeofday(struct compat_timeval *tv, struct timezone *tz) +sys32_settimeofday(struct compat_timeval __user *tv, struct timezone __user *tz) { struct timeval ktv; struct timespec kts; @@ -493,14 +493,14 @@ }; struct getdents32_callback { - struct linux32_dirent * current_dir; - struct linux32_dirent * previous; + struct linux32_dirent __user * current_dir; + struct linux32_dirent __user * previous; int count; int error; }; struct readdir32_callback { - struct old_linux32_dirent * dirent; + struct old_linux32_dirent __user * dirent; int count; }; @@ -508,7 +508,7 @@ filldir32 (void *__buf, const char *name, int namlen, loff_t offset, ino_t ino, unsigned int d_type) { - struct linux32_dirent * dirent; + struct linux32_dirent __user * dirent; struct getdents32_callback * buf = (struct getdents32_callback *) __buf; int reclen = ROUND_UP(NAME_OFFSET(dirent) + namlen + 2, 4); @@ -524,18 +524,18 @@ put_user(reclen, &dirent->d_reclen); copy_to_user(dirent->d_name, name, namlen); put_user(0, dirent->d_name + namlen); - put_user(d_type, (char *)dirent + reclen - 1); - dirent = ((void *)dirent) + reclen; + put_user(d_type, (char __user *)dirent + reclen - 1); + dirent = ((void __user *)dirent) + reclen; buf->current_dir = dirent; buf->count -= reclen; return 0; } asmlinkage long -sys32_getdents (unsigned int fd, void * dirent, unsigned int count) +sys32_getdents (unsigned int fd, void __user * dirent, unsigned int count) { struct file * file; - struct linux32_dirent * lastdirent; + struct linux32_dirent __user * lastdirent; struct getdents32_callback buf; int error; @@ -544,7 +544,7 @@ if (!file) goto out; - buf.current_dir = (struct linux32_dirent *) dirent; + buf.current_dir = (struct linux32_dirent __user *) dirent; buf.previous = NULL; buf.count = count; buf.error = 0; @@ -569,7 +569,7 @@ fillonedir32 (void * __buf, const char * name, int namlen, loff_t offset, ino_t ino, unsigned d_type) { struct readdir32_callback * buf = (struct readdir32_callback *) __buf; - struct old_linux32_dirent * dirent; + struct old_linux32_dirent __user * dirent; if (buf->count) return -EINVAL; @@ -584,7 +584,7 @@ } asmlinkage long -sys32_oldreaddir (unsigned int fd, void * dirent, unsigned int count) +sys32_oldreaddir (unsigned int fd, void __user * dirent, unsigned int count) { int error; struct file * file; @@ -615,7 +615,7 @@ }; asmlinkage long -sys32_old_select(struct sel_arg_struct *arg) +sys32_old_select(struct sel_arg_struct __user *arg) { struct sel_arg_struct a; @@ -630,7 +630,7 @@ * sys_gettimeofday(). x86-64 did this but i386 Linux did not * so we have to implement this system call here. */ -asmlinkage long sys32_time(int * tloc) +asmlinkage long sys32_time(int __user * tloc) { int i; struct timeval tv; @@ -693,7 +693,7 @@ }; asmlinkage long -sys32_sysinfo(struct sysinfo32 *info) +sys32_sysinfo(struct sysinfo32 __user *info) { struct sysinfo s; int ret; @@ -742,7 +742,7 @@ } asmlinkage long -sys32_sched_rr_get_interval(compat_pid_t pid, struct compat_timespec *interval) +sys32_sched_rr_get_interval(compat_pid_t pid, struct compat_timespec __user *interval) { struct timespec t; int ret; @@ -782,8 +782,8 @@ asmlinkage long -sys32_rt_sigtimedwait(compat_sigset_t *uthese, siginfo_t32 *uinfo, - struct compat_timespec *uts, compat_size_t sigsetsize) +sys32_rt_sigtimedwait(compat_sigset_t __user *uthese, siginfo_t32 __user *uinfo, + struct compat_timespec __user *uts, compat_size_t sigsetsize) { sigset_t s; compat_sigset_t s32; @@ -820,7 +820,7 @@ } asmlinkage long -sys32_rt_sigqueueinfo(int pid, int sig, siginfo_t32 *uinfo) +sys32_rt_sigqueueinfo(int pid, int sig, siginfo_t32 __user *uinfo) { siginfo_t info; int ret; @@ -856,7 +856,7 @@ asmlinkage long -sys32_sysctl(struct sysctl_ia32 *args32) +sys32_sysctl(struct sysctl_ia32 __user *args32) { #ifndef CONFIG_SYSCTL return -ENOSYS; @@ -906,14 +906,14 @@ /* warning: next two assume little endian */ asmlinkage long -sys32_pread(unsigned int fd, char *ubuf, u32 count, u32 poslo, u32 poshi) +sys32_pread(unsigned int fd, char __user *ubuf, u32 count, u32 poslo, u32 poshi) { return sys_pread64(fd, ubuf, count, ((loff_t)AA(poshi) << 32) | AA(poslo)); } asmlinkage long -sys32_pwrite(unsigned int fd, char *ubuf, u32 count, u32 poslo, u32 poshi) +sys32_pwrite(unsigned int fd, char __user *ubuf, u32 count, u32 poslo, u32 poshi) { return sys_pwrite64(fd, ubuf, count, ((loff_t)AA(poshi) << 32) | AA(poslo)); @@ -934,7 +934,7 @@ } asmlinkage long -sys32_sendfile(int out_fd, int in_fd, compat_off_t *offset, s32 count) +sys32_sendfile(int out_fd, int in_fd, compat_off_t __user *offset, s32 count) { mm_segment_t old_fs = get_fs(); int ret; @@ -971,7 +971,7 @@ extern int do_adjtimex(struct timex *); asmlinkage long -sys32_adjtimex(struct timex32 *utp) +sys32_adjtimex(struct timex32 __user *utp) { struct timex txc; int ret; @@ -1056,7 +1056,7 @@ return error; } -asmlinkage long sys32_olduname(struct oldold_utsname * name) +asmlinkage long sys32_olduname(struct oldold_utsname __user * name) { int error; @@ -1090,7 +1090,7 @@ return error; } -long sys32_uname(struct old_utsname * name) +long sys32_uname(struct old_utsname __user * name) { int err; if (!name) @@ -1124,7 +1124,7 @@ return ret; } -asmlinkage long sys32_execve(char *name, compat_uptr_t __user *argv, +asmlinkage long sys32_execve(char __user *name, compat_uptr_t __user *argv, compat_uptr_t __user *envp, struct pt_regs regs) { long error; @@ -1143,8 +1143,8 @@ asmlinkage long sys32_clone(unsigned int clone_flags, unsigned int newsp, struct pt_regs regs) { - void *parent_tid = (void *)regs.rdx; - void *child_tid = (void *)regs.rdi; + void __user *parent_tid = (void __user *)regs.rdx; + void __user *child_tid = (void __user *)regs.rdi; if (!newsp) newsp = regs.rsp; return do_fork(clone_flags & ~CLONE_IDLETASK, newsp, ®s, 0, @@ -1166,7 +1166,7 @@ } -long sys32_io_setup(unsigned nr_reqs, u32 *ctx32p) +long sys32_io_setup(unsigned nr_reqs, u32 __user *ctx32p) { long ret; aio_context_t ctx64; @@ -1181,7 +1181,7 @@ } asmlinkage long sys32_io_submit(aio_context_t ctx_id, int nr, - compat_uptr_t *iocbpp) + compat_uptr_t __user *iocbpp) { struct kioctx *ctx; long ret = 0; @@ -1201,7 +1201,8 @@ for (i=0; i 32bit use arch_prctl() */ -int do_set_thread_area(struct thread_struct *t, struct user_desc *u_info) +int do_set_thread_area(struct thread_struct *t, struct user_desc __user *u_info) { struct user_desc info; struct n_desc_struct *desc; @@ -75,7 +75,7 @@ return 0; } -asmlinkage long sys32_set_thread_area(struct user_desc *u_info) +asmlinkage long sys32_set_thread_area(struct user_desc __user *u_info) { return do_set_thread_area(¤t->thread, u_info); } @@ -102,7 +102,7 @@ #define GET_USEABLE(desc) (((desc)->b >> 20) & 1) #define GET_LONGMODE(desc) (((desc)->b >> 21) & 1) -int do_get_thread_area(struct thread_struct *t, struct user_desc *u_info) +int do_get_thread_area(struct thread_struct *t, struct user_desc __user *u_info) { struct user_desc info; struct n_desc_struct *desc; @@ -132,7 +132,7 @@ return 0; } -asmlinkage long sys32_get_thread_area(struct user_desc *u_info) +asmlinkage long sys32_get_thread_area(struct user_desc __user *u_info) { return do_get_thread_area(¤t->thread, u_info); } @@ -141,10 +141,11 @@ int ia32_child_tls(struct task_struct *p, struct pt_regs *childregs) { struct n_desc_struct *desc; - struct user_desc info, *cp; + struct user_desc info; + struct user_desc __user *cp; int idx; - cp = (void *)childregs->rsi; + cp = (void __user *)childregs->rsi; if (copy_from_user(&info, cp, sizeof(info))) return -EFAULT; if (LDT_empty(&info)) diff -Nru a/arch/x86_64/kernel/Makefile-HEAD b/arch/x86_64/kernel/Makefile-HEAD --- /dev/null Wed Dec 31 16:00:00 196900 +++ b/arch/x86_64/kernel/Makefile-HEAD 2004-05-31 15:58:34 -07:00 @@ -0,0 +1,38 @@ +# +# Makefile for the linux kernel. +# + +extra-y := head.o head64.o init_task.o vmlinux.lds.s +EXTRA_AFLAGS := -traditional +obj-y := process.o semaphore.o signal.o entry.o traps.o irq.o \ + ptrace.o i8259.o ioport.o ldt.o setup.o time.o sys_x86_64.o \ + x8664_ksyms.o i387.o syscall.o vsyscall.o \ + setup64.o bootflag.o e820.o reboot.o warmreboot.o +obj-y += mce.o + +obj-$(CONFIG_MTRR) += ../../i386/kernel/cpu/mtrr/ +obj-$(CONFIG_ACPI_BOOT) += acpi/ +obj-$(CONFIG_X86_MSR) += msr.o +obj-$(CONFIG_MICROCODE) += microcode.o +obj-$(CONFIG_X86_CPUID) += cpuid.o +obj-$(CONFIG_SMP) += smp.o smpboot.o trampoline.o +obj-$(CONFIG_X86_LOCAL_APIC) += apic.o nmi.o +obj-$(CONFIG_X86_IO_APIC) += io_apic.o mpparse.o +obj-$(CONFIG_PM) += suspend.o +obj-$(CONFIG_SOFTWARE_SUSPEND) += suspend_asm.o +obj-$(CONFIG_CPU_FREQ) += cpufreq/ +obj-$(CONFIG_EARLY_PRINTK) += early_printk.o +obj-$(CONFIG_GART_IOMMU) += pci-gart.o aperture.o +obj-$(CONFIG_DUMMY_IOMMU) += pci-nommu.o pci-dma.o +obj-$(CONFIG_SWIOTLB) += swiotlb.o +obj-$(CONFIG_SCHED_SMT) += domain.o + +obj-$(CONFIG_MODULES) += module.o + +obj-y += topology.o + +bootflag-y += ../../i386/kernel/bootflag.o +cpuid-$(subst m,y,$(CONFIG_X86_CPUID)) += ../../i386/kernel/cpuid.o +topology-y += ../../i386/mach-default/topology.o +swiotlb-$(CONFIG_SWIOTLB) += ../../ia64/lib/swiotlb.o +microcode-$(subst m,y,$(CONFIG_MICROCODE)) += ../../i386/kernel/microcode.o diff -Nru a/arch/x86_64/kernel/acpi/sleep.c b/arch/x86_64/kernel/acpi/sleep.c --- a/arch/x86_64/kernel/acpi/sleep.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/kernel/acpi/sleep.c 2004-05-31 15:58:34 -07:00 @@ -114,7 +114,7 @@ acpi_wakeup_address = (unsigned long)alloc_bootmem_low(PAGE_SIZE); if ((&wakeup_end - &wakeup_start) > PAGE_SIZE) printk(KERN_CRIT "ACPI: Wakeup code way too big, will crash on attempt to suspend\n"); - printk(KERN_DEBUG "ACPI: have wakeup address 0x%8.8lx\n", acpi_wakeup_address); + Dprintk(KERN_DEBUG "ACPI: have wakeup address 0x%8.8lx\n", acpi_wakeup_address); } static int __init acpi_sleep_setup(char *str) diff -Nru a/arch/x86_64/kernel/head.S b/arch/x86_64/kernel/head.S --- a/arch/x86_64/kernel/head.S 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/kernel/head.S 2004-05-31 15:58:34 -07:00 @@ -255,7 +255,7 @@ .org 0x5000 ENTRY(level2_kernel_pgt) - /* 40MB kernel mapping. The kernel code cannot be bigger than that. + /* 10MB kernel mapping. The kernel code cannot be bigger than that. When you change this change KERNEL_TEXT_SIZE in page.h too. */ /* (2^48-(2*1024*1024*1024)-((2^39)*511)-((2^30)*510)) = 0 */ .quad 0x0000000000000183 @@ -263,21 +263,8 @@ .quad 0x0000000000400183 .quad 0x0000000000600183 .quad 0x0000000000800183 - .quad 0x0000000000A00183 - .quad 0x0000000000C00183 - .quad 0x0000000000E00183 - .quad 0x0000000001000183 - .quad 0x0000000001200183 - .quad 0x0000000001400183 - .quad 0x0000000001600183 - .quad 0x0000000001800183 - .quad 0x0000000001A00183 - .quad 0x0000000001C00183 - .quad 0x0000000001E00183 - .quad 0x0000000002000183 - .quad 0x0000000002200183 - .quad 0x0000000002400183 - .quad 0x0000000002600183 + /* 10MB mapping for now to decrease the aliasing window */ + .fill 15,8,0 /* Module mapping starts here */ .fill 492,8,0 diff -Nru a/arch/x86_64/kernel/head64.c b/arch/x86_64/kernel/head64.c --- a/arch/x86_64/kernel/head64.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/kernel/head64.c 2004-05-31 15:58:34 -07:00 @@ -73,6 +73,8 @@ boot_cpu_data.x86_mask = eax & 0xf; } +extern char _end[]; + void __init x86_64_start_kernel(char * real_mode_data) { char *s; @@ -80,6 +82,9 @@ clear_bss(); pda_init(0); copy_bootdata(real_mode_data); +#ifdef CONFIG_SMP + cpu_set(0, cpu_online_map); +#endif /* default console: */ if (!strstr(saved_command_line, "console=")) strcat(saved_command_line, " console=tty0"); @@ -95,6 +100,10 @@ if (strstr(saved_command_line, "disableapic")) disable_apic = 1; #endif + /* You need early console to see that */ + if (__pa_symbol(&_end) >= KERNEL_TEXT_SIZE) + panic("Kernel too big for kernel mapping\n"); + setup_boot_cpu_data(); start_kernel(); } diff -Nru a/arch/x86_64/kernel/i387.c b/arch/x86_64/kernel/i387.c --- a/arch/x86_64/kernel/i387.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/kernel/i387.c 2004-05-31 15:58:34 -07:00 @@ -77,7 +77,7 @@ * Signal frame handlers. */ -int save_i387(struct _fpstate *buf) +int save_i387(struct _fpstate __user *buf) { struct task_struct *tsk = current; int err = 0; @@ -95,7 +95,7 @@ return 0; tsk->used_math = 0; /* trigger finit */ if (tsk->thread_info->status & TS_USEDFPU) { - err = save_i387_checking((struct i387_fxsave_struct *)buf); + err = save_i387_checking((struct i387_fxsave_struct __user *)buf); if (err) return err; stts(); } else { @@ -110,14 +110,14 @@ * ptrace request handlers. */ -int get_fpregs(struct user_i387_struct *buf, struct task_struct *tsk) +int get_fpregs(struct user_i387_struct __user *buf, struct task_struct *tsk) { init_fpu(tsk); - return __copy_to_user((void *)buf, &tsk->thread.i387.fxsave, + return __copy_to_user(buf, &tsk->thread.i387.fxsave, sizeof(struct user_i387_struct)) ? -EFAULT : 0; } -int set_fpregs(struct task_struct *tsk, struct user_i387_struct *buf) +int set_fpregs(struct task_struct *tsk, struct user_i387_struct __user *buf) { if (__copy_from_user(&tsk->thread.i387.fxsave, buf, sizeof(struct user_i387_struct))) diff -Nru a/arch/x86_64/kernel/ldt.c b/arch/x86_64/kernel/ldt.c --- a/arch/x86_64/kernel/ldt.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/kernel/ldt.c 2004-05-31 15:58:34 -07:00 @@ -125,7 +125,7 @@ } } -static int read_ldt(void * ptr, unsigned long bytecount) +static int read_ldt(void __user * ptr, unsigned long bytecount) { int err; unsigned long size; @@ -153,7 +153,7 @@ return bytecount; } -static int read_default_ldt(void * ptr, unsigned long bytecount) +static int read_default_ldt(void __user * ptr, unsigned long bytecount) { /* Arbitrary number */ /* x86-64 default LDT is all zeros */ @@ -164,7 +164,7 @@ return bytecount; } -static int write_ldt(void * ptr, unsigned long bytecount, int oldmode) +static int write_ldt(void __user * ptr, unsigned long bytecount, int oldmode) { struct task_struct *me = current; struct mm_struct * mm = me->mm; @@ -225,7 +225,7 @@ return error; } -asmlinkage int sys_modify_ldt(int func, void *ptr, unsigned long bytecount) +asmlinkage int sys_modify_ldt(int func, void __user *ptr, unsigned long bytecount) { int ret = -ENOSYS; diff -Nru a/arch/x86_64/kernel/mce.c b/arch/x86_64/kernel/mce.c --- a/arch/x86_64/kernel/mce.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/kernel/mce.c 2004-05-31 15:58:34 -07:00 @@ -26,7 +26,7 @@ static int mce_disabled __initdata; /* 0: always panic, 1: panic if deadlock possible, 2: try to avoid panic */ -static int tolerant = 2; +static int tolerant = 1; static int banks; static unsigned long bank[NR_BANKS] = { [0 ... NR_BANKS-1] = ~0UL }; @@ -96,7 +96,8 @@ int i; oops_begin(); for (i = 0; i < MCE_LOG_LEN; i++) { - if (mcelog.entry[i].tsc < start) + unsigned long tsc = mcelog.entry[i].tsc; + if (time_before(tsc, start)) continue; print_mce(&mcelog.entry[i]); if (mcelog.entry[i].tsc == backup->tsc) @@ -120,8 +121,8 @@ void do_machine_check(struct pt_regs * regs, long error_code) { - struct mce m; - int nowayout = 0; + struct mce m, panicm; + int nowayout = (tolerant < 1); int kill_it = 0; u64 mcestart; int i; @@ -149,12 +150,23 @@ for (i = 0; i < banks; i++) { if (!bank[i]) continue; + + /* Did this bank cause the exception? */ + /* XXX: check more flags */ + if ((m.status & MCI_STATUS_PCC)) { + panicm = m; + } else { + m.rip = 0; + m.cs = 0; + } + + m.misc = 0; + m.addr = 0; rdmsrl(MSR_IA32_MC0_STATUS + i*4, m.status); if ((m.status & MCI_STATUS_VAL) == 0) continue; - nowayout |= (tolerant < 1); nowayout |= !!(m.status & (MCI_STATUS_OVER|MCI_STATUS_PCC)); kill_it |= !!(m.status & MCI_STATUS_UC); m.bank = i; @@ -176,7 +188,10 @@ if (nowayout) mce_panic("Machine check", &m, mcestart); if (kill_it) { - int user_space = (m.rip && (m.cs & 3)); + int user_space = 0; + + if (m.mcgstatus & MCG_STATUS_RIPV) + user_space = m.rip && (m.cs & 3); /* When the machine was in user space and the CPU didn't get confused it's normally not necessary to panic, unless you @@ -187,7 +202,7 @@ it is best to just halt the machine. */ if ((!user_space && (panic_on_oops || tolerant < 2)) || (unsigned)current->pid <= 1) - mce_panic("Uncorrected machine check", &m, mcestart); + mce_panic("Uncorrected machine check", &panicm, mcestart); /* do_exit takes an awful lot of locks and has as slight risk of deadlocking. If you don't want that don't set tolerant >= 2 */ @@ -207,7 +222,7 @@ * Periodic polling timer for "silent" machine check errors. */ -static int check_interval = 3600; /* one hour */ +static int check_interval = 5 * 60; /* 5 minutes */ static void mcheck_timer(void *data); static DECLARE_WORK(mcheck_work, mcheck_timer, NULL); diff -Nru a/arch/x86_64/kernel/mpparse.c b/arch/x86_64/kernel/mpparse.c --- a/arch/x86_64/kernel/mpparse.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/kernel/mpparse.c 2004-05-31 15:58:34 -07:00 @@ -575,6 +575,7 @@ extern void __bad_mpf_size(void); unsigned int *bp = phys_to_virt(base); struct intel_mp_floating *mpf; + static int printed __initdata; Dprintk("Scan SMP from %p for %ld bytes.\n", bp,length); if (sizeof(*mpf) != 16) @@ -598,7 +599,10 @@ bp += 4; length -= 16; } - printk(KERN_INFO "No mptable found.\n"); + if (!printed) { + printk(KERN_INFO "No mptable found.\n"); + printed = 1; + } return 0; } diff -Nru a/arch/x86_64/kernel/msr.c b/arch/x86_64/kernel/msr.c --- a/arch/x86_64/kernel/msr.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/kernel/msr.c 2004-05-31 15:58:34 -07:00 @@ -241,7 +241,7 @@ int cpu = iminor(file->f_dentry->d_inode); struct cpuinfo_x86 *c = &(cpu_data)[cpu]; - if (!cpu_online(cpu)) + if (cpu >= NR_CPUS || !cpu_online(cpu)) return -ENXIO; /* No such CPU */ if ( !cpu_has(c, X86_FEATURE_MSR) ) return -EIO; /* MSR not supported */ diff -Nru a/arch/x86_64/kernel/process.c b/arch/x86_64/kernel/process.c --- a/arch/x86_64/kernel/process.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/kernel/process.c 2004-05-31 15:58:34 -07:00 @@ -521,7 +521,8 @@ * sys_execve() executes a new program. */ asmlinkage -long sys_execve(char *name, char **argv,char **envp, struct pt_regs regs) +long sys_execve(char __user *name, char __user * __user *argv, + char __user * __user *envp, struct pt_regs regs) { long error; char * filename; @@ -550,7 +551,7 @@ return do_fork(SIGCHLD, regs.rsp, ®s, 0, NULL, NULL); } -asmlinkage long sys_clone(unsigned long clone_flags, unsigned long newsp, void *parent_tid, void *child_tid, struct pt_regs regs) +asmlinkage long sys_clone(unsigned long clone_flags, unsigned long newsp, void __user *parent_tid, void __user *child_tid, struct pt_regs regs) { if (!newsp) newsp = regs.rsp; @@ -664,7 +665,7 @@ rdmsrl(MSR_FS_BASE, base); } else base = task->thread.fs; - ret = put_user(base, (unsigned long *)addr); + ret = put_user(base, (unsigned long __user *)addr); break; } case ARCH_GET_GS: { @@ -675,7 +676,7 @@ rdmsrl(MSR_KERNEL_GS_BASE, base); } else base = task->thread.gs; - ret = put_user(base, (unsigned long *)addr); + ret = put_user(base, (unsigned long __user *)addr); break; } diff -Nru a/arch/x86_64/kernel/ptrace.c b/arch/x86_64/kernel/ptrace.c --- a/arch/x86_64/kernel/ptrace.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/kernel/ptrace.c 2004-05-31 15:58:34 -07:00 @@ -232,7 +232,7 @@ ret = -EIO; if (copied != sizeof(tmp)) break; - ret = put_user(tmp,(unsigned long *) data); + ret = put_user(tmp,(unsigned long __user *) data); break; } @@ -271,7 +271,7 @@ tmp = 0; break; } - ret = put_user(tmp,(unsigned long *) data); + ret = put_user(tmp,(unsigned long __user *) data); break; } @@ -360,19 +360,20 @@ don't use it against 64bit processes, use PTRACE_ARCH_PRCTL instead. */ case PTRACE_SET_THREAD_AREA: { + struct user_desc __user *p; int old; - get_user(old, &((struct user_desc *)data)->entry_number); - put_user(addr, &((struct user_desc *)data)->entry_number); - ret = do_set_thread_area(&child->thread, - (struct user_desc *)data); - put_user(old, &((struct user_desc *)data)->entry_number); + p = (struct user_desc __user *)data; + get_user(old, &p->entry_number); + put_user(addr, &p->entry_number); + ret = do_set_thread_area(&child->thread, p); + put_user(old, &p->entry_number); break; case PTRACE_GET_THREAD_AREA: - get_user(old, &((struct user_desc *)data)->entry_number); - put_user(addr, &((struct user_desc *)data)->entry_number); - ret = do_get_thread_area(&child->thread, - (struct user_desc *)data); - put_user(old, &((struct user_desc *)data)->entry_number); + p = (struct user_desc __user *)data; + get_user(old, &p->entry_number); + put_user(addr, &p->entry_number); + ret = do_get_thread_area(&child->thread, p); + put_user(old, &p->entry_number); break; } #endif @@ -428,12 +429,12 @@ break; case PTRACE_GETREGS: { /* Get all gp regs from the child. */ - if (!access_ok(VERIFY_WRITE, (unsigned *)data, FRAME_SIZE)) { + if (!access_ok(VERIFY_WRITE, (unsigned __user *)data, FRAME_SIZE)) { ret = -EIO; break; } for (ui = 0; ui < sizeof(struct user_regs_struct); ui += sizeof(long)) { - __put_user(getreg(child, ui),(unsigned long *) data); + __put_user(getreg(child, ui),(unsigned long __user *) data); data += sizeof(long); } ret = 0; @@ -442,12 +443,12 @@ case PTRACE_SETREGS: { /* Set all gp regs in the child. */ unsigned long tmp; - if (!access_ok(VERIFY_READ, (unsigned *)data, FRAME_SIZE)) { + if (!access_ok(VERIFY_READ, (unsigned __user *)data, FRAME_SIZE)) { ret = -EIO; break; } for (ui = 0; ui < sizeof(struct user_regs_struct); ui += sizeof(long)) { - __get_user(tmp, (unsigned long *) data); + __get_user(tmp, (unsigned long __user *) data); putreg(child, ui, tmp); data += sizeof(long); } @@ -456,23 +457,23 @@ } case PTRACE_GETFPREGS: { /* Get the child extended FPU state. */ - if (!access_ok(VERIFY_WRITE, (unsigned *)data, + if (!access_ok(VERIFY_WRITE, (unsigned __user *)data, sizeof(struct user_i387_struct))) { ret = -EIO; break; } - ret = get_fpregs((struct user_i387_struct *)data, child); + ret = get_fpregs((struct user_i387_struct __user *)data, child); break; } case PTRACE_SETFPREGS: { /* Set the child extended FPU state. */ - if (!access_ok(VERIFY_READ, (unsigned *)data, + if (!access_ok(VERIFY_READ, (unsigned __user *)data, sizeof(struct user_i387_struct))) { ret = -EIO; break; } child->used_math = 1; - ret = set_fpregs(child, (struct user_i387_struct *)data); + ret = set_fpregs(child, (struct user_i387_struct __user *)data); break; } diff -Nru a/arch/x86_64/kernel/setup.c b/arch/x86_64/kernel/setup.c --- a/arch/x86_64/kernel/setup.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/kernel/setup.c 2004-05-31 15:58:34 -07:00 @@ -909,7 +909,7 @@ c->x86_model += ((tfms >> 16) & 0xF) << 4; } if (c->x86_capability[0] & (1<<19)) - c->x86_clflush_size = ((misc >> 8) & 0xff) * 8; + c->x86_clflush_size = ((misc >> 8) & 0xff) * 8; } else { /* Have CPUID level 0 only - unheard of */ c->x86 = 4; @@ -967,7 +967,7 @@ display_cacheinfo(c); break; } - + select_idle_routine(c); detect_ht(c); diff -Nru a/arch/x86_64/kernel/setup64.c b/arch/x86_64/kernel/setup64.c --- a/arch/x86_64/kernel/setup64.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/kernel/setup64.c 2004-05-31 15:58:34 -07:00 @@ -39,7 +39,7 @@ extern struct desc_ptr cpu_gdt_descr[]; struct desc_ptr idt_descr = { 256 * 16, (unsigned long) idt_table }; -char boot_cpu_stack[IRQSTACKSIZE] __cacheline_aligned; +char boot_cpu_stack[IRQSTACKSIZE] __attribute__((section(".bss.page_aligned"))); unsigned long __supported_pte_mask = ~0UL; static int do_not_nx __initdata = 0; @@ -190,7 +190,8 @@ pda->irqstackptr += IRQSTACKSIZE-64; } -char boot_exception_stacks[N_EXCEPTION_STACKS * EXCEPTION_STKSZ]; +char boot_exception_stacks[N_EXCEPTION_STACKS * EXCEPTION_STKSZ] +__attribute__((section(".bss.page_aligned"))); void __init syscall_init(void) { diff -Nru a/arch/x86_64/kernel/signal.c b/arch/x86_64/kernel/signal.c --- a/arch/x86_64/kernel/signal.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/kernel/signal.c 2004-05-31 15:58:34 -07:00 @@ -40,7 +40,7 @@ sigset_t *set, struct pt_regs * regs); asmlinkage long -sys_rt_sigsuspend(sigset_t *unewset, size_t sigsetsize, struct pt_regs regs) +sys_rt_sigsuspend(sigset_t __user *unewset, size_t sigsetsize, struct pt_regs regs) { sigset_t saveset, newset; @@ -57,7 +57,7 @@ current->blocked = newset; recalc_sigpending(); spin_unlock_irq(¤t->sighand->siglock); -#if DEBUG_SIG +#ifdef DEBUG_SIG printk("rt_sigsuspend savset(%lx) newset(%lx) regs(%p) rip(%lx)\n", saveset, newset, ®s, regs.rip); #endif @@ -71,7 +71,7 @@ } asmlinkage long -sys_sigaltstack(const stack_t *uss, stack_t *uoss, struct pt_regs regs) +sys_sigaltstack(const stack_t __user *uss, stack_t __user *uoss, struct pt_regs regs) { return do_sigaltstack(uss, uoss, regs.rsp); } @@ -89,7 +89,7 @@ }; static int -restore_sigcontext(struct pt_regs *regs, struct sigcontext *sc, unsigned long *prax) +restore_sigcontext(struct pt_regs *regs, struct sigcontext __user *sc, unsigned long *prax) { unsigned int err = 0; @@ -117,7 +117,7 @@ } { - struct _fpstate * buf; + struct _fpstate __user * buf; err |= __get_user(buf, &sc->fpstate); if (buf) { @@ -136,10 +136,11 @@ asmlinkage long sys_rt_sigreturn(struct pt_regs regs) { - struct rt_sigframe *frame = (struct rt_sigframe *)(regs.rsp - 8); + struct rt_sigframe __user *frame; sigset_t set; long eax; + frame = (struct rt_sigframe __user *)(regs.rsp - 8); if (verify_area(VERIFY_READ, frame, sizeof(*frame))) { goto badframe; } @@ -157,7 +158,7 @@ goto badframe; } -#if DEBUG_SIG +#ifdef DEBUG_SIG printk("%d sigreturn rip:%lx rsp:%lx frame:%p rax:%lx\n",current->pid,regs.rip,regs.rsp,frame,eax); #endif @@ -176,7 +177,7 @@ */ static inline int -setup_sigcontext(struct sigcontext *sc, struct pt_regs *regs, unsigned long mask, struct task_struct *me) +setup_sigcontext(struct sigcontext __user *sc, struct pt_regs *regs, unsigned long mask, struct task_struct *me) { int err = 0; @@ -213,7 +214,7 @@ * Determine which stack to use.. */ -static void * +static void __user * get_stack(struct k_sigaction *ka, struct pt_regs *regs, unsigned long size) { unsigned long rsp; @@ -228,20 +229,20 @@ rsp = current->sas_ss_sp + current->sas_ss_size; } - return (void *)round_down(rsp - size, 16); + return (void __user *)round_down(rsp - size, 16); } static void setup_rt_frame(int sig, struct k_sigaction *ka, siginfo_t *info, sigset_t *set, struct pt_regs * regs) { - struct rt_sigframe *frame; - struct _fpstate *fp = NULL; + struct rt_sigframe __user *frame; + struct _fpstate __user *fp = NULL; int err = 0; struct task_struct *me = current; if (me->used_math) { fp = get_stack(ka, regs, sizeof(struct _fpstate)); - frame = (void *)round_down((u64)fp - sizeof(struct rt_sigframe), 16) - 8; + frame = (void __user *)round_down((u64)fp - sizeof(struct rt_sigframe), 16) - 8; if (!access_ok(VERIFY_WRITE, fp, sizeof(struct _fpstate))) { goto give_sigsegv; @@ -294,7 +295,7 @@ goto give_sigsegv; } -#if DEBUG_SIG +#ifdef DEBUG_SIG printk("%d old rip %lx old rsp %lx old rax %lx\n", current->pid,regs->rip,regs->rsp,regs->rax); #endif @@ -319,7 +320,7 @@ set_fs(USER_DS); regs->eflags &= ~TF_MASK; -#if DEBUG_SIG +#ifdef DEBUG_SIG printk("SIG deliver (%s:%d): sp=%p pc=%p ra=%p\n", current->comm, current->pid, frame, regs->rip, frame->pretcode); #endif @@ -342,7 +343,7 @@ { struct k_sigaction *ka = ¤t->sighand->action[sig-1]; -#if DEBUG_SIG +#ifdef DEBUG_SIG printk("handle_signal pid:%d sig:%lu rip:%lx rsp:%lx regs=%p\n", current->pid, sig, regs->rip, regs->rsp, regs); #endif @@ -454,7 +455,7 @@ void do_notify_resume(struct pt_regs *regs, sigset_t *oldset, __u32 thread_info_flags) { -#if DEBUG_SIG +#ifdef DEBUG_SIG printk("do_notify_resume flags:%x rip:%lx rsp:%lx caller:%lx pending:%lx\n", thread_info_flags, regs->rip, regs->rsp, __builtin_return_address(0),signal_pending(current)); #endif @@ -470,7 +471,7 @@ do_signal(regs,oldset); } -void signal_fault(struct pt_regs *regs, void *frame, char *where) +void signal_fault(struct pt_regs *regs, void __user *frame, char *where) { struct task_struct *me = current; if (exception_trace) diff -Nru a/arch/x86_64/kernel/smpboot.c b/arch/x86_64/kernel/smpboot.c --- a/arch/x86_64/kernel/smpboot.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/kernel/smpboot.c 2004-05-31 15:58:34 -07:00 @@ -895,15 +895,17 @@ cpu_set(i, cpu_sibling_map[cpu]); } } - } else { + } else { siblings++; cpu_set(cpu, cpu_sibling_map[cpu]); } - if (siblings != smp_num_siblings) - printk(KERN_WARNING - "WARNING: %d siblings found for CPU%d, should be %d\n", + if (siblings != smp_num_siblings) { + printk(KERN_WARNING + "WARNING: %d siblings found for CPU%d, should be %d\n", siblings, cpu, smp_num_siblings); + smp_num_siblings = siblings; + } } Dprintk("Boot done.\n"); diff -Nru a/arch/x86_64/kernel/sys_x86_64.c b/arch/x86_64/kernel/sys_x86_64.c --- a/arch/x86_64/kernel/sys_x86_64.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/kernel/sys_x86_64.c 2004-05-31 15:58:34 -07:00 @@ -25,7 +25,7 @@ * sys_pipe() is the normal C calling standard for creating * a pipe. It's not the way Unix traditionally does this, though. */ -asmlinkage long sys_pipe(int *fildes) +asmlinkage long sys_pipe(int __user *fildes) { int fd[2]; int error; @@ -142,7 +142,7 @@ } } -asmlinkage long sys_uname(struct new_utsname * name) +asmlinkage long sys_uname(struct new_utsname __user * name) { int err; down_read(&uts_sem); @@ -153,13 +153,13 @@ return err ? -EFAULT : 0; } -asmlinkage long wrap_sys_shmat(int shmid, char *shmaddr, int shmflg) +asmlinkage long wrap_sys_shmat(int shmid, char __user *shmaddr, int shmflg) { unsigned long raddr; return do_shmat(shmid,shmaddr,shmflg,&raddr) ?: (long)raddr; } -asmlinkage long sys_time64(long * tloc) +asmlinkage long sys_time64(long __user * tloc) { struct timeval now; int i; diff -Nru a/arch/x86_64/kernel/vmlinux.lds.S b/arch/x86_64/kernel/vmlinux.lds.S --- a/arch/x86_64/kernel/vmlinux.lds.S 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/kernel/vmlinux.lds.S 2004-05-31 15:58:34 -07:00 @@ -39,6 +39,7 @@ __bss_start = .; /* BSS */ .bss : { + *(.bss.page_aligned) *(.bss) } __bss_end = .; @@ -75,8 +76,8 @@ . = ALIGN(8192); /* init_task */ .data.init_task : { *(.data.init_task) } - . = ALIGN(4096); - .data.boot_pgt : { *(.data.boot_pgt) } + . = ALIGN(4096); + .data.page_aligned : { *(.data.page_aligned) } . = ALIGN(4096); /* Init code and data */ __init_begin = .; diff -Nru a/arch/x86_64/kernel/x8664_ksyms.c b/arch/x86_64/kernel/x8664_ksyms.c --- a/arch/x86_64/kernel/x8664_ksyms.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/kernel/x8664_ksyms.c 2004-05-31 15:58:34 -07:00 @@ -219,6 +219,3 @@ #endif EXPORT_SYMBOL(sys_ioctl); - -EXPORT_SYMBOL(memcpy_toio); -EXPORT_SYMBOL(memcpy_fromio); diff -Nru a/arch/x86_64/lib/Makefile b/arch/x86_64/lib/Makefile --- a/arch/x86_64/lib/Makefile 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/lib/Makefile 2004-05-31 15:58:34 -07:00 @@ -4,9 +4,11 @@ CFLAGS_csum-partial.o := -funroll-loops +obj-y := io.o + lib-y := csum-partial.o csum-copy.o csum-wrappers.o delay.o \ usercopy.o getuser.o putuser.o \ - thunk.o io.o clear_page.o copy_page.o bitstr.o + thunk.o clear_page.o copy_page.o bitstr.o lib-y += memcpy.o memmove.o memset.o copy_user.o lib-$(CONFIG_HAVE_DEC_LOCK) += dec_and_lock.o diff -Nru a/arch/x86_64/lib/csum-wrappers.c b/arch/x86_64/lib/csum-wrappers.c --- a/arch/x86_64/lib/csum-wrappers.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/lib/csum-wrappers.c 2004-05-31 15:58:34 -07:00 @@ -19,7 +19,7 @@ * src and dst are best aligned to 64bits. */ unsigned int -csum_partial_copy_from_user(const char *src, char *dst, +csum_partial_copy_from_user(const char __user *src, char *dst, int len, unsigned int isum, int *errp) { *errp = 0; @@ -33,7 +33,7 @@ if (unlikely((unsigned long)src & 6)) { while (((unsigned long)src & 6) && len >= 2) { __u16 val16; - *errp = __get_user(val16, (__u16 *)src); + *errp = __get_user(val16, (__u16 __user *)src); if (*errp) return isum; *(__u16 *)dst = val16; @@ -43,7 +43,7 @@ len -= 2; } } - isum = csum_partial_copy_generic(src,dst,len,isum,errp,NULL); + isum = csum_partial_copy_generic((void *)src,dst,len,isum,errp,NULL); if (likely(*errp == 0)) return isum; } @@ -66,7 +66,7 @@ * src and dst are best aligned to 64bits. */ unsigned int -csum_partial_copy_to_user(const char *src, char *dst, +csum_partial_copy_to_user(const char *src, char __user *dst, int len, unsigned int isum, int *errp) { if (unlikely(!access_ok(VERIFY_WRITE, dst, len))) { @@ -78,7 +78,7 @@ while (((unsigned long)dst & 6) && len >= 2) { __u16 val16 = *(__u16 *)src; isum = add32_with_carry(isum, val16); - *errp = __put_user(val16, (__u16 *)dst); + *errp = __put_user(val16, (__u16 __user *)dst); if (*errp) return isum; src += 2; @@ -88,7 +88,7 @@ } *errp = 0; - return csum_partial_copy_generic(src,dst,len,isum,NULL,errp); + return csum_partial_copy_generic(src, (void *)dst,len,isum,NULL,errp); } EXPORT_SYMBOL(csum_partial_copy_to_user); diff -Nru a/arch/x86_64/lib/io.c b/arch/x86_64/lib/io.c --- a/arch/x86_64/lib/io.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/lib/io.c 2004-05-31 15:58:34 -07:00 @@ -2,12 +2,14 @@ #include #include -void *memcpy_toio(void *dst,const void*src,unsigned len) +void *__memcpy_toio(unsigned long dst,const void*src,unsigned len) { - return __inline_memcpy(dst,src,len); + return __inline_memcpy((void *) dst,src,len); } +EXPORT_SYMBOL(__memcpy_toio); -void *memcpy_fromio(void *dst,const void*src,unsigned len) +void *__memcpy_fromio(void *dst,unsigned long src,unsigned len) { - return __inline_memcpy(dst,src,len); + return __inline_memcpy(dst,(const void *) src,len); } +EXPORT_SYMBOL(__memcpy_fromio); diff -Nru a/arch/x86_64/lib/usercopy.c b/arch/x86_64/lib/usercopy.c --- a/arch/x86_64/lib/usercopy.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/lib/usercopy.c 2004-05-31 15:58:34 -07:00 @@ -40,7 +40,7 @@ } while (0) long -__strncpy_from_user(char *dst, const char *src, long count) +__strncpy_from_user(char *dst, const char __user *src, long count) { long res; __do_strncpy_from_user(dst, src, count, res); @@ -48,7 +48,7 @@ } long -strncpy_from_user(char *dst, const char *src, long count) +strncpy_from_user(char *dst, const char __user *src, long count) { long res = -EFAULT; if (access_ok(VERIFY_READ, src, 1)) @@ -60,7 +60,7 @@ * Zero Userspace */ -unsigned long __clear_user(void *addr, unsigned long size) +unsigned long __clear_user(void __user *addr, unsigned long size) { long __d0; /* no memory constraint because it doesn't change any memory gcc knows @@ -94,7 +94,7 @@ } -unsigned long clear_user(void *to, unsigned long n) +unsigned long clear_user(void __user *to, unsigned long n) { if (access_ok(VERIFY_WRITE, to, n)) return __clear_user(to, n); @@ -107,7 +107,7 @@ * Return 0 on exception, a value greater than N if too long */ -long strnlen_user(const char *s, long n) +long strnlen_user(const char __user *s, long n) { long res = 0; char c; @@ -127,7 +127,7 @@ } } -long strlen_user(const char *s) +long strlen_user(const char __user *s) { long res = 0; char c; @@ -142,10 +142,10 @@ } } -unsigned long copy_in_user(void *to, const void *from, unsigned len) +unsigned long copy_in_user(void __user *to, const void __user *from, unsigned len) { if (access_ok(VERIFY_WRITE, to, len) && access_ok(VERIFY_READ, from, len)) { - return copy_user_generic(to, from, len); + return copy_user_generic((void *)to, (void *)from, len); } return len; } diff -Nru a/arch/x86_64/mm/init.c b/arch/x86_64/mm/init.c --- a/arch/x86_64/mm/init.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/mm/init.c 2004-05-31 15:58:34 -07:00 @@ -512,9 +512,7 @@ /* Should check here against the e820 map to avoid double free */ #ifdef CONFIG_DISCONTIGMEM int nid = phys_to_nid(phys); - if (phys < HIGH_MEMORY && nid) - panic("reserve of %lx at node %d", phys, nid); - reserve_bootmem_node(NODE_DATA(nid), phys, len); + reserve_bootmem_node(NODE_DATA(nid), phys, len); #else reserve_bootmem(phys, len); #endif diff -Nru a/arch/x86_64/mm/pageattr.c b/arch/x86_64/mm/pageattr.c --- a/arch/x86_64/mm/pageattr.c 2004-05-31 15:58:34 -07:00 +++ b/arch/x86_64/mm/pageattr.c 2004-05-31 15:58:34 -07:00 @@ -96,8 +96,7 @@ * No more special protections in this 2/4MB area - revert to a * large page again. */ -static void revert_page(struct page *kpte_page, unsigned long address, - pgprot_t ref_prot) +static void revert_page(unsigned long address, pgprot_t ref_prot) { pgd_t *pgd; pmd_t *pmd; @@ -145,7 +144,7 @@ if (page_count(kpte_page) == 1) { save_page(address, kpte_page); - revert_page(kpte_page, address, ref_prot); + revert_page(address, ref_prot); } return 0; } @@ -176,7 +175,8 @@ break; /* Handle kernel mapping too which aliases part of the * lowmem */ - if (page_to_phys(page) < KERNEL_TEXT_SIZE) { + /* Disabled right now. Fixme */ + if (0 && page_to_phys(page) < KERNEL_TEXT_SIZE) { unsigned long addr2; addr2 = __START_KERNEL_map + page_to_phys(page); err = __change_page_attr(addr2, page, prot, diff -Nru a/drivers/acpi/asus_acpi.c b/drivers/acpi/asus_acpi.c --- a/drivers/acpi/asus_acpi.c 2004-05-31 15:58:34 -07:00 +++ b/drivers/acpi/asus_acpi.c 2004-05-31 15:58:34 -07:00 @@ -40,6 +40,7 @@ #include #include #include +#include #define ASUS_ACPI_VERSION "0.28" @@ -480,16 +481,31 @@ return (hotk->status & ledmask) ? 1 : 0; } +static int parse_arg(const char __user *buf, unsigned long count, int *val) +{ + char s[32]; + if (!count) + return 0; + if (count > 31) + return -EINVAL; + if (copy_from_user(s, buf, count)) + return -EFAULT; + s[count] = 0; + if (sscanf(s, "%i", val) != 1) + return -EINVAL; + return count; +} /* FIXME: kill extraneous args so it can be called independently */ static int -write_led(const char *buffer, unsigned long count, struct asus_hotk *hotk, +write_led(const char __user *buffer, unsigned long count, struct asus_hotk *hotk, char *ledname, int ledmask, int invert) { int value; int led_out = 0; - if (sscanf(buffer, "%i", &value) == 1) + count = parse_arg(buffer, count, &value); + if (count > 0) led_out = value ? 1 : 0; hotk->status = @@ -518,7 +534,7 @@ static int -proc_write_mled(struct file *file, const char *buffer, +proc_write_mled(struct file *file, const char __user *buffer, unsigned long count, void *data) { struct asus_hotk *hotk = (struct asus_hotk *) data; @@ -537,7 +553,7 @@ } static int -proc_write_wled(struct file *file, const char *buffer, +proc_write_wled(struct file *file, const char __user *buffer, unsigned long count, void *data) { struct asus_hotk *hotk = (struct asus_hotk *) data; @@ -556,7 +572,7 @@ } static int -proc_write_tled(struct file *file, const char *buffer, +proc_write_tled(struct file *file, const char __user *buffer, unsigned long count, void *data) { struct asus_hotk *hotk = (struct asus_hotk *) data; @@ -640,13 +656,14 @@ static int -proc_write_lcd(struct file *file, const char *buffer, +proc_write_lcd(struct file *file, const char __user *buffer, unsigned long count, void *data) { int value; struct asus_hotk *hotk = (struct asus_hotk *) data; - if (sscanf(buffer, "%i", &value) == 1) + count = parse_arg(buffer, count, &value); + if (count > 0) set_lcd_state(hotk, value); return count; } @@ -707,17 +724,18 @@ } static int -proc_write_brn(struct file *file, const char *buffer, +proc_write_brn(struct file *file, const char __user *buffer, unsigned long count, void *data) { int value; struct asus_hotk *hotk = (struct asus_hotk *) data; - if (sscanf(buffer, "%d", &value) == 1) { + count = parse_arg(buffer, count, &value); + if (count > 0) { value = (0 < value) ? ((15 < value) ? 15 : value) : 0; /* 0 <= value <= 15 */ set_brightness(value, hotk); - } else { + } else if (count < 0) { printk(KERN_WARNING "Asus ACPI: Error reading user input\n"); } @@ -756,17 +774,17 @@ * simultaneously, so be warned. See the acpi4asus README for more info. */ static int -proc_write_disp(struct file *file, const char *buffer, +proc_write_disp(struct file *file, const char __user *buffer, unsigned long count, void *data) { int value; struct asus_hotk *hotk = (struct asus_hotk *) data; - if (sscanf(buffer, "%d", &value) == 1) + count = parse_arg(buffer, count, &value); + if (count > 0) set_display(value, hotk); - else { + else if (count < 0) printk(KERN_WARNING "Asus ACPI: Error reading user input\n"); - } return count; } @@ -774,7 +792,7 @@ typedef int (proc_readfunc)(char *page, char **start, off_t off, int count, int *eof, void *data); -typedef int (proc_writefunc)(struct file *file, const char *buffer, +typedef int (proc_writefunc)(struct file *file, const char __user *buffer, unsigned long count, void *data); static int diff -Nru a/drivers/char/consolemap.c b/drivers/char/consolemap.c --- a/drivers/char/consolemap.c 2004-05-31 15:58:34 -07:00 +++ b/drivers/char/consolemap.c 2004-05-31 15:58:34 -07:00 @@ -257,12 +257,12 @@ * 0xf000-0xf0ff "transparent" Unicodes) whereas the "new" variants set * Unicodes explicitly. */ -int con_set_trans_old(unsigned char * arg) +int con_set_trans_old(unsigned char __user * arg) { int i; unsigned short *p = translations[USER_MAP]; - i = verify_area(VERIFY_READ, (void *)arg, E_TABSZ); + i = verify_area(VERIFY_READ, arg, E_TABSZ); if (i) return i; @@ -276,12 +276,12 @@ return 0; } -int con_get_trans_old(unsigned char * arg) +int con_get_trans_old(unsigned char __user * arg) { int i, ch; unsigned short *p = translations[USER_MAP]; - i = verify_area(VERIFY_WRITE, (void *)arg, E_TABSZ); + i = verify_area(VERIFY_WRITE, arg, E_TABSZ); if (i) return i; @@ -293,13 +293,12 @@ return 0; } -int con_set_trans_new(ushort * arg) +int con_set_trans_new(ushort __user * arg) { int i; unsigned short *p = translations[USER_MAP]; - i = verify_area(VERIFY_READ, (void *)arg, - E_TABSZ*sizeof(unsigned short)); + i = verify_area(VERIFY_READ, arg, E_TABSZ*sizeof(unsigned short)); if (i) return i; @@ -313,13 +312,12 @@ return 0; } -int con_get_trans_new(ushort * arg) +int con_get_trans_new(ushort __user * arg) { int i; unsigned short *p = translations[USER_MAP]; - i = verify_area(VERIFY_WRITE, (void *)arg, - E_TABSZ*sizeof(unsigned short)); + i = verify_area(VERIFY_WRITE, arg, E_TABSZ*sizeof(unsigned short)); if (i) return i; @@ -470,7 +468,7 @@ } int -con_set_unimap(int con, ushort ct, struct unipair *list) +con_set_unimap(int con, ushort ct, struct unipair __user *list) { int err = 0, err1, i; struct uni_pagedir *p, *q; @@ -598,7 +596,7 @@ } int -con_get_unimap(int con, ushort ct, ushort *uct, struct unipair *list) +con_get_unimap(int con, ushort ct, ushort __user *uct, struct unipair __user *list) { int i, j, k, ect; u16 **p1, *p2; diff -Nru a/drivers/char/n_tty.c b/drivers/char/n_tty.c --- a/drivers/char/n_tty.c 2004-05-31 15:58:34 -07:00 +++ b/drivers/char/n_tty.c 2004-05-31 15:58:34 -07:00 @@ -249,7 +249,7 @@ * things. */ static ssize_t opost_block(struct tty_struct * tty, - const unsigned char * inbuf, unsigned int nr) + const unsigned char __user * inbuf, unsigned int nr) { char buf[80]; int space; @@ -946,7 +946,7 @@ * the buffer to head pointer. */ static inline int copy_from_read_buf(struct tty_struct *tty, - unsigned char **b, + unsigned char __user **b, size_t *nr) { @@ -976,9 +976,9 @@ extern ssize_t redirected_tty_write(struct file *,const char *,size_t,loff_t *); static ssize_t read_chan(struct tty_struct *tty, struct file *file, - unsigned char *buf, size_t nr) + unsigned char __user *buf, size_t nr) { - unsigned char *b = buf; + unsigned char __user *b = buf; DECLARE_WAITQUEUE(wait, current); int c; int minimum, time; @@ -1183,9 +1183,9 @@ } static ssize_t write_chan(struct tty_struct * tty, struct file * file, - const unsigned char * buf, size_t nr) + const unsigned char __user * buf, size_t nr) { - const unsigned char *b = buf; + const unsigned char __user *b = buf; DECLARE_WAITQUEUE(wait, current); int c; ssize_t retval = 0; diff -Nru a/drivers/char/selection.c b/drivers/char/selection.c --- a/drivers/char/selection.c 2004-05-31 15:58:34 -07:00 +++ b/drivers/char/selection.c 2004-05-31 15:58:34 -07:00 @@ -3,10 +3,10 @@ * * This module exports the functions: * - * 'int set_selection(const unsigned long arg)' + * 'int set_selection(struct tiocl_selection __user *, struct tty_struct *)' * 'void clear_selection(void)' - * 'int paste_selection(struct tty_struct *tty)' - * 'int sel_loadlut(const unsigned long arg)' + * 'int paste_selection(struct tty_struct *)' + * 'int sel_loadlut(char __user *)' * * Now that /dev/vcs exists, most of this can disappear again. */ @@ -95,9 +95,9 @@ } /* set inwordLut contents. Invoked by ioctl(). */ -int sel_loadlut(const unsigned long arg) +int sel_loadlut(char __user *p) { - return copy_from_user(inwordLut, (u32 *)(arg+4), 32) ? -EFAULT : 0; + return copy_from_user(inwordLut, (u32 __user *)(p+4), 32) ? -EFAULT : 0; } /* does screen address p correspond to character at LH/RH edge of screen? */ @@ -113,7 +113,7 @@ } /* set the current selection. Invoked by ioctl() or by kernel code. */ -int set_selection(const struct tiocl_selection *sel, struct tty_struct *tty, int user) +int set_selection(const struct tiocl_selection __user *sel, struct tty_struct *tty) { int sel_mode, new_sel_start, new_sel_end, spc; char *bp, *obp; @@ -124,21 +124,13 @@ { unsigned short xs, ys, xe, ye; - if (user) { - if (verify_area(VERIFY_READ, sel, sizeof(*sel))) - return -EFAULT; - __get_user(xs, &sel->xs); - __get_user(ys, &sel->ys); - __get_user(xe, &sel->xe); - __get_user(ye, &sel->ye); - __get_user(sel_mode, &sel->sel_mode); - } else { - xs = sel->xs; /* set selection from kernel */ - ys = sel->ys; - xe = sel->xe; - ye = sel->ye; - sel_mode = sel->sel_mode; - } + if (verify_area(VERIFY_READ, sel, sizeof(*sel))) + return -EFAULT; + __get_user(xs, &sel->xs); + __get_user(ys, &sel->ys); + __get_user(xe, &sel->xe); + __get_user(ye, &sel->ye); + __get_user(sel_mode, &sel->sel_mode); xs--; ys--; xe--; ye--; xs = limit(xs, video_num_columns - 1); ys = limit(ys, video_num_lines - 1); diff -Nru a/drivers/char/tty_io.c b/drivers/char/tty_io.c --- a/drivers/char/tty_io.c 2004-05-31 15:58:34 -07:00 +++ b/drivers/char/tty_io.c 2004-05-31 15:58:34 -07:00 @@ -134,9 +134,9 @@ static void initialize_tty_struct(struct tty_struct *tty); -static ssize_t tty_read(struct file *, char *, size_t, loff_t *); -static ssize_t tty_write(struct file *, const char *, size_t, loff_t *); -ssize_t redirected_tty_write(struct file *, const char *, size_t, loff_t *); +static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *); +static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *); +ssize_t redirected_tty_write(struct file *, const char __user *, size_t, loff_t *); static unsigned int tty_poll(struct file *, poll_table *); static int tty_open(struct inode *, struct file *); static int tty_release(struct inode *, struct file *); @@ -339,7 +339,7 @@ EXPORT_SYMBOL(tty_check_change); -static ssize_t hung_up_tty_read(struct file * file, char * buf, +static ssize_t hung_up_tty_read(struct file * file, char __user * buf, size_t count, loff_t *ppos) { /* Can't seek (pread) on ttys. */ @@ -348,7 +348,7 @@ return 0; } -static ssize_t hung_up_tty_write(struct file * file, const char * buf, +static ssize_t hung_up_tty_write(struct file * file, const char __user * buf, size_t count, loff_t *ppos) { /* Can't seek (pwrite) on ttys. */ @@ -638,7 +638,7 @@ EXPORT_SYMBOL(start_tty); -static ssize_t tty_read(struct file * file, char * buf, size_t count, +static ssize_t tty_read(struct file * file, char __user * buf, size_t count, loff_t *ppos) { int i; @@ -672,10 +672,10 @@ * denial-of-service type attacks */ static inline ssize_t do_tty_write( - ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t), + ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char __user *, size_t), struct tty_struct *tty, struct file *file, - const unsigned char *buf, + const unsigned char __user *buf, size_t count) { ssize_t ret = 0, written = 0; @@ -717,7 +717,7 @@ } -static ssize_t tty_write(struct file * file, const char * buf, size_t count, +static ssize_t tty_write(struct file * file, const char __user * buf, size_t count, loff_t *ppos) { struct tty_struct * tty; @@ -735,10 +735,10 @@ if (!tty->ldisc.write) return -EIO; return do_tty_write(tty->ldisc.write, tty, file, - (const unsigned char *)buf, count); + (const unsigned char __user *)buf, count); } -ssize_t redirected_tty_write(struct file * file, const char * buf, size_t count, +ssize_t redirected_tty_write(struct file * file, const char __user * buf, size_t count, loff_t *ppos) { struct file *p = NULL; @@ -1490,19 +1490,19 @@ return 0; } -static int tiocsti(struct tty_struct *tty, char * arg) +static int tiocsti(struct tty_struct *tty, char __user *p) { char ch, mbz = 0; if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN)) return -EPERM; - if (get_user(ch, arg)) + if (get_user(ch, p)) return -EFAULT; tty->ldisc.receive_buf(tty, &ch, &mbz, 1); return 0; } -static int tiocgwinsz(struct tty_struct *tty, struct winsize * arg) +static int tiocgwinsz(struct tty_struct *tty, struct winsize __user * arg) { if (copy_to_user(arg, &tty->winsize, sizeof(*arg))) return -EFAULT; @@ -1510,7 +1510,7 @@ } static int tiocswinsz(struct tty_struct *tty, struct tty_struct *real_tty, - struct winsize * arg) + struct winsize __user * arg) { struct winsize tmp_ws; @@ -1565,11 +1565,11 @@ } -static int fionbio(struct file *file, int *arg) +static int fionbio(struct file *file, int __user *p) { int nonblock; - if (get_user(nonblock, arg)) + if (get_user(nonblock, p)) return -EFAULT; if (nonblock) @@ -1620,7 +1620,7 @@ return 0; } -static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t *arg) +static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) { /* * (tty == real_tty) is a cheap way of @@ -1628,10 +1628,10 @@ */ if (tty == real_tty && current->signal->tty != real_tty) return -ENOTTY; - return put_user(real_tty->pgrp, arg); + return put_user(real_tty->pgrp, p); } -static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t *arg) +static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) { pid_t pgrp; int retval = tty_check_change(real_tty); @@ -1644,7 +1644,7 @@ (current->signal->tty != real_tty) || (real_tty->session != current->signal->session)) return -ENOTTY; - if (get_user(pgrp, (pid_t *) arg)) + if (get_user(pgrp, p)) return -EFAULT; if (pgrp < 0) return -EINVAL; @@ -1654,7 +1654,7 @@ return 0; } -static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t *arg) +static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p) { /* * (tty == real_tty) is a cheap way of @@ -1664,14 +1664,14 @@ return -ENOTTY; if (real_tty->session <= 0) return -ENOTTY; - return put_user(real_tty->session, arg); + return put_user(real_tty->session, p); } -static int tiocsetd(struct tty_struct *tty, int *arg) +static int tiocsetd(struct tty_struct *tty, int __user *p) { int ldisc; - if (get_user(ldisc, arg)) + if (get_user(ldisc, p)) return -EFAULT; return tty_set_ldisc(tty, ldisc); } @@ -1690,7 +1690,7 @@ } static int -tty_tiocmget(struct tty_struct *tty, struct file *file, unsigned long arg) +tty_tiocmget(struct tty_struct *tty, struct file *file, int __user *p) { int retval = -EINVAL; @@ -1698,21 +1698,21 @@ retval = tty->driver->tiocmget(tty, file); if (retval >= 0) - retval = put_user(retval, (int *)arg); + retval = put_user(retval, p); } return retval; } static int tty_tiocmset(struct tty_struct *tty, struct file *file, unsigned int cmd, - unsigned long arg) + unsigned __user *p) { int retval = -EINVAL; if (tty->driver->tiocmset) { unsigned int set, clear, val; - retval = get_user(val, (unsigned int *)arg); + retval = get_user(val, p); if (retval) return retval; @@ -1745,6 +1745,7 @@ unsigned int cmd, unsigned long arg) { struct tty_struct *tty, *real_tty; + void __user *p = (void __user *)arg; int retval; tty = (struct tty_struct *)file->private_data; @@ -1802,15 +1803,15 @@ switch (cmd) { case TIOCSTI: - return tiocsti(tty, (char *)arg); + return tiocsti(tty, p); case TIOCGWINSZ: - return tiocgwinsz(tty, (struct winsize *) arg); + return tiocgwinsz(tty, p); case TIOCSWINSZ: - return tiocswinsz(tty, real_tty, (struct winsize *) arg); + return tiocswinsz(tty, real_tty, p); case TIOCCONS: return real_tty!=tty ? -EINVAL : tioccons(file); case FIONBIO: - return fionbio(file, (int *) arg); + return fionbio(file, p); case TIOCEXCL: set_bit(TTY_EXCLUSIVE, &tty->flags); return 0; @@ -1829,15 +1830,15 @@ case TIOCSCTTY: return tiocsctty(tty, arg); case TIOCGPGRP: - return tiocgpgrp(tty, real_tty, (pid_t *) arg); + return tiocgpgrp(tty, real_tty, p); case TIOCSPGRP: - return tiocspgrp(tty, real_tty, (pid_t *) arg); + return tiocspgrp(tty, real_tty, p); case TIOCGSID: - return tiocgsid(tty, real_tty, (pid_t *) arg); + return tiocgsid(tty, real_tty, p); case TIOCGETD: - return put_user(tty->ldisc.num, (int *) arg); + return put_user(tty->ldisc.num, (int __user *)p); case TIOCSETD: - return tiocsetd(tty, (int *) arg); + return tiocsetd(tty, p); #ifdef CONFIG_VT case TIOCLINUX: return tioclinux(tty, arg); @@ -1865,12 +1866,12 @@ return send_break(tty, arg ? arg*(HZ/10) : HZ/4); case TIOCMGET: - return tty_tiocmget(tty, file, arg); + return tty_tiocmget(tty, file, p); case TIOCMSET: case TIOCMBIC: case TIOCMBIS: - return tty_tiocmset(tty, file, cmd, arg); + return tty_tiocmset(tty, file, cmd, p); } if (tty->driver->ioctl) { int retval = (tty->driver->ioctl)(tty, file, cmd, arg); diff -Nru a/drivers/char/tty_ioctl.c b/drivers/char/tty_ioctl.c --- a/drivers/char/tty_ioctl.c 2004-05-31 15:58:34 -07:00 +++ b/drivers/char/tty_ioctl.c 2004-05-31 15:58:34 -07:00 @@ -140,7 +140,7 @@ (*tty->ldisc.set_termios)(tty, &old_termios); } -static int set_termios(struct tty_struct * tty, unsigned long arg, int opt) +static int set_termios(struct tty_struct * tty, void __user *arg, int opt) { struct termios tmp_termios; int retval = tty_check_change(tty); @@ -151,11 +151,11 @@ if (opt & TERMIOS_TERMIO) { memcpy(&tmp_termios, tty->termios, sizeof(struct termios)); if (user_termio_to_kernel_termios(&tmp_termios, - (struct termio *) arg)) + (struct termio __user *)arg)) return -EFAULT; } else { if (user_termios_to_kernel_termios(&tmp_termios, - (struct termios *) arg)) + (struct termios __user *)arg)) return -EFAULT; } @@ -172,7 +172,7 @@ return 0; } -static int get_termio(struct tty_struct * tty, struct termio * termio) +static int get_termio(struct tty_struct * tty, struct termio __user * termio) { if (kernel_termios_to_user_termio(termio, tty->termios)) return -EFAULT; @@ -222,7 +222,7 @@ return flags; } -static int get_sgttyb(struct tty_struct * tty, struct sgttyb * sgttyb) +static int get_sgttyb(struct tty_struct * tty, struct sgttyb __user * sgttyb) { struct sgttyb tmp; @@ -260,7 +260,7 @@ } } -static int set_sgttyb(struct tty_struct * tty, struct sgttyb * sgttyb) +static int set_sgttyb(struct tty_struct * tty, struct sgttyb __user * sgttyb) { int retval; struct sgttyb tmp; @@ -281,7 +281,7 @@ #endif #ifdef TIOCGETC -static int get_tchars(struct tty_struct * tty, struct tchars * tchars) +static int get_tchars(struct tty_struct * tty, struct tchars __user * tchars) { struct tchars tmp; @@ -294,7 +294,7 @@ return copy_to_user(tchars, &tmp, sizeof(tmp)) ? -EFAULT : 0; } -static int set_tchars(struct tty_struct * tty, struct tchars * tchars) +static int set_tchars(struct tty_struct * tty, struct tchars __user * tchars) { struct tchars tmp; @@ -311,7 +311,7 @@ #endif #ifdef TIOCGLTC -static int get_ltchars(struct tty_struct * tty, struct ltchars * ltchars) +static int get_ltchars(struct tty_struct * tty, struct ltchars __user * ltchars) { struct ltchars tmp; @@ -324,7 +324,7 @@ return copy_to_user(ltchars, &tmp, sizeof(tmp)) ? -EFAULT : 0; } -static int set_ltchars(struct tty_struct * tty, struct ltchars * ltchars) +static int set_ltchars(struct tty_struct * tty, struct ltchars __user * ltchars) { struct ltchars tmp; @@ -363,6 +363,7 @@ unsigned int cmd, unsigned long arg) { struct tty_struct * real_tty; + void __user *p = (void __user *)arg; int retval; if (tty->driver->type == TTY_DRIVER_TYPE_PTY && @@ -374,41 +375,41 @@ switch (cmd) { #ifdef TIOCGETP case TIOCGETP: - return get_sgttyb(real_tty, (struct sgttyb *) arg); + return get_sgttyb(real_tty, (struct sgttyb __user *) arg); case TIOCSETP: case TIOCSETN: - return set_sgttyb(real_tty, (struct sgttyb *) arg); + return set_sgttyb(real_tty, (struct sgttyb __user *) arg); #endif #ifdef TIOCGETC case TIOCGETC: - return get_tchars(real_tty, (struct tchars *) arg); + return get_tchars(real_tty, p); case TIOCSETC: - return set_tchars(real_tty, (struct tchars *) arg); + return set_tchars(real_tty, p); #endif #ifdef TIOCGLTC case TIOCGLTC: - return get_ltchars(real_tty, (struct ltchars *) arg); + return get_ltchars(real_tty, p); case TIOCSLTC: - return set_ltchars(real_tty, (struct ltchars *) arg); + return set_ltchars(real_tty, p); #endif case TCGETS: - if (kernel_termios_to_user_termios((struct termios *)arg, real_tty->termios)) + if (kernel_termios_to_user_termios((struct termios __user *)arg, real_tty->termios)) return -EFAULT; return 0; case TCSETSF: - return set_termios(real_tty, arg, TERMIOS_FLUSH | TERMIOS_WAIT); + return set_termios(real_tty, p, TERMIOS_FLUSH | TERMIOS_WAIT); case TCSETSW: - return set_termios(real_tty, arg, TERMIOS_WAIT); + return set_termios(real_tty, p, TERMIOS_WAIT); case TCSETS: - return set_termios(real_tty, arg, 0); + return set_termios(real_tty, p, 0); case TCGETA: - return get_termio(real_tty,(struct termio *) arg); + return get_termio(real_tty, p); case TCSETAF: - return set_termios(real_tty, arg, TERMIOS_FLUSH | TERMIOS_WAIT | TERMIOS_TERMIO); + return set_termios(real_tty, p, TERMIOS_FLUSH | TERMIOS_WAIT | TERMIOS_TERMIO); case TCSETAW: - return set_termios(real_tty, arg, TERMIOS_WAIT | TERMIOS_TERMIO); + return set_termios(real_tty, p, TERMIOS_WAIT | TERMIOS_TERMIO); case TCSETA: - return set_termios(real_tty, arg, TERMIOS_TERMIO); + return set_termios(real_tty, p, TERMIOS_TERMIO); case TCXONC: retval = tty_check_change(tty); if (retval) @@ -462,21 +463,21 @@ case TIOCOUTQ: return put_user(tty->driver->chars_in_buffer ? tty->driver->chars_in_buffer(tty) : 0, - (int *) arg); + (int __user *) arg); case TIOCINQ: retval = tty->read_cnt; if (L_ICANON(tty)) retval = inq_canon(tty); - return put_user(retval, (unsigned int *) arg); + return put_user(retval, (unsigned int __user *) arg); case TIOCGLCKTRMIOS: - if (kernel_termios_to_user_termios((struct termios *)arg, real_tty->termios_locked)) + if (kernel_termios_to_user_termios((struct termios __user *)arg, real_tty->termios_locked)) return -EFAULT; return 0; case TIOCSLCKTRMIOS: if (!capable(CAP_SYS_ADMIN)) return -EPERM; - if (user_termios_to_kernel_termios(real_tty->termios_locked, (struct termios *) arg)) + if (user_termios_to_kernel_termios(real_tty->termios_locked, (struct termios __user *) arg)) return -EFAULT; return 0; @@ -487,7 +488,7 @@ if (tty->driver->type != TTY_DRIVER_TYPE_PTY || tty->driver->subtype != PTY_TYPE_MASTER) return -ENOTTY; - if (get_user(pktmode, (int *) arg)) + if (get_user(pktmode, (int __user *) arg)) return -EFAULT; if (pktmode) { if (!tty->packet) { @@ -499,9 +500,9 @@ return 0; } case TIOCGSOFTCAR: - return put_user(C_CLOCAL(tty) ? 1 : 0, (int *) arg); + return put_user(C_CLOCAL(tty) ? 1 : 0, (int __user *)arg); case TIOCSSOFTCAR: - if (get_user(arg, (unsigned int *) arg)) + if (get_user(arg, (unsigned int __user *) arg)) return -EFAULT; tty->termios->c_cflag = ((tty->termios->c_cflag & ~CLOCAL) | diff -Nru a/drivers/char/vt.c b/drivers/char/vt.c --- a/drivers/char/vt.c 2004-05-31 15:58:34 -07:00 +++ b/drivers/char/vt.c 2004-05-31 15:58:34 -07:00 @@ -152,7 +152,7 @@ static void save_cur(int currcons); static void reset_terminal(int currcons, int do_clear); static void con_flush_chars(struct tty_struct *tty); -static void set_vesa_blanking(unsigned long arg); +static void set_vesa_blanking(char __user *p); static void set_cursor(int currcons); static void hide_cursor(int currcons); static void console_callback(void *ignored); @@ -2274,6 +2274,7 @@ int tioclinux(struct tty_struct *tty, unsigned long arg) { char type, data; + char __user *p = (char __user *)arg; int lines; int ret; @@ -2281,14 +2282,14 @@ return -EINVAL; if (current->signal->tty != tty && !capable(CAP_SYS_ADMIN)) return -EPERM; - if (get_user(type, (char *)arg)) + if (get_user(type, p)) return -EFAULT; ret = 0; switch (type) { case TIOCL_SETSEL: acquire_console_sem(); - ret = set_selection((struct tiocl_selection *)((char *)arg+1), tty, 1); + ret = set_selection((struct tiocl_selection __user *)(p+1), tty); release_console_sem(); break; case TIOCL_PASTESEL: @@ -2298,7 +2299,7 @@ unblank_screen(); break; case TIOCL_SELLOADLUT: - ret = sel_loadlut(arg); + ret = sel_loadlut(p); break; case TIOCL_GETSHIFTSTATE: @@ -2309,20 +2310,20 @@ * related to the kernel should not use this. */ data = shift_state; - ret = __put_user(data, (char *) arg); + ret = __put_user(data, p); break; case TIOCL_GETMOUSEREPORTING: data = mouse_reporting(); - ret = __put_user(data, (char *) arg); + ret = __put_user(data, p); break; case TIOCL_SETVESABLANK: - set_vesa_blanking(arg); + set_vesa_blanking(p); break; case TIOCL_SETKMSGREDIRECT: if (!capable(CAP_SYS_ADMIN)) { ret = -EPERM; } else { - if (get_user(data, (char *)arg+1)) + if (get_user(data, p+1)) ret = -EFAULT; else kmsg_redirect = data; @@ -2332,7 +2333,7 @@ ret = fg_console; break; case TIOCL_SCROLLCONSOLE: - if (get_user(lines, (s32 *)((char *)arg+4))) { + if (get_user(lines, (s32 __user *)(p+4))) { ret = -EFAULT; } else { scrollfront(lines); @@ -2757,11 +2758,10 @@ * Screen blanking */ -static void set_vesa_blanking(unsigned long arg) +static void set_vesa_blanking(char __user *p) { - char *argp = (char *)arg + 1; unsigned int mode; - get_user(mode, argp); + get_user(mode, p + 1); vesa_blank_mode = (mode < 4) ? mode : 0; } @@ -2937,7 +2937,7 @@ sw->con_set_palette(vc_cons[currcons].d, color_table); } -static int set_get_cmap(unsigned char *arg, int set) +static int set_get_cmap(unsigned char __user *arg, int set) { int i, j, k; @@ -2972,7 +2972,7 @@ * map, 3 bytes per colour, 16 colours, range from 0 to 255. */ -int con_set_cmap(unsigned char *arg) +int con_set_cmap(unsigned char __user *arg) { int rc; @@ -2983,7 +2983,7 @@ return rc; } -int con_get_cmap(unsigned char *arg) +int con_get_cmap(unsigned char __user *arg) { int rc; @@ -3037,7 +3037,8 @@ goto quit; if (!op->height) { /* Need to guess font height [compat] */ int h, i; - u8 *charmap = op->data, tmp; + u8 __user *charmap = op->data; + u8 tmp; /* If from KDFONTOP ioctl, don't allow things which can be done in userland, so that we can get rid of this soon */ diff -Nru a/drivers/char/vt_ioctl.c b/drivers/char/vt_ioctl.c --- a/drivers/char/vt_ioctl.c 2004-05-31 15:58:34 -07:00 +++ b/drivers/char/vt_ioctl.c 2004-05-31 15:58:34 -07:00 @@ -75,7 +75,7 @@ #define s (tmp.kb_table) #define v (tmp.kb_value) static inline int -do_kdsk_ioctl(int cmd, struct kbentry *user_kbe, int perm, struct kbd_struct *kbd) +do_kdsk_ioctl(int cmd, struct kbentry __user *user_kbe, int perm, struct kbd_struct *kbd) { struct kbentry tmp; ushort *key_map, val, ov; @@ -160,7 +160,7 @@ #undef v static inline int -do_kbkeycode_ioctl(int cmd, struct kbkeycode *user_kbkc, int perm) +do_kbkeycode_ioctl(int cmd, struct kbkeycode __user *user_kbkc, int perm) { struct kbkeycode tmp; int kc = 0; @@ -183,11 +183,12 @@ } static inline int -do_kdgkb_ioctl(int cmd, struct kbsentry *user_kdgkb, int perm) +do_kdgkb_ioctl(int cmd, struct kbsentry __user *user_kdgkb, int perm) { struct kbsentry *kbs; char *p; u_char *q; + u_char __user *up; int sz; int delta; char *first_free, *fj, *fnw; @@ -212,15 +213,15 @@ case KDGKBSENT: sz = sizeof(kbs->kb_string) - 1; /* sz should have been a struct member */ - q = user_kdgkb->kb_string; + up = user_kdgkb->kb_string; p = func_table[i]; if(p) for ( ; *p && sz; p++, sz--) - if (put_user(*p, q++)) { + if (put_user(*p, up++)) { ret = -EFAULT; goto reterr; } - if (put_user('\0', q)) { + if (put_user('\0', up)) { ret = -EFAULT; goto reterr; } @@ -292,7 +293,7 @@ } static inline int -do_fontx_ioctl(int cmd, struct consolefontdesc *user_cfd, int perm, struct console_font_op *op) +do_fontx_ioctl(int cmd, struct consolefontdesc __user *user_cfd, int perm, struct console_font_op *op) { struct consolefontdesc cfdarg; int i; @@ -332,7 +333,7 @@ } static inline int -do_unimap_ioctl(int cmd, struct unimapdesc *user_ud, int perm, unsigned int console) +do_unimap_ioctl(int cmd, struct unimapdesc __user *user_ud, int perm, unsigned int console) { struct unimapdesc tmp; int i = 0; @@ -370,6 +371,7 @@ struct kbd_struct * kbd; unsigned int console; unsigned char ucval; + void __user *up = (void __user *)arg; int i, perm; console = vt->vc_num; @@ -453,14 +455,12 @@ if (!capable(CAP_SYS_TTY_CONFIG)) return -EPERM; - if (copy_from_user(&kbrep, (void *)arg, - sizeof(struct kbd_repeat))) + if (copy_from_user(&kbrep, up, sizeof(struct kbd_repeat))) return -EFAULT; err = kbd_rate(&kbrep); if (err) return err; - if (copy_to_user((void *)arg, &kbrep, - sizeof(struct kbd_repeat))) + if (copy_to_user(up, &kbrep, sizeof(struct kbd_repeat))) return -EFAULT; return 0; } @@ -565,25 +565,25 @@ case KDGKBMETA: ucval = (vc_kbd_mode(kbd, VC_META) ? K_ESCPREFIX : K_METABIT); setint: - return put_user(ucval, (int *)arg); + return put_user(ucval, (int __user *)arg); case KDGETKEYCODE: case KDSETKEYCODE: if(!capable(CAP_SYS_TTY_CONFIG)) perm=0; - return do_kbkeycode_ioctl(cmd, (struct kbkeycode *)arg, perm); + return do_kbkeycode_ioctl(cmd, up, perm); case KDGKBENT: case KDSKBENT: - return do_kdsk_ioctl(cmd, (struct kbentry *)arg, perm, kbd); + return do_kdsk_ioctl(cmd, up, perm, kbd); case KDGKBSENT: case KDSKBSENT: - return do_kdgkb_ioctl(cmd, (struct kbsentry *)arg, perm); + return do_kdgkb_ioctl(cmd, up, perm); case KDGKBDIACR: { - struct kbdiacrs *a = (struct kbdiacrs *)arg; + struct kbdiacrs __user *a = up; if (put_user(accent_table_size, &a->kb_cnt)) return -EFAULT; @@ -594,7 +594,7 @@ case KDSKBDIACR: { - struct kbdiacrs *a = (struct kbdiacrs *)arg; + struct kbdiacrs __user *a = up; unsigned int ct; if (!perm) @@ -630,7 +630,7 @@ case KDGETLED: ucval = getledstate(); setchar: - return put_user(ucval, (char*)arg); + return put_user(ucval, (char __user *)arg); case KDSETLED: if (!perm) @@ -663,7 +663,7 @@ if (!perm) return -EPERM; - if (copy_from_user(&tmp, (void*)arg, sizeof(struct vt_mode))) + if (copy_from_user(&tmp, up, sizeof(struct vt_mode))) return -EFAULT; if (tmp.mode != VT_AUTO && tmp.mode != VT_PROCESS) return -EINVAL; @@ -687,7 +687,7 @@ memcpy(&tmp, &vt_cons[console]->vt_mode, sizeof(struct vt_mode)); release_console_sem(); - rc = copy_to_user((void*)arg, &tmp, sizeof(struct vt_mode)); + rc = copy_to_user(up, &tmp, sizeof(struct vt_mode)); return rc ? -EFAULT : 0; } @@ -698,7 +698,7 @@ */ case VT_GETSTATE: { - struct vt_stat *vtstat = (struct vt_stat *)arg; + struct vt_stat __user *vtstat = up; unsigned short state, mask; if (put_user(fg_console + 1, &vtstat->v_active)) @@ -844,7 +844,7 @@ case VT_RESIZE: { - struct vt_sizes *vtsizes = (struct vt_sizes *) arg; + struct vt_sizes __user *vtsizes = up; ushort ll,cc; if (!perm) return -EPERM; @@ -861,11 +861,11 @@ case VT_RESIZEX: { - struct vt_consize *vtconsize = (struct vt_consize *) arg; + struct vt_consize __user *vtconsize = up; ushort ll,cc,vlin,clin,vcol,ccol; if (!perm) return -EPERM; - if (verify_area(VERIFY_READ, (void *)vtconsize, + if (verify_area(VERIFY_READ, vtconsize, sizeof(struct vt_consize))) return -EFAULT; __get_user(ll, &vtconsize->v_rows); @@ -932,14 +932,14 @@ case PIO_CMAP: if (!perm) return -EPERM; - return con_set_cmap((char *)arg); + return con_set_cmap(up); case GIO_CMAP: - return con_get_cmap((char *)arg); + return con_get_cmap(up); case PIO_FONTX: case GIO_FONTX: - return do_fontx_ioctl(cmd, (struct consolefontdesc *)arg, perm, &op); + return do_fontx_ioctl(cmd, up, perm, &op); case PIO_FONTRESET: { @@ -963,13 +963,13 @@ } case KDFONTOP: { - if (copy_from_user(&op, (void *) arg, sizeof(op))) + if (copy_from_user(&op, up, sizeof(op))) return -EFAULT; if (!perm && op.op != KD_FONT_OP_GET) return -EPERM; i = con_font_op(console, &op); if (i) return i; - if (copy_to_user((void *) arg, &op, sizeof(op))) + if (copy_to_user(up, &op, sizeof(op))) return -EFAULT; return 0; } @@ -977,24 +977,24 @@ case PIO_SCRNMAP: if (!perm) return -EPERM; - return con_set_trans_old((unsigned char *)arg); + return con_set_trans_old(up); case GIO_SCRNMAP: - return con_get_trans_old((unsigned char *)arg); + return con_get_trans_old(up); case PIO_UNISCRNMAP: if (!perm) return -EPERM; - return con_set_trans_new((unsigned short *)arg); + return con_set_trans_new(up); case GIO_UNISCRNMAP: - return con_get_trans_new((unsigned short *)arg); + return con_get_trans_new(up); case PIO_UNIMAPCLR: { struct unimapinit ui; if (!perm) return -EPERM; - i = copy_from_user(&ui, (void *)arg, sizeof(struct unimapinit)); + i = copy_from_user(&ui, up, sizeof(struct unimapinit)); if (i) return -EFAULT; con_clear_unimap(console, &ui); return 0; @@ -1002,7 +1002,7 @@ case PIO_UNIMAP: case GIO_UNIMAP: - return do_unimap_ioctl(cmd, (struct unimapdesc *)arg, perm, console); + return do_unimap_ioctl(cmd, up, perm, console); case VT_LOCKSWITCH: if (!capable(CAP_SYS_TTY_CONFIG)) diff -Nru a/drivers/serial/sunsab.c b/drivers/serial/sunsab.c --- a/drivers/serial/sunsab.c 2004-05-31 15:58:34 -07:00 +++ b/drivers/serial/sunsab.c 2004-05-31 15:58:34 -07:00 @@ -97,9 +97,10 @@ udelay(1); } -static void receive_chars(struct uart_sunsab_port *up, - union sab82532_irq_status *stat, - struct pt_regs *regs) +static struct tty_struct * +receive_chars(struct uart_sunsab_port *up, + union sab82532_irq_status *stat, + struct pt_regs *regs) { struct tty_struct *tty = NULL; unsigned char buf[32]; @@ -126,7 +127,7 @@ if (stat->sreg.isr0 & SAB82532_ISR0_TIME) { sunsab_cec_wait(up); writeb(SAB82532_CMDR_RFRD, &up->regs->w.cmdr); - return; + return tty; } if (stat->sreg.isr0 & SAB82532_ISR0_RFO) @@ -153,7 +154,7 @@ if (unlikely(tty->flip.count >= TTY_FLIPBUF_SIZE)) { tty->flip.work.func((void *)tty); if (tty->flip.count >= TTY_FLIPBUF_SIZE) - return; // if TTY_DONT_FLIP is set + return tty; // if TTY_DONT_FLIP is set } *tty->flip.char_buf_ptr = ch; @@ -225,11 +226,10 @@ } } - if (tty) - tty_flip_buffer_push(tty); - if (saw_console_brk) sun_do_break(); + + return tty; } static void sunsab_stop_tx(struct uart_port *, unsigned int); @@ -311,6 +311,7 @@ static irqreturn_t sunsab_interrupt(int irq, void *dev_id, struct pt_regs *regs) { struct uart_sunsab_port *up = dev_id; + struct tty_struct *tty; union sab82532_irq_status status; unsigned long flags; @@ -322,10 +323,11 @@ if (readb(&up->regs->r.gis) & SAB82532_GIS_ISA1) status.sreg.isr1 = readb(&up->regs->r.isr1); + tty = NULL; if (status.stat) { if (status.sreg.isr0 & (SAB82532_ISR0_TCD | SAB82532_ISR0_TIME | SAB82532_ISR0_RFO | SAB82532_ISR0_RPF)) - receive_chars(up, &status, regs); + tty = receive_chars(up, &status, regs); if ((status.sreg.isr0 & SAB82532_ISR0_CDSC) || (status.sreg.isr1 & SAB82532_ISR1_CSC)) check_status(up, &status); @@ -335,6 +337,9 @@ spin_unlock(&up->port.lock); + if (tty) + tty_flip_buffer_push(tty); + up++; spin_lock(&up->port.lock); @@ -345,10 +350,11 @@ if (readb(&up->regs->r.gis) & SAB82532_GIS_ISB1) status.sreg.isr1 = readb(&up->regs->r.isr1); + tty = NULL; if (status.stat) { if (status.sreg.isr0 & (SAB82532_ISR0_TCD | SAB82532_ISR0_TIME | SAB82532_ISR0_RFO | SAB82532_ISR0_RPF)) - receive_chars(up, &status, regs); + tty = receive_chars(up, &status, regs); if ((status.sreg.isr0 & SAB82532_ISR0_CDSC) || (status.sreg.isr1 & (SAB82532_ISR1_BRK | SAB82532_ISR1_CSC))) check_status(up, &status); @@ -357,6 +363,9 @@ } spin_unlock_irqrestore(&up->port.lock, flags); + + if (tty) + tty_flip_buffer_push(tty); return IRQ_HANDLED; } diff -Nru a/drivers/serial/sunsu.c b/drivers/serial/sunsu.c --- a/drivers/serial/sunsu.c 2004-05-31 15:58:34 -07:00 +++ b/drivers/serial/sunsu.c 2004-05-31 15:58:34 -07:00 @@ -310,7 +310,7 @@ spin_unlock_irqrestore(&up->port.lock, flags); } -static _INLINE_ void +static _INLINE_ struct tty_struct * receive_chars(struct uart_sunsu_port *up, unsigned char *status, struct pt_regs *regs) { struct tty_struct *tty = up->port.info->tty; @@ -322,7 +322,7 @@ if (unlikely(tty->flip.count >= TTY_FLIPBUF_SIZE)) { tty->flip.work.func((void *)tty); if (tty->flip.count >= TTY_FLIPBUF_SIZE) - return; // if TTY_DONT_FLIP is set + return tty; // if TTY_DONT_FLIP is set } ch = serial_inp(up, UART_RX); *tty->flip.char_buf_ptr = ch; @@ -396,10 +396,11 @@ ignore_char: *status = serial_inp(up, UART_LSR); } while ((*status & UART_LSR_DR) && (max_count-- > 0)); - tty_flip_buffer_push(tty); if (saw_console_brk) sun_do_break(); + + return tty; } static _INLINE_ void transmit_chars(struct uart_sunsu_port *up) @@ -464,12 +465,23 @@ spin_lock_irqsave(&up->port.lock, flags); do { + struct tty_struct *tty; + status = serial_inp(up, UART_LSR); + tty = NULL; if (status & UART_LSR_DR) - receive_chars(up, &status, regs); + tty = receive_chars(up, &status, regs); check_modem_status(up); if (status & UART_LSR_THRE) transmit_chars(up); + + spin_unlock_irqrestore(&up->port.lock, flags); + + if (tty) + tty_flip_buffer_push(tty); + + spin_lock_irqsave(&up->port.lock, flags); + } while (!(serial_in(up, UART_IIR) & UART_IIR_NO_INT)); spin_unlock_irqrestore(&up->port.lock, flags); diff -Nru a/drivers/serial/sunzilog.c b/drivers/serial/sunzilog.c --- a/drivers/serial/sunzilog.c 2004-05-31 15:58:34 -07:00 +++ b/drivers/serial/sunzilog.c 2004-05-31 15:58:34 -07:00 @@ -313,9 +313,10 @@ } } -static void sunzilog_receive_chars(struct uart_sunzilog_port *up, - struct zilog_channel *channel, - struct pt_regs *regs) +static struct tty_struct * +sunzilog_receive_chars(struct uart_sunzilog_port *up, + struct zilog_channel *channel, + struct pt_regs *regs) { struct tty_struct *tty; unsigned char ch, r1; @@ -414,8 +415,7 @@ } } - if (tty) - tty_flip_buffer_push(tty); + return tty; } static void sunzilog_status_handle(struct uart_sunzilog_port *up, @@ -550,19 +550,21 @@ while (up) { struct zilog_channel *channel = ZILOG_CHANNEL_FROM_PORT(&up->port); + struct tty_struct *tty; unsigned char r3; spin_lock(&up->port.lock); r3 = read_zsreg(channel, R3); /* Channel A */ + tty = NULL; if (r3 & (CHAEXT | CHATxIP | CHARxIP)) { sbus_writeb(RES_H_IUS, &channel->control); ZSDELAY(); ZS_WSYNC(channel); if (r3 & CHARxIP) - sunzilog_receive_chars(up, channel, regs); + tty = sunzilog_receive_chars(up, channel, regs); if (r3 & CHAEXT) sunzilog_status_handle(up, channel, regs); if (r3 & CHATxIP) @@ -570,24 +572,31 @@ } spin_unlock(&up->port.lock); + if (tty) + tty_flip_buffer_push(tty); + /* Channel B */ up = up->next; channel = ZILOG_CHANNEL_FROM_PORT(&up->port); spin_lock(&up->port.lock); + tty = NULL; if (r3 & (CHBEXT | CHBTxIP | CHBRxIP)) { sbus_writeb(RES_H_IUS, &channel->control); ZSDELAY(); ZS_WSYNC(channel); if (r3 & CHBRxIP) - sunzilog_receive_chars(up, channel, regs); + tty = sunzilog_receive_chars(up, channel, regs); if (r3 & CHBEXT) sunzilog_status_handle(up, channel, regs); if (r3 & CHBTxIP) sunzilog_transmit_chars(up, channel); } spin_unlock(&up->port.lock); + + if (tty) + tty_flip_buffer_push(tty); up = up->next; } diff -Nru a/drivers/video/vesafb.c b/drivers/video/vesafb.c --- a/drivers/video/vesafb.c 2004-05-31 15:58:34 -07:00 +++ b/drivers/video/vesafb.c 2004-05-31 15:58:34 -07:00 @@ -207,7 +207,7 @@ mtrr=1; else if (! strcmp(this_opt, "nomtrr")) mtrr=0; - else if (! strcmp(this_opt, "vram")) + else if (! strncmp(this_opt, "vram=", 5)) vram = simple_strtoul(this_opt+5, NULL, 0); } return 0; diff -Nru a/fs/compat.c b/fs/compat.c --- a/fs/compat.c 2004-05-31 15:58:34 -07:00 +++ b/fs/compat.c 2004-05-31 15:58:34 -07:00 @@ -614,7 +614,7 @@ } static inline long -copy_iocb(long nr, u32 __user *ptr32, u64 __user *ptr64) +copy_iocb(long nr, u32 __user *ptr32, struct iocb __user * __user *ptr64) { compat_uptr_t uptr; int i; @@ -622,7 +622,7 @@ for (i = 0; i < nr; ++i) { if (get_user(uptr, ptr32 + i)) return -EFAULT; - if (put_user((u64)compat_ptr(uptr), ptr64 + i)) + if (put_user(compat_ptr(uptr), ptr64 + i)) return -EFAULT; } return 0; @@ -643,7 +643,7 @@ nr = MAX_AIO_SUBMITS; iocb64 = compat_alloc_user_space(nr * sizeof(*iocb64)); - ret = copy_iocb(nr, iocb, (u64 __user *) iocb64); + ret = copy_iocb(nr, iocb, iocb64); if (!ret) ret = sys_io_submit(ctx_id, nr, iocb64); return ret; diff -Nru a/fs/nfs/read.c b/fs/nfs/read.c --- a/fs/nfs/read.c 2004-05-31 15:58:34 -07:00 +++ b/fs/nfs/read.c 2004-05-31 15:58:34 -07:00 @@ -103,22 +103,16 @@ if (!rdata) return -ENOMEM; - *rdata = (struct nfs_read_data) { - .flags = (IS_SWAPFILE(inode)? NFS_RPC_SWAPFLAGS : 0), - .cred = NULL, - .inode = inode, - .pages = LIST_HEAD_INIT(rdata->pages), - .args = { - .fh = NFS_FH(inode), - .lockowner = current->files, - .pages = &page, - .pgbase = 0UL, - .count = rsize, - }, - .res = { - .fattr = &rdata->fattr, - } - }; + memset(rdata, 0, sizeof(*rdata)); + rdata->flags = (IS_SWAPFILE(inode)? NFS_RPC_SWAPFLAGS : 0); + rdata->inode = inode; + INIT_LIST_HEAD(&rdata->pages); + rdata->args.fh = NFS_FH(inode); + rdata->args.lockowner = current->files; + rdata->args.pages = &page; + rdata->args.pgbase = 0UL; + rdata->args.count = rsize; + rdata->res.fattr = &rdata->fattr; dprintk("NFS: nfs_readpage_sync(%p)\n", page); diff -Nru a/fs/nfs/write.c b/fs/nfs/write.c --- a/fs/nfs/write.c 2004-05-31 15:58:34 -07:00 +++ b/fs/nfs/write.c 2004-05-31 15:58:34 -07:00 @@ -185,23 +185,17 @@ if (!wdata) return -ENOMEM; - *wdata = (struct nfs_write_data) { - .flags = how, - .cred = NULL, - .inode = inode, - .args = { - .fh = NFS_FH(inode), - .lockowner = current->files, - .pages = &page, - .stable = NFS_FILE_SYNC, - .pgbase = offset, - .count = wsize, - }, - .res = { - .fattr = &wdata->fattr, - .verf = &wdata->verf, - }, - }; + memset(wdata, 0, sizeof(*wdata)); + wdata->flags = how; + wdata->inode = inode; + wdata->args.fh = NFS_FH(inode); + wdata->args.lockowner = current->files; + wdata->args.pages = &page; + wdata->args.stable = NFS_FILE_SYNC; + wdata->args.pgbase = offset; + wdata->args.count = wsize; + wdata->res.fattr = &wdata->fattr; + wdata->res.verf = &wdata->verf; dprintk("NFS: nfs_writepage_sync(%s/%Ld %d@%Ld)\n", inode->i_sb->s_id, diff -Nru a/fs/reiserfs/file.c b/fs/reiserfs/file.c --- a/fs/reiserfs/file.c 2004-05-31 15:58:34 -07:00 +++ b/fs/reiserfs/file.c 2004-05-31 15:58:34 -07:00 @@ -545,7 +545,7 @@ array to prepared pages */ - const char *buf /* Pointer to user-supplied + const char __user *buf /* Pointer to user-supplied data*/ ) { @@ -1062,7 +1062,7 @@ */ ssize_t reiserfs_file_write( struct file *file, /* the file we are going to write into */ - const char *buf, /* pointer to user supplied data + const char __user *buf, /* pointer to user supplied data (in userspace) */ size_t count, /* amount of bytes to write */ loff_t *ppos /* pointer to position in file that we start writing at. Should be updated to diff -Nru a/fs/reiserfs/ioctl.c b/fs/reiserfs/ioctl.c --- a/fs/reiserfs/ioctl.c 2004-05-31 15:58:34 -07:00 +++ b/fs/reiserfs/ioctl.c 2004-05-31 15:58:34 -07:00 @@ -36,7 +36,7 @@ case REISERFS_IOC_GETFLAGS: flags = REISERFS_I(inode) -> i_attrs; i_attrs_to_sd_attrs( inode, ( __u16 * ) &flags ); - return put_user(flags, (int *) arg); + return put_user(flags, (int __user *) arg); case REISERFS_IOC_SETFLAGS: { if (IS_RDONLY(inode)) return -EROFS; @@ -44,7 +44,7 @@ if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER)) return -EPERM; - if (get_user(flags, (int *) arg)) + if (get_user(flags, (int __user *) arg)) return -EFAULT; if ( ( ( flags ^ REISERFS_I(inode) -> i_attrs) & ( REISERFS_IMMUTABLE_FL | REISERFS_APPEND_FL)) && @@ -66,13 +66,13 @@ return 0; } case REISERFS_IOC_GETVERSION: - return put_user(inode->i_generation, (int *) arg); + return put_user(inode->i_generation, (int __user *) arg); case REISERFS_IOC_SETVERSION: if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER)) return -EPERM; if (IS_RDONLY(inode)) return -EROFS; - if (get_user(inode->i_generation, (int *) arg)) + if (get_user(inode->i_generation, (int __user *) arg)) return -EFAULT; inode->i_ctime = CURRENT_TIME; mark_inode_dirty(inode); diff -Nru a/include/asm-alpha/checksum.h b/include/asm-alpha/checksum.h --- a/include/asm-alpha/checksum.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-alpha/checksum.h 2004-05-31 15:58:34 -07:00 @@ -43,7 +43,7 @@ * here even more important to align src and dst on a 32-bit (or even * better 64-bit) boundary */ -unsigned int csum_partial_copy_from_user(const char *src, char *dst, int len, unsigned int sum, int *errp); +unsigned int csum_partial_copy_from_user(const char __user *src, char *dst, int len, unsigned int sum, int *errp); unsigned int csum_partial_copy_nocheck(const char *src, char *dst, int len, unsigned int sum); diff -Nru a/include/asm-alpha/core_mcpcia.h b/include/asm-alpha/core_mcpcia.h --- a/include/asm-alpha/core_mcpcia.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-alpha/core_mcpcia.h 2004-05-31 15:58:34 -07:00 @@ -167,7 +167,7 @@ /* Hack! Only words for bus 0. */ -#if !MCPCIA_ONE_HAE_WINDOW +#ifndef MCPCIA_ONE_HAE_WINDOW #define MCPCIA_HAE_ADDRESS MCPCIA_HAE_MEM(4) #endif #define MCPCIA_IACK_SC _MCPCIA_IACK_SC(4) @@ -351,7 +351,7 @@ unsigned long hose = in_addr & ~0xffffffffUL; unsigned long result, work; -#if !MCPCIA_ONE_HAE_WINDOW +#ifndef MCPCIA_ONE_HAE_WINDOW unsigned long msb; msb = addr & ~MCPCIA_MEM_MASK; set_hae(msb); @@ -370,7 +370,7 @@ unsigned long hose = in_addr & ~0xffffffffUL; unsigned long result, work; -#if !MCPCIA_ONE_HAE_WINDOW +#ifndef MCPCIA_ONE_HAE_WINDOW unsigned long msb; msb = addr & ~MCPCIA_MEM_MASK; set_hae(msb); @@ -389,7 +389,7 @@ unsigned long hose = in_addr & ~0xffffffffUL; unsigned long w; -#if !MCPCIA_ONE_HAE_WINDOW +#ifndef MCPCIA_ONE_HAE_WINDOW unsigned long msb; msb = addr & ~MCPCIA_MEM_MASK; set_hae(msb); @@ -407,7 +407,7 @@ unsigned long hose = in_addr & ~0xffffffffUL; unsigned long w; -#if !MCPCIA_ONE_HAE_WINDOW +#ifndef MCPCIA_ONE_HAE_WINDOW unsigned long msb; msb = addr & ~MCPCIA_MEM_MASK; set_hae(msb); diff -Nru a/include/asm-alpha/core_polaris.h b/include/asm-alpha/core_polaris.h --- a/include/asm-alpha/core_polaris.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-alpha/core_polaris.h 2004-05-31 15:58:34 -07:00 @@ -18,13 +18,13 @@ */ /* Polaris memory regions */ -#define POLARIS_SPARSE_MEM_BASE (IDENT_ADDR + 0xf800000000) -#define POLARIS_DENSE_MEM_BASE (IDENT_ADDR + 0xf900000000) -#define POLARIS_SPARSE_IO_BASE (IDENT_ADDR + 0xf980000000) -#define POLARIS_SPARSE_CONFIG_BASE (IDENT_ADDR + 0xf9c0000000) -#define POLARIS_IACK_BASE (IDENT_ADDR + 0xf9f8000000) -#define POLARIS_DENSE_IO_BASE (IDENT_ADDR + 0xf9fc000000) -#define POLARIS_DENSE_CONFIG_BASE (IDENT_ADDR + 0xf9fe000000) +#define POLARIS_SPARSE_MEM_BASE (IDENT_ADDR + 0xf800000000UL) +#define POLARIS_DENSE_MEM_BASE (IDENT_ADDR + 0xf900000000UL) +#define POLARIS_SPARSE_IO_BASE (IDENT_ADDR + 0xf980000000UL) +#define POLARIS_SPARSE_CONFIG_BASE (IDENT_ADDR + 0xf9c0000000UL) +#define POLARIS_IACK_BASE (IDENT_ADDR + 0xf9f8000000UL) +#define POLARIS_DENSE_IO_BASE (IDENT_ADDR + 0xf9fc000000UL) +#define POLARIS_DENSE_CONFIG_BASE (IDENT_ADDR + 0xf9fe000000UL) #define POLARIS_IACK_SC POLARIS_IACK_BASE diff -Nru a/include/asm-alpha/floppy.h b/include/asm-alpha/floppy.h --- a/include/asm-alpha/floppy.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-alpha/floppy.h 2004-05-31 15:58:34 -07:00 @@ -108,10 +108,11 @@ * on that platform... ;-} */ -#define CROSS_64KB(a,s) \ -({ unsigned long __s64 = (unsigned long)(a); \ - unsigned long __e64 = __s64 + (unsigned long)(s) - 1; \ - (__s64 ^ __e64) & ~0xfffful; }) +static inline unsigned long CROSS_64KB(void *a, unsigned long s) +{ + unsigned long p = (unsigned long)a; + return ((p + s - 1) ^ p) & ~0xffffUL; +} #define EXTRA_FLOPPY_PARAMS diff -Nru a/include/asm-alpha/io.h b/include/asm-alpha/io.h --- a/include/asm-alpha/io.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-alpha/io.h 2004-05-31 15:58:34 -07:00 @@ -9,9 +9,9 @@ * Virtual -> physical identity mapping starts at this offset */ #ifdef USE_48_BIT_KSEG -#define IDENT_ADDR 0xffff800000000000 +#define IDENT_ADDR 0xffff800000000000UL #else -#define IDENT_ADDR 0xfffffc0000000000 +#define IDENT_ADDR 0xfffffc0000000000UL #endif #ifdef __KERNEL__ diff -Nru a/include/asm-alpha/page.h b/include/asm-alpha/page.h --- a/include/asm-alpha/page.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-alpha/page.h 2004-05-31 15:58:34 -07:00 @@ -73,16 +73,24 @@ return order; } -#endif /* !__ASSEMBLY__ */ +#ifdef USE_48_BIT_KSEG +#define PAGE_OFFSET 0xffff800000000000UL +#else +#define PAGE_OFFSET 0xfffffc0000000000UL +#endif -/* to align the pointer to the (next) page boundary */ -#define PAGE_ALIGN(addr) (((addr)+PAGE_SIZE-1)&PAGE_MASK) +#else #ifdef USE_48_BIT_KSEG #define PAGE_OFFSET 0xffff800000000000 #else #define PAGE_OFFSET 0xfffffc0000000000 #endif + +#endif /* !__ASSEMBLY__ */ + +/* to align the pointer to the (next) page boundary */ +#define PAGE_ALIGN(addr) (((addr)+PAGE_SIZE-1)&PAGE_MASK) #define __pa(x) ((unsigned long) (x) - PAGE_OFFSET) #define __va(x) ((void *)((unsigned long) (x) + PAGE_OFFSET)) diff -Nru a/include/asm-alpha/pgtable.h b/include/asm-alpha/pgtable.h --- a/include/asm-alpha/pgtable.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-alpha/pgtable.h 2004-05-31 15:58:34 -07:00 @@ -83,7 +83,7 @@ #define __DIRTY_BITS (_PAGE_DIRTY | _PAGE_KWE | _PAGE_UWE) #define __ACCESS_BITS (_PAGE_ACCESSED | _PAGE_KRE | _PAGE_URE) -#define _PFN_MASK 0xFFFFFFFF00000000 +#define _PFN_MASK 0xFFFFFFFF00000000UL #define _PAGE_TABLE (_PAGE_VALID | __DIRTY_BITS | __ACCESS_BITS) #define _PAGE_CHG_MASK (_PFN_MASK | __DIRTY_BITS | __ACCESS_BITS) diff -Nru a/include/asm-alpha/semaphore.h b/include/asm-alpha/semaphore.h --- a/include/asm-alpha/semaphore.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-alpha/semaphore.h 2004-05-31 15:58:34 -07:00 @@ -18,12 +18,12 @@ struct semaphore { atomic_t count; wait_queue_head_t wait; -#if WAITQUEUE_DEBUG +#ifdef WAITQUEUE_DEBUG long __magic; #endif }; -#if WAITQUEUE_DEBUG +#ifdef WAITQUEUE_DEBUG # define __SEM_DEBUG_INIT(name) , (long)&(name).__magic #else # define __SEM_DEBUG_INIT(name) @@ -53,7 +53,7 @@ atomic_set(&sem->count, val); init_waitqueue_head(&sem->wait); -#if WAITQUEUE_DEBUG +#ifdef WAITQUEUE_DEBUG sem->__magic = (long)&sem->__magic; #endif } @@ -142,7 +142,7 @@ __up_wakeup(sem); } -#if !WAITQUEUE_DEBUG && !defined(CONFIG_DEBUG_SEMAPHORE) +#if !defined(WAITQUEUE_DEBUG) && !defined(CONFIG_DEBUG_SEMAPHORE) extern inline void down(struct semaphore *sem) { __down(sem); diff -Nru a/include/asm-alpha/uaccess.h b/include/asm-alpha/uaccess.h --- a/include/asm-alpha/uaccess.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-alpha/uaccess.h 2004-05-31 15:58:34 -07:00 @@ -29,6 +29,14 @@ #define segment_eq(a,b) ((a).seg == (b).seg) +#ifdef __CHECKER__ +#define CHECK_UPTR(ptr) do { \ + __typeof__(*(ptr)) *__dummy_check_uptr = \ + (void __user *)&__dummy_check_uptr; \ +} while(0) +#else +#define CHECK_UPTR(ptr) +#endif /* * Is a address valid? This does a straightforward calculation rather @@ -43,10 +51,13 @@ #define __access_ok(addr,size,segment) \ (((segment).seg & (addr | size | (addr+size))) == 0) -#define access_ok(type,addr,size) \ - __access_ok(((unsigned long)(addr)),(size),get_fs()) +#define access_ok(type,addr,size) \ +({ \ + CHECK_UPTR(addr); \ + __access_ok(((unsigned long)(addr)),(size),get_fs()); \ +}) -extern inline int verify_area(int type, const void * addr, unsigned long size) +extern inline int verify_area(int type, const void __user * addr, unsigned long size) { return access_ok(type,addr,size) ? 0 : -EFAULT; } @@ -90,6 +101,7 @@ #define __get_user_nocheck(x,ptr,size) \ ({ \ long __gu_err = 0, __gu_val; \ + CHECK_UPTR(ptr); \ switch (size) { \ case 1: __get_user_8(ptr); break; \ case 2: __get_user_16(ptr); break; \ @@ -105,6 +117,7 @@ ({ \ long __gu_err = -EFAULT, __gu_val = 0; \ const __typeof__(*(ptr)) *__gu_addr = (ptr); \ + CHECK_UPTR(ptr); \ if (__access_ok((long)__gu_addr,size,segment)) { \ __gu_err = 0; \ switch (size) { \ @@ -204,6 +217,7 @@ #define __put_user_nocheck(x,ptr,size) \ ({ \ long __pu_err = 0; \ + CHECK_UPTR(ptr); \ switch (size) { \ case 1: __put_user_8(x,ptr); break; \ case 2: __put_user_16(x,ptr); break; \ @@ -218,6 +232,7 @@ ({ \ long __pu_err = -EFAULT; \ __typeof__(*(ptr)) *__pu_addr = (ptr); \ + CHECK_UPTR(ptr); \ if (__access_ok((long)__pu_addr,size,segment)) { \ __pu_err = 0; \ switch (size) { \ @@ -371,34 +386,42 @@ } extern inline long -__copy_tofrom_user(void *to, const void *from, long len, const void *validate) +__copy_tofrom_user(void *to, const void *from, long len, const void __user *validate) { if (__access_ok((long)validate, len, get_fs())) len = __copy_tofrom_user_nocheck(to, from, len); return len; } -#define __copy_to_user(to,from,n) __copy_tofrom_user_nocheck((to),(from),(n)) -#define __copy_from_user(to,from,n) __copy_tofrom_user_nocheck((to),(from),(n)) +#define __copy_to_user(to,from,n) \ +({ \ + CHECK_UPTR(to); \ + __copy_tofrom_user_nocheck((void *)(to),(from),(n)); \ +}) +#define __copy_from_user(to,from,n) \ +({ \ + CHECK_UPTR(from); \ + __copy_tofrom_user_nocheck((to),(void *)(from),(n)); \ +}) extern inline long -copy_to_user(void *to, const void *from, long n) +copy_to_user(void __user *to, const void *from, long n) { - return __copy_tofrom_user(to, from, n, to); + return __copy_tofrom_user((void *)to, from, n, to); } extern inline long -copy_from_user(void *to, const void *from, long n) +copy_from_user(void *to, const void __user *from, long n) { - return __copy_tofrom_user(to, from, n, from); + return __copy_tofrom_user(to, (void *)from, n, from); } extern void __do_clear_user(void); extern inline long -__clear_user(void *to, long len) +__clear_user(void __user *to, long len) { - register void * __cl_to __asm__("$6") = to; + register void __user * __cl_to __asm__("$6") = to; register long __cl_len __asm__("$0") = len; __asm__ __volatile__( __module_call(28, 2, __do_clear_user) @@ -410,7 +433,7 @@ } extern inline long -clear_user(void *to, long len) +clear_user(void __user *to, long len) { if (__access_ok((long)to, len, get_fs())) len = __clear_user(to, len); @@ -423,10 +446,10 @@ /* Returns: -EFAULT if exception before terminator, N if the entire buffer filled, else strlen. */ -extern long __strncpy_from_user(char *__to, const char *__from, long __to_len); +extern long __strncpy_from_user(char *__to, const char __user *__from, long __to_len); extern inline long -strncpy_from_user(char *to, const char *from, long n) +strncpy_from_user(char *to, const char __user *from, long n) { long ret = -EFAULT; if (__access_ok((long)from, 0, get_fs())) @@ -435,18 +458,18 @@ } /* Returns: 0 if bad, string length+1 (memory size) of string if ok */ -extern long __strlen_user(const char *); +extern long __strlen_user(const char __user *); -extern inline long strlen_user(const char *str) +extern inline long strlen_user(const char __user *str) { return access_ok(VERIFY_READ,str,0) ? __strlen_user(str) : 0; } /* Returns: 0 if exception before NUL or reaching the supplied limit (N), * a value greater than N if the limit would be exceeded, else strlen. */ -extern long __strnlen_user(const char *, long); +extern long __strnlen_user(const char __user *, long); -extern inline long strnlen_user(const char *str, long n) +extern inline long strnlen_user(const char __user *str, long n) { return access_ok(VERIFY_READ,str,0) ? __strnlen_user(str, n) : 0; } diff -Nru a/include/asm-i386/cpu.h b/include/asm-i386/cpu.h --- a/include/asm-i386/cpu.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-i386/cpu.h 2004-05-31 15:58:34 -07:00 @@ -18,10 +18,8 @@ #ifdef CONFIG_NUMA int node = cpu_to_node(num); - - if (!node_online(node)) - return 0; - parent = &node_devices[node].node; + if (node_online(node)) + parent = &node_devices[node].node; #endif /* CONFIG_NUMA */ return register_cpu(&cpu_devices[num].cpu, num, parent); diff -Nru a/include/asm-i386/uaccess.h b/include/asm-i386/uaccess.h --- a/include/asm-i386/uaccess.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-i386/uaccess.h 2004-05-31 15:58:34 -07:00 @@ -34,6 +34,10 @@ #define segment_eq(a,b) ((a).seg == (b).seg) +extern long not_a_user_address; +#define check_user_ptr(x) \ + (void) ({ void __user * __userptr = (__typeof__(*(x)) *)¬_a_user_address; __userptr; }) + /* * movsl can be slow when source and dest are not both 8-byte aligned */ @@ -43,7 +47,7 @@ } ____cacheline_aligned_in_smp movsl_mask; #endif -#define __addr_ok(addr) ((unsigned long)(addr) < (current_thread_info()->addr_limit.seg)) +#define __addr_ok(addr) ((unsigned long __force)(addr) < (current_thread_info()->addr_limit.seg)) /* * Test whether a block of memory is a valid user space address. @@ -56,6 +60,7 @@ */ #define __range_ok(addr,size) ({ \ unsigned long flag,sum; \ + check_user_ptr(addr); \ asm("addl %3,%1 ; sbbl %0,%0; cmpl %1,%4; sbbl $0,%0" \ :"=&r" (flag), "=r" (sum) \ :"1" (addr),"g" ((int)(size)),"g" (current_thread_info()->addr_limit.seg)); \ @@ -170,6 +175,7 @@ */ #define get_user(x,ptr) \ ({ int __ret_gu,__val_gu; \ + check_user_ptr(ptr); \ switch(sizeof (*(ptr))) { \ case 1: __get_user_x(1,__ret_gu,__val_gu,ptr); break; \ case 2: __get_user_x(2,__ret_gu,__val_gu,ptr); break; \ @@ -288,6 +294,7 @@ #define __put_user_size(x,ptr,size,retval,errret) \ do { \ retval = 0; \ + check_user_ptr(ptr); \ switch (size) { \ case 1: __put_user_asm(x,ptr,retval,"b","b","iq",errret);break; \ case 2: __put_user_asm(x,ptr,retval,"w","w","ir",errret);break; \ @@ -346,6 +353,7 @@ #define __get_user_size(x,ptr,size,retval,errret) \ do { \ retval = 0; \ + check_user_ptr(ptr); \ switch (size) { \ case 1: __get_user_asm(x,ptr,retval,"b","b","=q",errret);break; \ case 2: __get_user_asm(x,ptr,retval,"w","w","=r",errret);break; \ @@ -403,13 +411,13 @@ switch (n) { case 1: - __put_user_size(*(u8 *)from, (u8 *)to, 1, ret, 1); + __put_user_size(*(u8 *)from, (u8 __user *)to, 1, ret, 1); return ret; case 2: - __put_user_size(*(u16 *)from, (u16 *)to, 2, ret, 2); + __put_user_size(*(u16 *)from, (u16 __user *)to, 2, ret, 2); return ret; case 4: - __put_user_size(*(u32 *)from, (u32 *)to, 4, ret, 4); + __put_user_size(*(u32 *)from, (u32 __user *)to, 4, ret, 4); return ret; } } diff -Nru a/include/asm-ppc64/cacheflush.h b/include/asm-ppc64/cacheflush.h --- a/include/asm-ppc64/cacheflush.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-ppc64/cacheflush.h 2004-05-31 15:58:34 -07:00 @@ -40,7 +40,7 @@ static inline void flush_icache_range(unsigned long start, unsigned long stop) { - if (!(cur_cpu_spec->cpu_features & CPU_FTR_COHERENT_ICACHE)) + if (!(cur_cpu_spec->cpu_features & ASM_CONST(CPU_FTR_COHERENT_ICACHE))) __flush_icache_range(start, stop); } diff -Nru a/include/asm-ppc64/iSeries/HvCallSc.h b/include/asm-ppc64/iSeries/HvCallSc.h --- a/include/asm-ppc64/iSeries/HvCallSc.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-ppc64/iSeries/HvCallSc.h 2004-05-31 15:58:34 -07:00 @@ -21,14 +21,14 @@ #include -#define HvCallBase 0x8000000000000000 -#define HvCallCc 0x8001000000000000 -#define HvCallCfg 0x8002000000000000 -#define HvCallEvent 0x8003000000000000 -#define HvCallHpt 0x8004000000000000 -#define HvCallPci 0x8005000000000000 -#define HvCallSm 0x8007000000000000 -#define HvCallXm 0x8009000000000000 +#define HvCallBase 0x8000000000000000ul +#define HvCallCc 0x8001000000000000ul +#define HvCallCfg 0x8002000000000000ul +#define HvCallEvent 0x8003000000000000ul +#define HvCallHpt 0x8004000000000000ul +#define HvCallPci 0x8005000000000000ul +#define HvCallSm 0x8007000000000000ul +#define HvCallXm 0x8009000000000000ul u64 HvCall0( u64 ); u64 HvCall1( u64, u64 ); diff -Nru a/include/asm-ppc64/page.h b/include/asm-ppc64/page.h --- a/include/asm-ppc64/page.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-ppc64/page.h 2004-05-31 15:58:34 -07:00 @@ -15,7 +15,8 @@ #ifdef __ASSEMBLY__ #define ASM_CONST(x) x #else - #define ASM_CONST(x) x##UL + #define __ASM_CONST(x) x##UL + #define ASM_CONST(x) __ASM_CONST(x) #endif /* PAGE_SHIFT determines the page size */ diff -Nru a/include/asm-ppc64/pgtable.h b/include/asm-ppc64/pgtable.h --- a/include/asm-ppc64/pgtable.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-ppc64/pgtable.h 2004-05-31 15:58:34 -07:00 @@ -47,7 +47,7 @@ /* * Define the address range of the vmalloc VM area. */ -#define VMALLOC_START (0xD000000000000000) +#define VMALLOC_START (0xD000000000000000ul) #define VMALLOC_END (VMALLOC_START + VALID_EA_BITS) /* @@ -56,8 +56,8 @@ */ #define IMALLOC_START (ioremap_bot) #define IMALLOC_VMADDR(x) ((unsigned long)(x)) -#define PHBS_IO_BASE (0xE000000000000000) /* Reserve 2 gigs for PHBs */ -#define IMALLOC_BASE (0xE000000080000000) +#define PHBS_IO_BASE (0xE000000000000000ul) /* Reserve 2 gigs for PHBs */ +#define IMALLOC_BASE (0xE000000080000000ul) #define IMALLOC_END (IMALLOC_BASE + VALID_EA_BITS) /* diff -Nru a/include/asm-ppc64/uaccess.h b/include/asm-ppc64/uaccess.h --- a/include/asm-ppc64/uaccess.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-ppc64/uaccess.h 2004-05-31 15:58:34 -07:00 @@ -16,6 +16,10 @@ #define VERIFY_READ 0 #define VERIFY_WRITE 1 +extern long not_a_user_address; +#define check_user_ptr(x) \ + (void) ({ void __user * __userptr = (__typeof__(*(x)) *)¬_a_user_address; __userptr; }) + /* * The fs value determines whether argument validity checking should be * performed or not. If get_fs() == USER_DS, checking is performed, with @@ -54,7 +58,7 @@ (((segment).seg & (addr | size )) == 0) #define access_ok(type,addr,size) \ - __access_ok(((unsigned long)(addr)),(size),get_fs()) + __access_ok(((__force unsigned long)(addr)),(size),get_fs()) static inline int verify_area(int type, const void __user *addr, unsigned long size) { @@ -116,6 +120,7 @@ #define __put_user_nocheck(x,ptr,size) \ ({ \ long __pu_err; \ + check_user_ptr(ptr); \ __put_user_size((x),(ptr),(size),__pu_err,-EFAULT); \ __pu_err; \ }) @@ -123,7 +128,7 @@ #define __put_user_check(x,ptr,size) \ ({ \ long __pu_err = -EFAULT; \ - __typeof__(*(ptr)) *__pu_addr = (ptr); \ + void __user *__pu_addr = (ptr); \ if (access_ok(VERIFY_WRITE,__pu_addr,size)) \ __put_user_size((x),__pu_addr,(size),__pu_err,-EFAULT); \ __pu_err; \ @@ -187,6 +192,7 @@ do { \ might_sleep(); \ retval = 0; \ + check_user_ptr(ptr); \ switch (size) { \ case 1: __get_user_asm(x,ptr,retval,"lbz",errret); break; \ case 2: __get_user_asm(x,ptr,retval,"lhz",errret); break; \ diff -Nru a/include/asm-x86_64/bitops.h b/include/asm-x86_64/bitops.h --- a/include/asm-x86_64/bitops.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-x86_64/bitops.h 2004-05-31 15:58:34 -07:00 @@ -337,15 +337,14 @@ "repe; scasl\n\t" "jz 1f\n\t" "leaq -4(%%rdi),%%rdi\n\t" - "bsfq (%%rdi),%%rax\n" - "1:\tsubl %%ebx,%%edi\n\t" + "bsfl (%%rdi),%%eax\n" + "1:\tsubq %%rbx,%%rdi\n\t" "shll $3,%%edi\n\t" "addl %%edi,%%eax" :"=a" (res), "=&c" (d0), "=&D" (d1) - :"1" ((size + 31) >> 5), "2" (addr), "b" (addr)); + :"1" ((size + 31) >> 5), "2" (addr), "b" (addr) : "memory"); return res; } - /** * find_next_bit - find the first set bit in a memory region diff -Nru a/include/asm-x86_64/checksum.h b/include/asm-x86_64/checksum.h --- a/include/asm-x86_64/checksum.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-x86_64/checksum.h 2004-05-31 15:58:34 -07:00 @@ -139,9 +139,9 @@ int *src_err_ptr, int *dst_err_ptr); -extern unsigned int csum_partial_copy_from_user(const char *src, char *dst, +extern unsigned int csum_partial_copy_from_user(const char __user *src, char *dst, int len, unsigned int isum, int *errp); -extern unsigned int csum_partial_copy_to_user(const char *src, char *dst, +extern unsigned int csum_partial_copy_to_user(const char *src, char __user *dst, int len, unsigned int isum, int *errp); extern unsigned int csum_partial_copy_nocheck(const char *src, char *dst, int len, unsigned int sum); diff -Nru a/include/asm-x86_64/compat.h b/include/asm-x86_64/compat.h --- a/include/asm-x86_64/compat.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-x86_64/compat.h 2004-05-31 15:58:34 -07:00 @@ -186,15 +186,15 @@ */ typedef u32 compat_uptr_t; -static inline void *compat_ptr(compat_uptr_t uptr) +static inline void __user *compat_ptr(compat_uptr_t uptr) { - return (void *)(unsigned long)uptr; + return (void __user *)(unsigned long)uptr; } -static __inline__ void *compat_alloc_user_space(long len) +static __inline__ void __user *compat_alloc_user_space(long len) { struct pt_regs *regs = (void *)current->thread.rsp0 - sizeof(struct pt_regs); - return (void *)regs->rsp - len; + return (void __user *)regs->rsp - len; } #endif /* _ASM_X86_64_COMPAT_H */ diff -Nru a/include/asm-x86_64/floppy.h b/include/asm-x86_64/floppy.h --- a/include/asm-x86_64/floppy.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-x86_64/floppy.h 2004-05-31 15:58:34 -07:00 @@ -170,7 +170,7 @@ static void _fd_dma_mem_free(unsigned long addr, unsigned long size) { if((unsigned long) addr >= (unsigned long) high_memory) - return vfree((void *)addr); + vfree((void *)addr); else free_pages(addr, get_order(size)); } diff -Nru a/include/asm-x86_64/fpu32.h b/include/asm-x86_64/fpu32.h --- a/include/asm-x86_64/fpu32.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-x86_64/fpu32.h 2004-05-31 15:58:34 -07:00 @@ -3,8 +3,8 @@ struct _fpstate_ia32; -int restore_i387_ia32(struct task_struct *tsk, struct _fpstate_ia32 *buf, int fsave); -int save_i387_ia32(struct task_struct *tsk, struct _fpstate_ia32 *buf, +int restore_i387_ia32(struct task_struct *tsk, struct _fpstate_ia32 __user *buf, int fsave); +int save_i387_ia32(struct task_struct *tsk, struct _fpstate_ia32 __user *buf, struct pt_regs *regs, int fsave); #endif diff -Nru a/include/asm-x86_64/i387.h b/include/asm-x86_64/i387.h --- a/include/asm-x86_64/i387.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-x86_64/i387.h 2004-05-31 15:58:34 -07:00 @@ -23,7 +23,7 @@ extern unsigned int mxcsr_feature_mask; extern void mxcsr_feature_mask_init(void); extern void init_fpu(struct task_struct *child); -extern int save_i387(struct _fpstate *buf); +extern int save_i387(struct _fpstate __user *buf); static inline int need_signal_i387(struct task_struct *me) { @@ -57,10 +57,10 @@ /* * ptrace request handers... */ -extern int get_fpregs(struct user_i387_struct *buf, +extern int get_fpregs(struct user_i387_struct __user *buf, struct task_struct *tsk); extern int set_fpregs(struct task_struct *tsk, - struct user_i387_struct *buf); + struct user_i387_struct __user *buf); /* * i387 state interaction @@ -93,7 +93,7 @@ return err; } -static inline int save_i387_checking(struct i387_fxsave_struct *fx) +static inline int save_i387_checking(struct i387_fxsave_struct __user *fx) { int err; asm volatile("1: rex64 ; fxsave (%[fx])\n\t" @@ -136,7 +136,7 @@ /* * This restores directly out of user space. Exceptions are handled. */ -static inline int restore_i387(struct _fpstate *buf) +static inline int restore_i387(struct _fpstate __user *buf) { return restore_fpu_checking((struct i387_fxsave_struct *)buf); } diff -Nru a/include/asm-x86_64/ia32.h b/include/asm-x86_64/ia32.h --- a/include/asm-x86_64/ia32.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-x86_64/ia32.h 2004-05-31 15:58:34 -07:00 @@ -168,8 +168,8 @@ #ifdef __KERNEL__ struct user_desc; struct siginfo_t; -int do_get_thread_area(struct thread_struct *t, struct user_desc *u_info); -int do_set_thread_area(struct thread_struct *t, struct user_desc *u_info); +int do_get_thread_area(struct thread_struct *t, struct user_desc __user *info); +int do_set_thread_area(struct thread_struct *t, struct user_desc __user *info); int ia32_child_tls(struct task_struct *p, struct pt_regs *childregs); int ia32_copy_siginfo_from_user(siginfo_t *to, siginfo_t32 __user *from); int ia32_copy_siginfo_to_user(siginfo_t32 __user *to, siginfo_t *from); diff -Nru a/include/asm-x86_64/ia32_unistd.h b/include/asm-x86_64/ia32_unistd.h --- a/include/asm-x86_64/ia32_unistd.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-x86_64/ia32_unistd.h 2004-05-31 15:58:34 -07:00 @@ -288,7 +288,8 @@ #define __NR_ia32_mq_timedreceive (__NR_ia32_mq_open+3) #define __NR_ia32_mq_notify (__NR_ia32_mq_open+4) #define __NR_ia32_mq_getsetattr (__NR_ia32_mq_open+5) +#define __NR_ia32_kexec 283 -#define IA32_NR_syscalls 285 /* must be > than biggest syscall! */ +#define IA32_NR_syscalls 287 /* must be > than biggest syscall! */ #endif /* _ASM_X86_64_IA32_UNISTD_H_ */ diff -Nru a/include/asm-x86_64/io.h b/include/asm-x86_64/io.h --- a/include/asm-x86_64/io.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-x86_64/io.h 2004-05-31 15:58:34 -07:00 @@ -195,8 +195,13 @@ #define __raw_writel writel #define __raw_writeq writeq -void *memcpy_fromio(void*,const void*,unsigned); -void *memcpy_toio(void*,const void*,unsigned); +void *__memcpy_fromio(void*,unsigned long,unsigned); +void *__memcpy_toio(unsigned long,const void*,unsigned); + +#define memcpy_fromio(to,from,len) \ + __memcpy_fromio((to),(unsigned long)(from),(len)) +#define memcpy_toio(to,from,len) \ + __memcpy_toio((unsigned long)(to),(from),(len)) #define memset_io(a,b,c) memset((void *)(a),(b),(c)) /* diff -Nru a/include/asm-x86_64/msr.h b/include/asm-x86_64/msr.h --- a/include/asm-x86_64/msr.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-x86_64/msr.h 2004-05-31 15:58:34 -07:00 @@ -143,8 +143,8 @@ #define _EFER_NX 11 /* No execute enable */ #define EFER_SCE (1<<_EFER_SCE) -#define EFER_LME (1<> 1) & 0x3f) diff -Nru a/include/asm-x86_64/processor.h b/include/asm-x86_64/processor.h --- a/include/asm-x86_64/processor.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-x86_64/processor.h 2004-05-31 15:58:34 -07:00 @@ -166,7 +166,7 @@ /* * User space process size: 512GB - 1GB (default). */ -#define TASK_SIZE (0x0000007fc0000000) +#define TASK_SIZE (0x0000007fc0000000UL) /* This decides where the kernel will search for a free chunk of vm * space during mmap's. diff -Nru a/include/asm-x86_64/ptrace.h b/include/asm-x86_64/ptrace.h --- a/include/asm-x86_64/ptrace.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-x86_64/ptrace.h 2004-05-31 15:58:34 -07:00 @@ -83,7 +83,7 @@ #if defined(__KERNEL__) && !defined(__ASSEMBLY__) #define user_mode(regs) (!!((regs)->cs & 3)) #define instruction_pointer(regs) ((regs)->rip) -void signal_fault(struct pt_regs *regs, void *frame, char *where); +void signal_fault(struct pt_regs *regs, void __user *frame, char *where); enum { EF_CF = 0x00000001, diff -Nru a/include/asm-x86_64/semaphore.h b/include/asm-x86_64/semaphore.h --- a/include/asm-x86_64/semaphore.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-x86_64/semaphore.h 2004-05-31 15:58:34 -07:00 @@ -47,12 +47,12 @@ atomic_t count; int sleepers; wait_queue_head_t wait; -#if WAITQUEUE_DEBUG +#ifdef WAITQUEUE_DEBUG long __magic; #endif }; -#if WAITQUEUE_DEBUG +#ifdef WAITQUEUE_DEBUG # define __SEM_DEBUG_INIT(name) \ , (int)&(name).__magic #else @@ -83,7 +83,7 @@ atomic_set(&sem->count, val); sem->sleepers = 0; init_waitqueue_head(&sem->wait); -#if WAITQUEUE_DEBUG +#ifdef WAITQUEUE_DEBUG sem->__magic = (int)&sem->__magic; #endif } @@ -115,7 +115,7 @@ */ static inline void down(struct semaphore * sem) { -#if WAITQUEUE_DEBUG +#ifdef WAITQUEUE_DEBUG CHECK_MAGIC(sem->__magic); #endif might_sleep(); @@ -142,7 +142,7 @@ { int result; -#if WAITQUEUE_DEBUG +#ifdef WAITQUEUE_DEBUG CHECK_MAGIC(sem->__magic); #endif might_sleep(); @@ -171,7 +171,7 @@ { int result; -#if WAITQUEUE_DEBUG +#ifdef WAITQUEUE_DEBUG CHECK_MAGIC(sem->__magic); #endif @@ -199,7 +199,7 @@ */ static inline void up(struct semaphore * sem) { -#if WAITQUEUE_DEBUG +#ifdef WAITQUEUE_DEBUG CHECK_MAGIC(sem->__magic); #endif __asm__ __volatile__( diff -Nru a/include/asm-x86_64/sigcontext.h b/include/asm-x86_64/sigcontext.h --- a/include/asm-x86_64/sigcontext.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-x86_64/sigcontext.h 2004-05-31 15:58:34 -07:00 @@ -2,6 +2,7 @@ #define _ASM_X86_64_SIGCONTEXT_H #include +#include /* FXSAVE frame */ /* Note: reserved1/2 may someday contain valuable data. Always save/restore @@ -47,7 +48,7 @@ unsigned long trapno; unsigned long oldmask; unsigned long cr2; - struct _fpstate *fpstate; /* zero when no FPU context */ + struct _fpstate __user *fpstate; /* zero when no FPU context */ unsigned long reserved1[8]; }; diff -Nru a/include/asm-x86_64/uaccess.h b/include/asm-x86_64/uaccess.h --- a/include/asm-x86_64/uaccess.h 2004-05-31 15:58:34 -07:00 +++ b/include/asm-x86_64/uaccess.h 2004-05-31 15:58:34 -07:00 @@ -24,7 +24,7 @@ #define MAKE_MM_SEG(s) ((mm_segment_t) { (s) }) -#define KERNEL_DS MAKE_MM_SEG(0xFFFFFFFFFFFFFFFF) +#define KERNEL_DS MAKE_MM_SEG(0xFFFFFFFFFFFFFFFFUL) #define USER_DS MAKE_MM_SEG(PAGE_OFFSET) #define get_ds() (KERNEL_DS) @@ -33,6 +33,16 @@ #define segment_eq(a,b) ((a).seg == (b).seg) +#ifdef __CHECKER__ +#define CHECK_UPTR(ptr) do { \ + __typeof__(*(ptr)) *__dummy_check_uptr = \ + (void __user *)&__dummy_check_uptr; \ +} while(0) +#else +#define CHECK_UPTR(ptr) +#endif + + #define __addr_ok(addr) (!((unsigned long)(addr) & (current_thread_info()->addr_limit.seg))) /* @@ -40,15 +50,16 @@ */ #define __range_not_ok(addr,size) ({ \ unsigned long flag,sum; \ + CHECK_UPTR(addr); \ asm("# range_ok\n\r" \ "addq %3,%1 ; sbbq %0,%0 ; cmpq %1,%4 ; sbbq $0,%0" \ :"=&r" (flag), "=r" (sum) \ :"1" (addr),"g" ((long)(size)),"g" (current_thread_info()->addr_limit.seg)); \ flag; }) -#define access_ok(type,addr,size) (__range_not_ok(addr,size) == 0) +#define access_ok(type, addr, size) (__range_not_ok(addr,size) == 0) -extern inline int verify_area(int type, const void * addr, unsigned long size) +extern inline int verify_area(int type, const void __user * addr, unsigned long size) { return access_ok(type,addr,size) ? 0 : -EFAULT; } @@ -103,6 +114,7 @@ #define get_user(x,ptr) \ ({ long __val_gu; \ int __ret_gu; \ + CHECK_UPTR(ptr); \ switch(sizeof (*(ptr))) { \ case 1: __get_user_x(1,__ret_gu,__val_gu,ptr); break; \ case 2: __get_user_x(2,__ret_gu,__val_gu,ptr); break; \ @@ -138,6 +150,7 @@ #define __put_user_nocheck(x,ptr,size) \ ({ \ int __pu_err; \ + CHECK_UPTR(ptr); \ __put_user_size((x),(ptr),(size),__pu_err); \ __pu_err; \ }) @@ -193,6 +206,7 @@ ({ \ int __gu_err; \ long __gu_val; \ + CHECK_UPTR(ptr); \ __get_user_size(__gu_val,(ptr),(size),__gu_err); \ (x) = (__typeof__(*(ptr)))__gu_val; \ __gu_err; \ @@ -235,15 +249,15 @@ /* Handles exceptions in both to and from, but doesn't do access_ok */ extern unsigned long copy_user_generic(void *to, const void *from, unsigned len); -extern unsigned long copy_to_user(void *to, const void *from, unsigned len); -extern unsigned long copy_from_user(void *to, const void *from, unsigned len); -extern unsigned long copy_in_user(void *to, const void *from, unsigned len); +extern unsigned long copy_to_user(void __user *to, const void *from, unsigned len); +extern unsigned long copy_from_user(void *to, const void __user *from, unsigned len); +extern unsigned long copy_in_user(void __user *to, const void __user *from, unsigned len); -static inline int __copy_from_user(void *dst, const void *src, unsigned size) +static inline int __copy_from_user(void *dst, const void __user *src, unsigned size) { int ret = 0; if (!__builtin_constant_p(size)) - return copy_user_generic(dst,src,size); + return copy_user_generic(dst,(void *)src,size); switch (size) { case 1:__get_user_asm(*(u8*)dst,(u8 *)src,ret,"b","b","=q",1); return ret; @@ -264,15 +278,15 @@ __get_user_asm(*(u64*)(8+(char*)dst),(u64*)(8+(char*)src),ret,"q","","=r",8); return ret; default: - return copy_user_generic(dst,src,size); + return copy_user_generic(dst,(void *)src,size); } } -static inline int __copy_to_user(void *dst, const void *src, unsigned size) +static inline int __copy_to_user(void __user *dst, const void *src, unsigned size) { int ret = 0; if (!__builtin_constant_p(size)) - return copy_user_generic(dst,src,size); + return copy_user_generic((void *)dst,src,size); switch (size) { case 1:__put_user_asm(*(u8*)src,(u8 *)dst,ret,"b","b","iq",1); return ret; @@ -295,16 +309,16 @@ __put_user_asm(1[(u64*)src],1+(u64*)dst,ret,"q","","ir",8); return ret; default: - return copy_user_generic(dst,src,size); + return copy_user_generic((void *)dst,src,size); } } -static inline int __copy_in_user(void *dst, const void *src, unsigned size) +static inline int __copy_in_user(void __user *dst, const void __user *src, unsigned size) { int ret = 0; if (!__builtin_constant_p(size)) - return copy_user_generic(dst,src,size); + return copy_user_generic((void *)dst,(void *)src,size); switch (size) { case 1: { u8 tmp; @@ -336,15 +350,15 @@ return ret; } default: - return copy_user_generic(dst,src,size); + return copy_user_generic((void *)dst,(void *)src,size); } } -long strncpy_from_user(char *dst, const char *src, long count); -long __strncpy_from_user(char *dst, const char *src, long count); -long strnlen_user(const char *str, long n); -long strlen_user(const char *str); -unsigned long clear_user(void *mem, unsigned long len); -unsigned long __clear_user(void *mem, unsigned long len); +long strncpy_from_user(char *dst, const char __user *src, long count); +long __strncpy_from_user(char *dst, const char __user *src, long count); +long strnlen_user(const char __user *str, long n); +long strlen_user(const char __user *str); +unsigned long clear_user(void __user *mem, unsigned long len); +unsigned long __clear_user(void __user *mem, unsigned long len); #endif /* __X86_64_UACCESS_H */ diff -Nru a/include/linux/compiler.h b/include/linux/compiler.h --- a/include/linux/compiler.h 2004-05-31 15:58:34 -07:00 +++ b/include/linux/compiler.h 2004-05-31 15:58:34 -07:00 @@ -5,10 +5,12 @@ # define __user __attribute__((noderef, address_space(1))) # define __kernel /* default address space */ # define __safe __attribute__((safe)) +# define __force __attribute__((force)) #else # define __user # define __kernel # define __safe +# define __force #endif #ifdef __KERNEL__ diff -Nru a/include/linux/inetdevice.h b/include/linux/inetdevice.h --- a/include/linux/inetdevice.h 2004-05-31 15:58:34 -07:00 +++ b/include/linux/inetdevice.h 2004-05-31 15:58:34 -07:00 @@ -96,7 +96,7 @@ extern struct net_device *ip_dev_find(u32 addr); extern int inet_addr_onlink(struct in_device *in_dev, u32 a, u32 b); -extern int devinet_ioctl(unsigned int cmd, void *); +extern int devinet_ioctl(unsigned int cmd, void __user *); extern void devinet_init(void); extern struct in_device *inetdev_init(struct net_device *dev); extern struct in_device *inetdev_by_index(int); diff -Nru a/include/linux/kd.h b/include/linux/kd.h --- a/include/linux/kd.h 2004-05-31 15:58:34 -07:00 +++ b/include/linux/kd.h 2004-05-31 15:58:34 -07:00 @@ -1,6 +1,7 @@ #ifndef _LINUX_KD_H #define _LINUX_KD_H #include +#include /* 0x4B is 'K', to avoid collision with termios and vt */ @@ -12,7 +13,7 @@ struct consolefontdesc { unsigned short charcount; /* characters in font (256 or 512) */ unsigned short charheight; /* scan lines per character (1-32) */ - char *chardata; /* font data in expanded form */ + char __user *chardata; /* font data in expanded form */ }; #define PIO_FONTRESET 0x4B6D /* reset to default font */ @@ -63,7 +64,7 @@ }; struct unimapdesc { unsigned short entry_ct; - struct unipair *entries; + struct unipair __user *entries; }; #define PIO_UNIMAP 0x4B67 /* put unicode-to-font mapping in kernel */ #define PIO_UNIMAPCLR 0x4B68 /* clear table, possibly advise hash algorithm */ diff -Nru a/include/linux/net.h b/include/linux/net.h --- a/include/linux/net.h 2004-05-31 15:58:34 -07:00 +++ b/include/linux/net.h 2004-05-31 15:58:34 -07:00 @@ -217,9 +217,9 @@ SOCKCALL_WRAP(name, listen, (struct socket *sock, int len), (sock, len)) \ SOCKCALL_WRAP(name, shutdown, (struct socket *sock, int flags), (sock, flags)) \ SOCKCALL_WRAP(name, setsockopt, (struct socket *sock, int level, int optname, \ - char *optval, int optlen), (sock, level, optname, optval, optlen)) \ + char __user *optval, int optlen), (sock, level, optname, optval, optlen)) \ SOCKCALL_WRAP(name, getsockopt, (struct socket *sock, int level, int optname, \ - char *optval, int *optlen), (sock, level, optname, optval, optlen)) \ + char __user *optval, int __user *optlen), (sock, level, optname, optval, optlen)) \ SOCKCALL_WRAP(name, sendmsg, (struct kiocb *iocb, struct socket *sock, struct msghdr *m, size_t len), \ (iocb, sock, m, len)) \ SOCKCALL_WRAP(name, recvmsg, (struct kiocb *iocb, struct socket *sock, struct msghdr *m, size_t len, int flags), \ diff -Nru a/include/linux/netdevice.h b/include/linux/netdevice.h --- a/include/linux/netdevice.h 2004-05-31 15:58:34 -07:00 +++ b/include/linux/netdevice.h 2004-05-31 15:58:34 -07:00 @@ -558,7 +558,7 @@ extern int netpoll_trap(void); #endif -typedef int gifconf_func_t(struct net_device * dev, char * bufptr, int len); +typedef int gifconf_func_t(struct net_device * dev, char __user * bufptr, int len); extern int register_gifconf(unsigned int family, gifconf_func_t * gifconf); static inline int unregister_gifconf(unsigned int family) { @@ -676,7 +676,7 @@ extern int netif_rx(struct sk_buff *skb); #define HAVE_NETIF_RECEIVE_SKB 1 extern int netif_receive_skb(struct sk_buff *skb); -extern int dev_ioctl(unsigned int cmd, void *); +extern int dev_ioctl(unsigned int cmd, void __user *); extern int dev_ethtool(struct ifreq *); extern unsigned dev_get_flags(const struct net_device *); extern int dev_change_flags(struct net_device *, unsigned); diff -Nru a/include/linux/selection.h b/include/linux/selection.h --- a/include/linux/selection.h 2004-05-31 15:58:34 -07:00 +++ b/include/linux/selection.h 2004-05-31 15:58:34 -07:00 @@ -13,9 +13,9 @@ extern int sel_cons; extern void clear_selection(void); -extern int set_selection(const struct tiocl_selection *sel, struct tty_struct *tty, int user); +extern int set_selection(const struct tiocl_selection __user *sel, struct tty_struct *tty); extern int paste_selection(struct tty_struct *tty); -extern int sel_loadlut(const unsigned long arg); +extern int sel_loadlut(char __user *p); extern int mouse_reporting(void); extern void mouse_report(struct tty_struct * tty, int butt, int mrx, int mry); diff -Nru a/include/linux/skbuff.h b/include/linux/skbuff.h --- a/include/linux/skbuff.h 2004-05-31 15:58:34 -07:00 +++ b/include/linux/skbuff.h 2004-05-31 15:58:34 -07:00 @@ -1014,13 +1014,13 @@ extern unsigned int datagram_poll(struct file *file, struct socket *sock, struct poll_table_struct *wait); extern int skb_copy_datagram(const struct sk_buff *from, - int offset, char *to, int size); + int offset, char __user *to, int size); extern int skb_copy_datagram_iovec(const struct sk_buff *from, int offset, struct iovec *to, int size); extern int skb_copy_and_csum_datagram(const struct sk_buff *skb, - int offset, u8 *to, int len, - unsigned int *csump); + int offset, u8 __user *to, + int len, unsigned int *csump); extern int skb_copy_and_csum_datagram_iovec(const struct sk_buff *skb, int hlen, diff -Nru a/include/linux/tty_driver.h b/include/linux/tty_driver.h --- a/include/linux/tty_driver.h 2004-05-31 15:58:34 -07:00 +++ b/include/linux/tty_driver.h 2004-05-31 15:58:34 -07:00 @@ -145,7 +145,7 @@ void (*send_xchar)(struct tty_struct *tty, char ch); int (*read_proc)(char *page, char **start, off_t off, int count, int *eof, void *data); - int (*write_proc)(struct file *file, const char *buffer, + int (*write_proc)(struct file *file, const char __user *buffer, unsigned long count, void *data); int (*tiocmget)(struct tty_struct *tty, struct file *file); int (*tiocmset)(struct tty_struct *tty, struct file *file, @@ -207,7 +207,7 @@ void (*send_xchar)(struct tty_struct *tty, char ch); int (*read_proc)(char *page, char **start, off_t off, int count, int *eof, void *data); - int (*write_proc)(struct file *file, const char *buffer, + int (*write_proc)(struct file *file, const char __user *buffer, unsigned long count, void *data); int (*tiocmget)(struct tty_struct *tty, struct file *file); int (*tiocmset)(struct tty_struct *tty, struct file *file, diff -Nru a/include/linux/tty_ldisc.h b/include/linux/tty_ldisc.h --- a/include/linux/tty_ldisc.h 2004-05-31 15:58:34 -07:00 +++ b/include/linux/tty_ldisc.h 2004-05-31 15:58:34 -07:00 @@ -114,9 +114,9 @@ void (*flush_buffer)(struct tty_struct *tty); ssize_t (*chars_in_buffer)(struct tty_struct *tty); ssize_t (*read)(struct tty_struct * tty, struct file * file, - unsigned char * buf, size_t nr); + unsigned char __user * buf, size_t nr); ssize_t (*write)(struct tty_struct * tty, struct file * file, - const unsigned char * buf, size_t nr); + const unsigned char __user * buf, size_t nr); int (*ioctl)(struct tty_struct * tty, struct file * file, unsigned int cmd, unsigned long arg); void (*set_termios)(struct tty_struct *tty, struct termios * old); diff -Nru a/include/linux/vt_kern.h b/include/linux/vt_kern.h --- a/include/linux/vt_kern.h 2004-05-31 15:58:34 -07:00 +++ b/include/linux/vt_kern.h 2004-05-31 15:58:34 -07:00 @@ -49,8 +49,8 @@ void unblank_screen(void); void poke_blanked_console(void); int con_font_op(int currcons, struct console_font_op *op); -int con_set_cmap(unsigned char *cmap); -int con_get_cmap(unsigned char *cmap); +int con_set_cmap(unsigned char __user *cmap); +int con_get_cmap(unsigned char __user *cmap); void scrollback(int); void scrollfront(int); void update_region(int currcons, unsigned long start, int count); @@ -66,13 +66,13 @@ struct unimapinit; struct unipair; -int con_set_trans_old(unsigned char * table); -int con_get_trans_old(unsigned char * table); -int con_set_trans_new(unsigned short * table); -int con_get_trans_new(unsigned short * table); +int con_set_trans_old(unsigned char __user * table); +int con_get_trans_old(unsigned char __user * table); +int con_set_trans_new(unsigned short __user * table); +int con_get_trans_new(unsigned short __user * table); int con_clear_unimap(int currcons, struct unimapinit *ui); -int con_set_unimap(int currcons, ushort ct, struct unipair *list); -int con_get_unimap(int currcons, ushort ct, ushort *uct, struct unipair *list); +int con_set_unimap(int currcons, ushort ct, struct unipair __user *list); +int con_get_unimap(int currcons, ushort ct, ushort __user *uct, struct unipair __user *list); int con_set_default_unimap(int currcons); void con_free_unimap(int currcons); void con_protect_unimap(int currcons, int rdonly); diff -Nru a/include/net/addrconf.h b/include/net/addrconf.h --- a/include/net/addrconf.h 2004-05-31 15:58:34 -07:00 +++ b/include/net/addrconf.h 2004-05-31 15:58:34 -07:00 @@ -52,9 +52,9 @@ extern void addrconf_init(void); extern void addrconf_cleanup(void); -extern int addrconf_add_ifaddr(void *arg); -extern int addrconf_del_ifaddr(void *arg); -extern int addrconf_set_dstaddr(void *arg); +extern int addrconf_add_ifaddr(void __user *arg); +extern int addrconf_del_ifaddr(void __user *arg); +extern int addrconf_set_dstaddr(void __user *arg); extern int ipv6_chk_addr(struct in6_addr *addr, struct net_device *dev, diff -Nru a/include/net/arp.h b/include/net/arp.h --- a/include/net/arp.h 2004-05-31 15:58:34 -07:00 +++ b/include/net/arp.h 2004-05-31 15:58:34 -07:00 @@ -13,7 +13,7 @@ extern int arp_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt); extern int arp_find(unsigned char *haddr, struct sk_buff *skb); -extern int arp_ioctl(unsigned int cmd, void *arg); +extern int arp_ioctl(unsigned int cmd, void __user *arg); extern void arp_send(int type, int ptype, u32 dest_ip, struct net_device *dev, u32 src_ip, unsigned char *dest_hw, unsigned char *src_hw, unsigned char *th); diff -Nru a/include/net/checksum.h b/include/net/checksum.h --- a/include/net/checksum.h 2004-05-31 15:58:34 -07:00 +++ b/include/net/checksum.h 2004-05-31 15:58:34 -07:00 @@ -95,7 +95,7 @@ #ifndef _HAVE_ARCH_COPY_AND_CSUM_FROM_USER static inline -unsigned int csum_and_copy_from_user (const char *src, char *dst, +unsigned int csum_and_copy_from_user (const char __user *src, char *dst, int len, int sum, int *err_ptr) { if (verify_area(VERIFY_READ, src, len) == 0) @@ -110,7 +110,7 @@ #ifndef HAVE_CSUM_COPY_USER static __inline__ unsigned int csum_and_copy_to_user -(const char *src, char *dst, int len, unsigned int sum, int *err_ptr) +(const char *src, char __user *dst, int len, unsigned int sum, int *err_ptr) { sum = csum_partial(src, len, sum); diff -Nru a/include/net/compat.h b/include/net/compat.h --- a/include/net/compat.h 2004-05-31 15:58:34 -07:00 +++ b/include/net/compat.h 2004-05-31 15:58:34 -07:00 @@ -29,9 +29,9 @@ extern int get_compat_msghdr(struct msghdr *, struct compat_msghdr __user *); extern int verify_compat_iovec(struct msghdr *, struct iovec *, char *, int); -extern asmlinkage long compat_sys_sendmsg(int,struct compat_msghdr *,unsigned); -extern asmlinkage long compat_sys_recvmsg(int,struct compat_msghdr *,unsigned); -extern asmlinkage long compat_sys_getsockopt(int, int, int, char *, int *); +extern asmlinkage long compat_sys_sendmsg(int,struct compat_msghdr __user *,unsigned); +extern asmlinkage long compat_sys_recvmsg(int,struct compat_msghdr __user *,unsigned); +extern asmlinkage long compat_sys_getsockopt(int, int, int, char __user *, int __user *); extern int put_cmsg_compat(struct msghdr*, int, int, int, void *); extern int cmsghdr_from_user_compat_to_kern(struct msghdr *, unsigned char *, int); diff -Nru a/include/net/ip.h b/include/net/ip.h --- a/include/net/ip.h 2004-05-31 15:58:34 -07:00 +++ b/include/net/ip.h 2004-05-31 15:58:34 -07:00 @@ -300,11 +300,11 @@ * fed into the routing cache should use these handlers. */ int ipv4_doint_and_flush(ctl_table *ctl, int write, - struct file* filp, void *buffer, + struct file* filp, void __user *buffer, size_t *lenp); -int ipv4_doint_and_flush_strategy(ctl_table *table, int *name, int nlen, - void *oldval, size_t *oldlenp, - void *newval, size_t newlen, +int ipv4_doint_and_flush_strategy(ctl_table *table, int __user *name, int nlen, + void __user *oldval, size_t __user *oldlenp, + void __user *newval, size_t newlen, void **context); #endif /* _IP_H */ diff -Nru a/include/net/ip6_route.h b/include/net/ip6_route.h --- a/include/net/ip6_route.h 2004-05-31 15:58:34 -07:00 +++ b/include/net/ip6_route.h 2004-05-31 15:58:34 -07:00 @@ -35,7 +35,7 @@ extern void ip6_route_init(void); extern void ip6_route_cleanup(void); -extern int ipv6_route_ioctl(unsigned int cmd, void *arg); +extern int ipv6_route_ioctl(unsigned int cmd, void __user *arg); extern int ip6_route_add(struct in6_rtmsg *rtmsg, struct nlmsghdr *, diff -Nru a/include/net/sock.h b/include/net/sock.h --- a/include/net/sock.h 2004-05-31 15:58:34 -07:00 +++ b/include/net/sock.h 2004-05-31 15:58:34 -07:00 @@ -1049,7 +1049,7 @@ } } -extern int sock_get_timestamp(struct sock *, struct timeval *); +extern int sock_get_timestamp(struct sock *, struct timeval __user *); /* * Enable debug/info messages diff -Nru a/net/appletalk/ddp.c b/net/appletalk/ddp.c --- a/net/appletalk/ddp.c 2004-05-31 15:58:34 -07:00 +++ b/net/appletalk/ddp.c 2004-05-31 15:58:34 -07:00 @@ -1795,7 +1795,7 @@ break; } case SIOCGSTAMP: - rc = sock_get_timestamp(sk, (struct timeval *)arg); + rc = sock_get_timestamp(sk, (struct timeval __user *)arg); break; /* Routing */ case SIOCADDRT: @@ -1829,7 +1829,7 @@ case SIOCGIFCOUNT: case SIOCGIFINDEX: case SIOCGIFNAME: - rc = dev_ioctl(cmd, (void *)arg); + rc = dev_ioctl(cmd, (void __user *)arg); break; } diff -Nru a/net/atm/ioctl.c b/net/atm/ioctl.c --- a/net/atm/ioctl.c 2004-05-31 15:58:34 -07:00 +++ b/net/atm/ioctl.c 2004-05-31 15:58:34 -07:00 @@ -76,8 +76,8 @@ goto done; } case SIOCGSTAMP: /* borrowed from IP */ - error = sock_get_timestamp(vcc->sk, (struct timeval *) - arg); + error = sock_get_timestamp(vcc->sk, + (struct timeval __user *) arg); goto done; case ATM_SETSC: printk(KERN_WARNING "ATM_SETSC is obsolete\n"); diff -Nru a/net/ax25/af_ax25.c b/net/ax25/af_ax25.c --- a/net/ax25/af_ax25.c 2004-05-31 15:58:34 -07:00 +++ b/net/ax25/af_ax25.c 2004-05-31 15:58:34 -07:00 @@ -1694,7 +1694,7 @@ case SIOCGSTAMP: if (sk != NULL) { - res = sock_get_timestamp(sk, (struct timeval *)arg); + res = sock_get_timestamp(sk, (struct timeval __user *)arg); break; } res = -EINVAL; @@ -1826,7 +1826,7 @@ break; default: - res = dev_ioctl(cmd, (void *)arg); + res = dev_ioctl(cmd, (void __user *)arg); break; } release_sock(sk); diff -Nru a/net/compat.c b/net/compat.c --- a/net/compat.c 2004-05-31 15:58:34 -07:00 +++ b/net/compat.c 2004-05-31 15:58:34 -07:00 @@ -29,7 +29,7 @@ #include static inline int iov_from_user_compat_to_kern(struct iovec *kiov, - struct compat_iovec *uiov32, + struct compat_iovec __user *uiov32, int niov) { int tot_len = 0; @@ -53,7 +53,7 @@ return tot_len; } -int get_compat_msghdr(struct msghdr *kmsg, struct compat_msghdr *umsg) +int get_compat_msghdr(struct msghdr *kmsg, struct compat_msghdr __user *umsg) { compat_uptr_t tmp1, tmp2, tmp3; @@ -98,7 +98,7 @@ } tot_len = iov_from_user_compat_to_kern(kern_iov, - (struct compat_iovec *)kern_msg->msg_iov, + (struct compat_iovec __user *)kern_msg->msg_iov, kern_msg->msg_iovlen); if(tot_len >= 0) kern_msg->msg_iov = kern_iov; @@ -112,7 +112,7 @@ #define CMSG_COMPAT_ALIGN(len) ALIGN((len), sizeof(s32)) #define CMSG_COMPAT_DATA(cmsg) \ - ((void *)((char *)(cmsg) + CMSG_COMPAT_ALIGN(sizeof(struct compat_cmsghdr)))) + ((void __user *)((char __user *)(cmsg) + CMSG_COMPAT_ALIGN(sizeof(struct compat_cmsghdr)))) #define CMSG_COMPAT_SPACE(len) \ (CMSG_COMPAT_ALIGN(sizeof(struct compat_cmsghdr)) + CMSG_COMPAT_ALIGN(len)) #define CMSG_COMPAT_LEN(len) \ @@ -120,20 +120,17 @@ #define CMSG_COMPAT_FIRSTHDR(msg) \ (((msg)->msg_controllen) >= sizeof(struct compat_cmsghdr) ? \ - (struct compat_cmsghdr *)((msg)->msg_control) : \ - (struct compat_cmsghdr *)NULL) + (struct compat_cmsghdr __user *)((msg)->msg_control) : \ + (struct compat_cmsghdr __user *)NULL) -static inline struct compat_cmsghdr *cmsg_compat_nxthdr(struct msghdr *msg, - struct compat_cmsghdr *cmsg, int cmsg_len) +static inline struct compat_cmsghdr __user *cmsg_compat_nxthdr(struct msghdr *msg, + struct compat_cmsghdr __user *cmsg, int cmsg_len) { - struct compat_cmsghdr *ptr; - - ptr = (struct compat_cmsghdr *)(((unsigned char *)cmsg) + - CMSG_COMPAT_ALIGN(cmsg_len)); - if ((unsigned long)((char *)(ptr + 1) - (char *)msg->msg_control) > + char __user *ptr = (char __user *)cmsg + CMSG_COMPAT_ALIGN(cmsg_len); + if ((unsigned long)(ptr + 1 - (char __user *)msg->msg_control) > msg->msg_controllen) return NULL; - return ptr; + return (struct compat_cmsghdr __user *)ptr; } /* There is a lot of hair here because the alignment rules (and @@ -143,7 +140,7 @@ int cmsghdr_from_user_compat_to_kern(struct msghdr *kmsg, unsigned char *stackbuf, int stackbuf_size) { - struct compat_cmsghdr *ucmsg; + struct compat_cmsghdr __user *ucmsg; struct cmsghdr *kcmsg, *kcmsg_base; compat_size_t ucmlen; __kernel_size_t kcmlen, tmp; @@ -159,7 +156,7 @@ if(CMSG_COMPAT_ALIGN(ucmlen) < CMSG_COMPAT_ALIGN(sizeof(struct compat_cmsghdr))) return -EINVAL; - if((unsigned long)(((char *)ucmsg - (char *)kmsg->msg_control) + if((unsigned long)(((char __user *)ucmsg - (char __user *)kmsg->msg_control) + ucmlen) > kmsg->msg_controllen) return -EINVAL; @@ -217,7 +214,7 @@ int put_cmsg_compat(struct msghdr *kmsg, int level, int type, int len, void *data) { struct compat_timeval ctv; - struct compat_cmsghdr *cm = (struct compat_cmsghdr *) kmsg->msg_control; + struct compat_cmsghdr __user *cm = (struct compat_cmsghdr __user *) kmsg->msg_control; struct compat_cmsghdr cmhdr; int cmlen; @@ -255,17 +252,17 @@ void scm_detach_fds_compat(struct msghdr *kmsg, struct scm_cookie *scm) { - struct compat_cmsghdr *cm = (struct compat_cmsghdr *) kmsg->msg_control; + struct compat_cmsghdr __user *cm = (struct compat_cmsghdr __user *) kmsg->msg_control; int fdmax = (kmsg->msg_controllen - sizeof(struct compat_cmsghdr)) / sizeof(int); int fdnum = scm->fp->count; struct file **fp = scm->fp->fp; - int *cmfptr; + int __user *cmfptr; int err = 0, i; if (fdnum < fdmax) fdmax = fdnum; - for (i = 0, cmfptr = (int *) CMSG_COMPAT_DATA(cm); i < fdmax; i++, cmfptr++) { + for (i = 0, cmfptr = (int __user *) CMSG_COMPAT_DATA(cm); i < fdmax; i++, cmfptr++) { int new_fd; err = get_unused_fd(); if (err < 0) @@ -322,10 +319,10 @@ }; static int do_netfilter_replace(int fd, int level, int optname, - char *optval, int optlen) + char __user *optval, int optlen) { - struct compat_ipt_replace *urepl = (struct compat_ipt_replace *)optval; - struct ipt_replace *repl_nat; + struct compat_ipt_replace __user *urepl; + struct ipt_replace __user *repl_nat; char name[IPT_TABLE_MAXNAMELEN]; u32 origsize, tmp32, num_counters; unsigned int repl_nat_size; @@ -333,6 +330,7 @@ int i; compat_uptr_t ucntrs; + urepl = (struct compat_ipt_replace __user *)optval; if (get_user(origsize, &urepl->size)) return -EFAULT; @@ -399,7 +397,7 @@ ret = sys_setsockopt(fd, level, optname, - (char *)repl_nat, repl_nat_size); + (char __user *)repl_nat, repl_nat_size); out: return ret; @@ -414,10 +412,10 @@ }; static int do_set_attach_filter(int fd, int level, int optname, - char *optval, int optlen) + char __user *optval, int optlen) { - struct compat_sock_fprog *fprog32 = (struct compat_sock_fprog *)optval; - struct sock_fprog *kfprog = compat_alloc_user_space(sizeof(struct sock_fprog)); + struct compat_sock_fprog __user *fprog32 = (struct compat_sock_fprog __user *)optval; + struct sock_fprog __user *kfprog = compat_alloc_user_space(sizeof(struct sock_fprog)); compat_uptr_t ptr; u16 len; @@ -429,13 +427,13 @@ __put_user(compat_ptr(ptr), &kfprog->filter)) return -EFAULT; - return sys_setsockopt(fd, level, optname, (char *)kfprog, + return sys_setsockopt(fd, level, optname, (char __user *)kfprog, sizeof(struct sock_fprog)); } -static int do_set_sock_timeout(int fd, int level, int optname, char *optval, int optlen) +static int do_set_sock_timeout(int fd, int level, int optname, char __user *optval, int optlen) { - struct compat_timeval *up = (struct compat_timeval *) optval; + struct compat_timeval __user *up = (struct compat_timeval __user *) optval; struct timeval ktime; mm_segment_t old_fs; int err; @@ -455,7 +453,7 @@ } asmlinkage long compat_sys_setsockopt(int fd, int level, int optname, - char *optval, int optlen) + char __user *optval, int optlen) { if (optname == IPT_SO_SET_REPLACE) return do_netfilter_replace(fd, level, optname, @@ -469,14 +467,15 @@ return sys_setsockopt(fd, level, optname, optval, optlen); } -static int do_get_sock_timeout(int fd, int level, int optname, char *optval, - int *optlen) +static int do_get_sock_timeout(int fd, int level, int optname, + char __user *optval, int __user *optlen) { - struct compat_timeval *up = (struct compat_timeval *) optval; + struct compat_timeval __user *up; struct timeval ktime; mm_segment_t old_fs; int len, err; + up = (struct compat_timeval __user *) optval; if (get_user(len, optlen)) return -EFAULT; if (len < sizeof(*up)) @@ -498,7 +497,7 @@ } asmlinkage long compat_sys_getsockopt(int fd, int level, int optname, - char *optval, int *optlen) + char __user *optval, int __user *optlen) { if (optname == SO_RCVTIMEO || optname == SO_SNDTIMEO) return do_get_sock_timeout(fd, level, optname, optval, optlen); @@ -512,17 +511,17 @@ AL(6),AL(2),AL(5),AL(5),AL(3),AL(3)}; #undef AL -asmlinkage long compat_sys_sendmsg(int fd, struct compat_msghdr *msg, unsigned flags) +asmlinkage long compat_sys_sendmsg(int fd, struct compat_msghdr __user *msg, unsigned flags) { - return sys_sendmsg(fd, (struct msghdr *)msg, flags | MSG_CMSG_COMPAT); + return sys_sendmsg(fd, (struct msghdr __user *)msg, flags | MSG_CMSG_COMPAT); } -asmlinkage long compat_sys_recvmsg(int fd, struct compat_msghdr *msg, unsigned int flags) +asmlinkage long compat_sys_recvmsg(int fd, struct compat_msghdr __user *msg, unsigned int flags) { - return sys_recvmsg(fd, (struct msghdr *)msg, flags | MSG_CMSG_COMPAT); + return sys_recvmsg(fd, (struct msghdr __user *)msg, flags | MSG_CMSG_COMPAT); } -asmlinkage long compat_sys_socketcall(int call, u32 *args) +asmlinkage long compat_sys_socketcall(int call, u32 __user *args) { int ret; u32 a[6]; diff -Nru a/net/core/datagram.c b/net/core/datagram.c --- a/net/core/datagram.c 2004-05-31 15:58:34 -07:00 +++ b/net/core/datagram.c 2004-05-31 15:58:34 -07:00 @@ -202,7 +202,7 @@ /* * Copy a datagram to a linear buffer. */ -int skb_copy_datagram(const struct sk_buff *skb, int offset, char *to, int size) +int skb_copy_datagram(const struct sk_buff *skb, int offset, char __user *to, int size) { struct iovec iov = { .iov_base = to, @@ -297,7 +297,7 @@ } int skb_copy_and_csum_datagram(const struct sk_buff *skb, int offset, - u8 *to, int len, unsigned int *csump) + u8 __user *to, int len, unsigned int *csump) { int start = skb_headlen(skb); int pos = 0; diff -Nru a/net/core/dev.c b/net/core/dev.c --- a/net/core/dev.c 2004-05-31 15:58:34 -07:00 +++ b/net/core/dev.c 2004-05-31 15:58:34 -07:00 @@ -1958,7 +1958,7 @@ { struct ifconf ifc; struct net_device *dev; - char *pos; + char __user *pos; int len; int total; int i; diff -Nru a/net/core/iovec.c b/net/core/iovec.c --- a/net/core/iovec.c 2004-05-31 15:58:34 -07:00 +++ b/net/core/iovec.c 2004-05-31 15:58:34 -07:00 @@ -192,7 +192,7 @@ } while (len > 0) { - u8 *base = iov->iov_base + offset; + u8 __user *base = iov->iov_base + offset; int copy = min_t(unsigned int, len, iov->iov_len - offset); offset = 0; diff -Nru a/net/core/netpoll.c b/net/core/netpoll.c --- a/net/core/netpoll.c 2004-05-31 15:58:34 -07:00 +++ b/net/core/netpoll.c 2004-05-31 15:58:34 -07:00 @@ -623,7 +623,7 @@ np->dev = 0; } -int netpoll_trap() +int netpoll_trap(void) { return trapped; } diff -Nru a/net/core/scm.c b/net/core/scm.c --- a/net/core/scm.c 2004-05-31 15:58:34 -07:00 +++ b/net/core/scm.c 2004-05-31 15:58:34 -07:00 @@ -169,7 +169,7 @@ int put_cmsg(struct msghdr * msg, int level, int type, int len, void *data) { - struct cmsghdr *cm = (struct cmsghdr*)msg->msg_control; + struct cmsghdr __user *cm = (struct cmsghdr __user *)msg->msg_control; struct cmsghdr cmhdr; int cmlen = CMSG_LEN(len); int err; @@ -204,16 +204,18 @@ void scm_detach_fds(struct msghdr *msg, struct scm_cookie *scm) { - struct cmsghdr *cm = (struct cmsghdr*)msg->msg_control; + struct cmsghdr __user *cm = (struct cmsghdr __user*)msg->msg_control; int fdmax = 0; int fdnum = scm->fp->count; struct file **fp = scm->fp->fp; - int *cmfptr; + int __user *cmfptr; int err = 0, i; - if (MSG_CMSG_COMPAT & msg->msg_flags) - return scm_detach_fds_compat(msg, scm); + if (MSG_CMSG_COMPAT & msg->msg_flags) { + scm_detach_fds_compat(msg, scm); + return; + } if (msg->msg_controllen > sizeof(struct cmsghdr)) fdmax = ((msg->msg_controllen - sizeof(struct cmsghdr)) @@ -222,7 +224,7 @@ if (fdnum < fdmax) fdmax = fdnum; - for (i=0, cmfptr=(int*)CMSG_DATA(cm); i 0 there are consumers of rx skb time stamps */ atomic_t netstamp_needed = ATOMIC_INIT(0); -int sock_get_timestamp(struct sock *sk, struct timeval *userstamp) +int sock_get_timestamp(struct sock *sk, struct timeval __user *userstamp) { if (!sock_flag(sk, SOCK_TIMESTAMP)) sock_enable_timestamp(sk); diff -Nru a/net/decnet/af_decnet.c b/net/decnet/af_decnet.c --- a/net/decnet/af_decnet.c 2004-05-31 15:58:34 -07:00 +++ b/net/decnet/af_decnet.c 2004-05-31 15:58:34 -07:00 @@ -1248,7 +1248,7 @@ break; default: - err = dev_ioctl(cmd, (void *)arg); + err = dev_ioctl(cmd, (void __user *)arg); break; } diff -Nru a/net/decnet/dn_dev.c b/net/decnet/dn_dev.c --- a/net/decnet/dn_dev.c 2004-05-31 15:58:34 -07:00 +++ b/net/decnet/dn_dev.c 2004-05-31 15:58:34 -07:00 @@ -1294,35 +1294,43 @@ * it as a compile time option. Probably you should use the * rtnetlink interface instead. */ -int dnet_gifconf(struct net_device *dev, char *buf, int len) +int dnet_gifconf(struct net_device *dev, char __user *buf, int len) { struct dn_dev *dn_db = (struct dn_dev *)dev->dn_ptr; struct dn_ifaddr *ifa; - struct ifreq *ifr = (struct ifreq *)buf; + char buffer[DN_IFREQ_SIZE]; + struct ifreq *ifr = (struct ifreq *)buffer; + struct sockaddr_dn *addr = (struct sockaddr_dn *)&ifr->ifr_addr; int done = 0; if ((dn_db == NULL) || ((ifa = dn_db->ifa_list) == NULL)) return 0; for(; ifa; ifa = ifa->ifa_next) { - if (!ifr) { + if (!buf) { done += sizeof(DN_IFREQ_SIZE); continue; } if (len < DN_IFREQ_SIZE) return done; - memset(ifr, 0, DN_IFREQ_SIZE); + memset(buffer, 0, DN_IFREQ_SIZE); if (ifa->ifa_label) strcpy(ifr->ifr_name, ifa->ifa_label); else strcpy(ifr->ifr_name, dev->name); - (*(struct sockaddr_dn *) &ifr->ifr_addr).sdn_family = AF_DECnet; - (*(struct sockaddr_dn *) &ifr->ifr_addr).sdn_add.a_len = 2; - (*(dn_address *)(*(struct sockaddr_dn *) &ifr->ifr_addr).sdn_add.a_addr) = ifa->ifa_local; + addr->sdn_family = AF_DECnet; + addr->sdn_add.a_len = 2; + memcpy(addr->sdn_add.a_addr, &ifa->ifa_local, + sizeof(dn_address)); - ifr = (struct ifreq *)((char *)ifr + DN_IFREQ_SIZE); + if (copy_to_user(buf, buffer, DN_IFREQ_SIZE)) { + done = -EFAULT; + break; + } + + buf += DN_IFREQ_SIZE; len -= DN_IFREQ_SIZE; done += DN_IFREQ_SIZE; } diff -Nru a/net/econet/af_econet.c b/net/econet/af_econet.c --- a/net/econet/af_econet.c 2004-05-31 15:58:34 -07:00 +++ b/net/econet/af_econet.c 2004-05-31 15:58:34 -07:00 @@ -665,7 +665,7 @@ switch(cmd) { case SIOCGSTAMP: - return sock_get_timestamp(sk,(struct timeval *)arg); + return sock_get_timestamp(sk,(struct timeval __user *)arg); case SIOCSIFADDR: case SIOCGIFADDR: @@ -673,7 +673,7 @@ break; default: - return dev_ioctl(cmd,(void *) arg); + return dev_ioctl(cmd,(void __user *) arg); } /*NOTREACHED*/ return 0; diff -Nru a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c --- a/net/ipv4/af_inet.c 2004-05-31 15:58:34 -07:00 +++ b/net/ipv4/af_inet.c 2004-05-31 15:58:34 -07:00 @@ -843,7 +843,7 @@ switch (cmd) { case SIOCGSTAMP: - err = sock_get_timestamp(sk, (struct timeval *)arg); + err = sock_get_timestamp(sk, (struct timeval __user *)arg); break; case SIOCADDRT: case SIOCDELRT: @@ -853,7 +853,7 @@ case SIOCDARP: case SIOCGARP: case SIOCSARP: - err = arp_ioctl(cmd, (void *)arg); + err = arp_ioctl(cmd, (void __user *)arg); break; case SIOCGIFADDR: case SIOCSIFADDR: @@ -866,13 +866,13 @@ case SIOCSIFPFLAGS: case SIOCGIFPFLAGS: case SIOCSIFFLAGS: - err = devinet_ioctl(cmd, (void *)arg); + err = devinet_ioctl(cmd, (void __user *)arg); break; default: if (!sk->sk_prot->ioctl || (err = sk->sk_prot->ioctl(sk, cmd, arg)) == -ENOIOCTLCMD) - err = dev_ioctl(cmd, (void *)arg); + err = dev_ioctl(cmd, (void __user *)arg); break; } return err; diff -Nru a/net/ipv4/arp.c b/net/ipv4/arp.c --- a/net/ipv4/arp.c 2004-05-31 15:58:34 -07:00 +++ b/net/ipv4/arp.c 2004-05-31 15:58:34 -07:00 @@ -1103,7 +1103,7 @@ * Handle an ARP layer I/O control request. */ -int arp_ioctl(unsigned int cmd, void *arg) +int arp_ioctl(unsigned int cmd, void __user *arg) { int err; struct arpreq r; diff -Nru a/net/ipv4/devinet.c b/net/ipv4/devinet.c --- a/net/ipv4/devinet.c 2004-05-31 15:58:34 -07:00 +++ b/net/ipv4/devinet.c 2004-05-31 15:58:34 -07:00 @@ -489,7 +489,7 @@ } -int devinet_ioctl(unsigned int cmd, void *arg) +int devinet_ioctl(unsigned int cmd, void __user *arg) { struct ifreq ifr; struct sockaddr_in sin_orig; @@ -713,7 +713,7 @@ goto out; } -static int inet_gifconf(struct net_device *dev, char *buf, int len) +static int inet_gifconf(struct net_device *dev, char __user *buf, int len) { struct in_device *in_dev = __in_dev_get(dev); struct in_ifaddr *ifa; @@ -1136,7 +1136,7 @@ } static int devinet_sysctl_forward(ctl_table *ctl, int write, - struct file* filp, void *buffer, + struct file* filp, void __user *buffer, size_t *lenp) { int *valp = ctl->data; @@ -1154,7 +1154,7 @@ } int ipv4_doint_and_flush(ctl_table *ctl, int write, - struct file* filp, void *buffer, + struct file* filp, void __user *buffer, size_t *lenp) { int *valp = ctl->data; @@ -1167,9 +1167,9 @@ return ret; } -int ipv4_doint_and_flush_strategy(ctl_table *table, int *name, int nlen, - void *oldval, size_t *oldlenp, - void *newval, size_t newlen, +int ipv4_doint_and_flush_strategy(ctl_table *table, int __user *name, int nlen, + void __user *oldval, size_t __user *oldlenp, + void __user *newval, size_t newlen, void **context) { int *valp = table->data; @@ -1181,7 +1181,7 @@ if (newlen != sizeof(int)) return -EINVAL; - if (get_user(new, (int *)newval)) + if (get_user(new, (int __user *)newval)) return -EFAULT; if (new == *valp) diff -Nru a/net/ipv4/netfilter/ip_conntrack_core.c b/net/ipv4/netfilter/ip_conntrack_core.c --- a/net/ipv4/netfilter/ip_conntrack_core.c 2004-05-31 15:58:34 -07:00 +++ b/net/ipv4/netfilter/ip_conntrack_core.c 2004-05-31 15:58:34 -07:00 @@ -920,7 +920,7 @@ } struct ip_conntrack_expect * -ip_conntrack_expect_alloc() +ip_conntrack_expect_alloc(void) { struct ip_conntrack_expect *new; diff -Nru a/net/ipv4/raw.c b/net/ipv4/raw.c --- a/net/ipv4/raw.c 2004-05-31 15:58:34 -07:00 +++ b/net/ipv4/raw.c 2004-05-31 15:58:34 -07:00 @@ -631,7 +631,7 @@ switch (cmd) { case SIOCOUTQ: { int amount = atomic_read(&sk->sk_wmem_alloc); - return put_user(amount, (int *)arg); + return put_user(amount, (int __user *)arg); } case SIOCINQ: { struct sk_buff *skb; @@ -642,7 +642,7 @@ if (skb != NULL) amount = skb->len; spin_unlock_irq(&sk->sk_receive_queue.lock); - return put_user(amount, (int *)arg); + return put_user(amount, (int __user *)arg); } default: diff -Nru a/net/ipv4/route.c b/net/ipv4/route.c --- a/net/ipv4/route.c 2004-05-31 15:58:34 -07:00 +++ b/net/ipv4/route.c 2004-05-31 15:58:34 -07:00 @@ -2482,7 +2482,7 @@ static int flush_delay; static int ipv4_sysctl_rtcache_flush(ctl_table *ctl, int write, - struct file *filp, void *buffer, + struct file *filp, void __user *buffer, size_t *lenp) { if (write) { @@ -2494,15 +2494,19 @@ return -EINVAL; } -static int ipv4_sysctl_rtcache_flush_strategy(ctl_table *table, int *name, - int nlen, void *oldval, - size_t *oldlenp, void *newval, - size_t newlen, void **context) +static int ipv4_sysctl_rtcache_flush_strategy(ctl_table *table, + int __user *name, + int nlen, + void __user *oldval, + size_t __user *oldlenp, + void __user *newval, + size_t newlen, + void **context) { int delay; if (newlen != sizeof(int)) return -EINVAL; - if (get_user(delay, (int *)newval)) + if (get_user(delay, (int __user *)newval)) return -EFAULT; rt_cache_flush(delay); return 0; diff -Nru a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c --- a/net/ipv4/sysctl_net_ipv4.c 2004-05-31 15:58:34 -07:00 +++ b/net/ipv4/sysctl_net_ipv4.c 2004-05-31 15:58:34 -07:00 @@ -62,7 +62,7 @@ static int ipv4_sysctl_forward(ctl_table *ctl, int write, struct file * filp, - void *buffer, size_t *lenp) + void __user *buffer, size_t *lenp) { int val = ipv4_devconf.forwarding; int ret; @@ -75,9 +75,10 @@ return ret; } -static int ipv4_sysctl_forward_strategy(ctl_table *table, int *name, int nlen, - void *oldval, size_t *oldlenp, - void *newval, size_t newlen, +static int ipv4_sysctl_forward_strategy(ctl_table *table, + int __user *name, int nlen, + void __user *oldval, size_t __user *oldlenp, + void __user *newval, size_t newlen, void **context) { int *valp = table->data; @@ -89,7 +90,7 @@ if (newlen != sizeof(int)) return -EINVAL; - if (get_user(new, (int *)newval)) + if (get_user(new, (int __user *)newval)) return -EFAULT; if (new == *valp) diff -Nru a/net/ipv4/tcp.c b/net/ipv4/tcp.c --- a/net/ipv4/tcp.c 2004-05-31 15:58:34 -07:00 +++ b/net/ipv4/tcp.c 2004-05-31 15:58:34 -07:00 @@ -530,7 +530,7 @@ return -ENOIOCTLCMD; }; - return put_user(answ, (int *)arg); + return put_user(answ, (int __user *)arg); } @@ -966,7 +966,7 @@ #define TCP_PAGE(sk) (inet_sk(sk)->sndmsg_page) #define TCP_OFF(sk) (inet_sk(sk)->sndmsg_off) -static inline int tcp_copy_to_page(struct sock *sk, char *from, +static inline int tcp_copy_to_page(struct sock *sk, char __user *from, struct sk_buff *skb, struct page *page, int off, int copy) { @@ -991,7 +991,7 @@ return 0; } -static inline int skb_add_data(struct sk_buff *skb, char *from, int copy) +static inline int skb_add_data(struct sk_buff *skb, char __user *from, int copy) { int err = 0; unsigned int csum; @@ -1065,7 +1065,7 @@ while (--iovlen >= 0) { int seglen = iov->iov_len; - unsigned char *from = iov->iov_base; + unsigned char __user *from = iov->iov_base; iov++; diff -Nru a/net/ipv4/udp.c b/net/ipv4/udp.c --- a/net/ipv4/udp.c 2004-05-31 15:58:34 -07:00 +++ b/net/ipv4/udp.c 2004-05-31 15:58:34 -07:00 @@ -725,7 +725,7 @@ case SIOCOUTQ: { int amount = atomic_read(&sk->sk_wmem_alloc); - return put_user(amount, (int *)arg); + return put_user(amount, (int __user *)arg); } case SIOCINQ: @@ -745,7 +745,7 @@ amount = skb->len - sizeof(struct udphdr); } spin_unlock_irq(&sk->sk_receive_queue.lock); - return put_user(amount, (int *)arg); + return put_user(amount, (int __user *)arg); } default: diff -Nru a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c --- a/net/ipv6/addrconf.c 2004-05-31 15:58:34 -07:00 +++ b/net/ipv6/addrconf.c 2004-05-31 15:58:34 -07:00 @@ -1510,7 +1510,7 @@ * Special case for SIT interfaces where we create a new "virtual" * device. */ -int addrconf_set_dstaddr(void *arg) +int addrconf_set_dstaddr(void __user *arg) { struct in6_ifreq ireq; struct net_device *dev; @@ -1630,7 +1630,7 @@ } -int addrconf_add_ifaddr(void *arg) +int addrconf_add_ifaddr(void __user *arg) { struct in6_ifreq ireq; int err; @@ -1647,7 +1647,7 @@ return err; } -int addrconf_del_ifaddr(void *arg) +int addrconf_del_ifaddr(void __user *arg) { struct in6_ifreq ireq; int err; @@ -3003,7 +3003,7 @@ static int addrconf_sysctl_forward(ctl_table *ctl, int write, struct file * filp, - void *buffer, size_t *lenp) + void __user *buffer, size_t *lenp) { int *valp = ctl->data; int val = *valp; @@ -3031,9 +3031,10 @@ } static int addrconf_sysctl_forward_strategy(ctl_table *table, - int *name, int nlen, - void *oldval, size_t *oldlenp, - void *newval, size_t newlen, + int __user *name, int nlen, + void __user *oldval, + size_t __user *oldlenp, + void __user *newval, size_t newlen, void **context) { int *valp = table->data; @@ -3043,7 +3044,7 @@ return 0; if (newlen != sizeof(int)) return -EINVAL; - if (get_user(new, (int *)newval)) + if (get_user(new, (int __user *)newval)) return -EFAULT; if (new == *valp) return 0; diff -Nru a/net/ipv6/af_inet6.c b/net/ipv6/af_inet6.c --- a/net/ipv6/af_inet6.c 2004-05-31 15:58:34 -07:00 +++ b/net/ipv6/af_inet6.c 2004-05-31 15:58:34 -07:00 @@ -474,23 +474,23 @@ switch(cmd) { case SIOCGSTAMP: - return sock_get_timestamp(sk, (struct timeval *)arg); + return sock_get_timestamp(sk, (struct timeval __user *)arg); case SIOCADDRT: case SIOCDELRT: - return(ipv6_route_ioctl(cmd,(void *)arg)); + return(ipv6_route_ioctl(cmd,(void __user *)arg)); case SIOCSIFADDR: - return addrconf_add_ifaddr((void *) arg); + return addrconf_add_ifaddr((void __user *) arg); case SIOCDIFADDR: - return addrconf_del_ifaddr((void *) arg); + return addrconf_del_ifaddr((void __user *) arg); case SIOCSIFDSTADDR: - return addrconf_set_dstaddr((void *) arg); + return addrconf_set_dstaddr((void __user *) arg); default: if (!sk->sk_prot->ioctl || (err = sk->sk_prot->ioctl(sk, cmd, arg)) == -ENOIOCTLCMD) - return(dev_ioctl(cmd,(void *) arg)); + return(dev_ioctl(cmd,(void __user *) arg)); return err; } /*NOTREACHED*/ diff -Nru a/net/ipv6/ip6_flowlabel.c b/net/ipv6/ip6_flowlabel.c --- a/net/ipv6/ip6_flowlabel.c 2004-05-31 15:58:34 -07:00 +++ b/net/ipv6/ip6_flowlabel.c 2004-05-31 15:58:34 -07:00 @@ -692,14 +692,14 @@ #endif -void ip6_flowlabel_init() +void ip6_flowlabel_init(void) { #ifdef CONFIG_PROC_FS proc_net_fops_create("ip6_flowlabel", S_IRUGO, &ip6fl_seq_fops); #endif } -void ip6_flowlabel_cleanup() +void ip6_flowlabel_cleanup(void) { del_timer(&ip6_fl_gc_timer); #ifdef CONFIG_PROC_FS diff -Nru a/net/ipv6/raw.c b/net/ipv6/raw.c --- a/net/ipv6/raw.c 2004-05-31 15:58:34 -07:00 +++ b/net/ipv6/raw.c 2004-05-31 15:58:34 -07:00 @@ -875,7 +875,7 @@ case SIOCOUTQ: { int amount = atomic_read(&sk->sk_wmem_alloc); - return put_user(amount, (int *)arg); + return put_user(amount, (int __user *)arg); } case SIOCINQ: { @@ -887,7 +887,7 @@ if (skb != NULL) amount = skb->tail - skb->h.raw; spin_unlock_irq(&sk->sk_receive_queue.lock); - return put_user(amount, (int *)arg); + return put_user(amount, (int __user *)arg); } default: diff -Nru a/net/ipv6/route.c b/net/ipv6/route.c --- a/net/ipv6/route.c 2004-05-31 15:58:34 -07:00 +++ b/net/ipv6/route.c 2004-05-31 15:58:34 -07:00 @@ -1219,7 +1219,7 @@ read_unlock_bh(&rt6_lock); } -int ipv6_route_ioctl(unsigned int cmd, void *arg) +int ipv6_route_ioctl(unsigned int cmd, void __user *arg) { struct in6_rtmsg rtmsg; int err; @@ -1886,7 +1886,7 @@ static int ipv6_sysctl_rtcache_flush(ctl_table *ctl, int write, struct file * filp, - void *buffer, size_t *lenp) + void __user *buffer, size_t *lenp) { if (write) { proc_dointvec(ctl, write, filp, buffer, lenp); diff -Nru a/net/ipx/af_ipx.c b/net/ipx/af_ipx.c --- a/net/ipx/af_ipx.c 2004-05-31 15:58:34 -07:00 +++ b/net/ipx/af_ipx.c 2004-05-31 15:58:34 -07:00 @@ -1872,7 +1872,7 @@ case SIOCGSTAMP: rc = -EINVAL; if (sk) - rc = sock_get_timestamp(sk, (struct timeval *)arg); + rc = sock_get_timestamp(sk, (struct timeval __user *)arg); break; case SIOCGIFDSTADDR: case SIOCSIFDSTADDR: @@ -1883,7 +1883,7 @@ rc = -EINVAL; break; default: - rc = dev_ioctl(cmd,(void *) arg); + rc = dev_ioctl(cmd,(void __user *) arg); break; } diff -Nru a/net/irda/af_irda.c b/net/irda/af_irda.c --- a/net/irda/af_irda.c 2004-05-31 15:58:34 -07:00 +++ b/net/irda/af_irda.c 2004-05-31 15:58:34 -07:00 @@ -1797,7 +1797,7 @@ case SIOCGSTAMP: if (sk != NULL) - return sock_get_timestamp(sk, (struct timeval *)arg); + return sock_get_timestamp(sk, (struct timeval __user *)arg); return -EINVAL; case SIOCGIFADDR: @@ -1813,7 +1813,7 @@ return -EINVAL; default: IRDA_DEBUG(1, "%s(), doing device ioctl!\n", __FUNCTION__); - return dev_ioctl(cmd, (void *) arg); + return dev_ioctl(cmd, (void __user *) arg); } /*NOTREACHED*/ diff -Nru a/net/llc/af_llc.c b/net/llc/af_llc.c --- a/net/llc/af_llc.c 2004-05-31 15:58:34 -07:00 +++ b/net/llc/af_llc.c 2004-05-31 15:58:34 -07:00 @@ -867,7 +867,7 @@ static int llc_ui_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) { - return dev_ioctl(cmd, (void *)arg); + return dev_ioctl(cmd, (void __user *)arg); } /** diff -Nru a/net/netrom/af_netrom.c b/net/netrom/af_netrom.c --- a/net/netrom/af_netrom.c 2004-05-31 15:58:34 -07:00 +++ b/net/netrom/af_netrom.c 2004-05-31 15:58:34 -07:00 @@ -1202,7 +1202,7 @@ case SIOCGSTAMP: ret = -EINVAL; if (sk != NULL) - ret = sock_get_timestamp(sk, (struct timeval *)arg); + ret = sock_get_timestamp(sk, (struct timeval __user *)arg); release_sock(sk); return ret; @@ -1228,7 +1228,7 @@ default: release_sock(sk); - return dev_ioctl(cmd, (void *)arg); + return dev_ioctl(cmd, (void __user *)arg); } release_sock(sk); diff -Nru a/net/packet/af_packet.c b/net/packet/af_packet.c --- a/net/packet/af_packet.c 2004-05-31 15:58:34 -07:00 +++ b/net/packet/af_packet.c 2004-05-31 15:58:34 -07:00 @@ -1450,7 +1450,7 @@ case SIOCOUTQ: { int amount = atomic_read(&sk->sk_wmem_alloc); - return put_user(amount, (int *)arg); + return put_user(amount, (int __user *)arg); } case SIOCINQ: { @@ -1462,10 +1462,10 @@ if (skb) amount = skb->len; spin_unlock_bh(&sk->sk_receive_queue.lock); - return put_user(amount, (int *)arg); + return put_user(amount, (int __user *)arg); } case SIOCGSTAMP: - return sock_get_timestamp(sk, (struct timeval *)arg); + return sock_get_timestamp(sk, (struct timeval __user *)arg); #ifdef CONFIG_INET case SIOCADDRT: @@ -1486,7 +1486,7 @@ #endif default: - return dev_ioctl(cmd, (void *)arg); + return dev_ioctl(cmd, (void __user *)arg); } return 0; } diff -Nru a/net/rose/af_rose.c b/net/rose/af_rose.c --- a/net/rose/af_rose.c 2004-05-31 15:58:34 -07:00 +++ b/net/rose/af_rose.c 2004-05-31 15:58:34 -07:00 @@ -1270,7 +1270,7 @@ case SIOCGSTAMP: if (sk != NULL) - return sock_get_timestamp(sk, (struct timeval *)arg); + return sock_get_timestamp(sk, (struct timeval __user *)arg); return -EINVAL; case SIOCGIFADDR: @@ -1335,7 +1335,7 @@ return 0; default: - return dev_ioctl(cmd, (void *)arg); + return dev_ioctl(cmd, (void __user *)arg); } return 0; diff -Nru a/net/sched/sch_delay.c b/net/sched/sch_delay.c --- a/net/sched/sch_delay.c 2004-05-31 15:58:34 -07:00 +++ b/net/sched/sch_delay.c 2004-05-31 15:58:34 -07:00 @@ -165,6 +165,7 @@ return -ENOMEM; rta->rta_type = RTM_NEWQDISC; + rta->rta_len = RTA_LENGTH(sizeof(struct tc_fifo_qopt)); ((struct tc_fifo_qopt *)RTA_DATA(rta))->limit = limit; ret = q->ops->change(q, rta); kfree(rta); diff -Nru a/net/socket.c b/net/socket.c --- a/net/socket.c 2004-05-31 15:58:34 -07:00 +++ b/net/socket.c 2004-05-31 15:58:34 -07:00 @@ -775,24 +775,24 @@ unlock_kernel(); sock = SOCKET_I(inode); if (cmd >= SIOCDEVPRIVATE && cmd <= (SIOCDEVPRIVATE + 15)) { - err = dev_ioctl(cmd, (void *)arg); + err = dev_ioctl(cmd, (void __user *)arg); } else #ifdef WIRELESS_EXT if (cmd >= SIOCIWFIRST && cmd <= SIOCIWLAST) { - err = dev_ioctl(cmd, (void *)arg); + err = dev_ioctl(cmd, (void __user *)arg); } else #endif /* WIRELESS_EXT */ switch (cmd) { case FIOSETOWN: case SIOCSPGRP: err = -EFAULT; - if (get_user(pid, (int *)arg)) + if (get_user(pid, (int __user *)arg)) break; err = f_setown(sock->file, pid, 1); break; case FIOGETOWN: case SIOCGPGRP: - err = put_user(sock->file->f_owner.pid, (int *)arg); + err = put_user(sock->file->f_owner.pid, (int __user *)arg); break; case SIOCGIFBR: case SIOCSIFBR: diff -Nru a/net/sunrpc/cache.c b/net/sunrpc/cache.c --- a/net/sunrpc/cache.c 2004-05-31 15:58:34 -07:00 +++ b/net/sunrpc/cache.c 2004-05-31 15:58:34 -07:00 @@ -575,7 +575,7 @@ }; static ssize_t -cache_read(struct file *filp, char *buf, size_t count, loff_t *ppos) +cache_read(struct file *filp, char __user *buf, size_t count, loff_t *ppos) { struct cache_reader *rp = filp->private_data; struct cache_request *rq; @@ -656,7 +656,7 @@ static char write_buf[8192]; /* protected by queue_io_sem */ static ssize_t -cache_write(struct file *filp, const char *buf, size_t count, +cache_write(struct file *filp, const char __user *buf, size_t count, loff_t *ppos) { int err; @@ -743,7 +743,7 @@ } spin_unlock(&queue_lock); - return put_user(len, (int *)arg); + return put_user(len, (int __user *)arg); } static int @@ -1166,7 +1166,7 @@ .release = content_release, }; -static ssize_t read_flush(struct file *file, char *buf, +static ssize_t read_flush(struct file *file, char __user *buf, size_t count, loff_t *ppos) { struct cache_detail *cd = PDE(file->f_dentry->d_inode)->data; @@ -1187,7 +1187,7 @@ return len; } -static ssize_t write_flush(struct file * file, const char * buf, +static ssize_t write_flush(struct file * file, const char __user * buf, size_t count, loff_t *ppos) { struct cache_detail *cd = PDE(file->f_dentry->d_inode)->data; diff -Nru a/net/sunrpc/rpc_pipe.c b/net/sunrpc/rpc_pipe.c --- a/net/sunrpc/rpc_pipe.c 2004-05-31 15:58:34 -07:00 +++ b/net/sunrpc/rpc_pipe.c 2004-05-31 15:58:34 -07:00 @@ -270,7 +270,7 @@ msg = (struct rpc_pipe_msg *)filp->private_data; len += msg->len - msg->copied; } - return put_user(len, (int *)arg); + return put_user(len, (int __user *)arg); default: return -EINVAL; } diff -Nru a/net/sunrpc/sysctl.c b/net/sunrpc/sysctl.c --- a/net/sunrpc/sysctl.c 2004-05-31 15:58:34 -07:00 +++ b/net/sunrpc/sysctl.c 2004-05-31 15:58:34 -07:00 @@ -58,9 +58,10 @@ static int proc_dodebug(ctl_table *table, int write, struct file *file, - void *buffer, size_t *lenp) + void __user *buffer, size_t *lenp) { - char tmpbuf[20], *p, c; + char tmpbuf[20], c, *s; + char __user *p; unsigned int value; size_t left, len; @@ -74,7 +75,7 @@ if (write) { if (!access_ok(VERIFY_READ, buffer, left)) return -EFAULT; - p = (char *) buffer; + p = buffer; while (left && __get_user(c, p) >= 0 && isspace(c)) left--, p++; if (!left) @@ -86,12 +87,12 @@ return -EFAULT; tmpbuf[left] = '\0'; - for (p = tmpbuf, value = 0; '0' <= *p && *p <= '9'; p++, left--) - value = 10 * value + (*p - '0'); - if (*p && !isspace(*p)) + for (s = tmpbuf, value = 0; '0' <= *s && *s <= '9'; s++, left--) + value = 10 * value + (*s - '0'); + if (*s && !isspace(*s)) return -EINVAL; - while (left && isspace(*p)) - left--, p++; + while (left && isspace(*s)) + left--, s++; *(unsigned int *) table->data = value; /* Display the RPC tasks on writing to rpc_debug */ if (table->ctl_name == CTL_RPCDEBUG) { @@ -106,7 +107,7 @@ if (__copy_to_user(buffer, tmpbuf, len)) return -EFAULT; if ((left -= len) > 0) { - if (put_user('\n', (char *)buffer + len)) + if (put_user('\n', (char __user *)buffer + len)) return -EFAULT; left--; } diff -Nru a/net/unix/af_unix.c b/net/unix/af_unix.c --- a/net/unix/af_unix.c 2004-05-31 15:58:34 -07:00 +++ b/net/unix/af_unix.c 2004-05-31 15:58:34 -07:00 @@ -1829,7 +1829,7 @@ { case SIOCOUTQ: amount = atomic_read(&sk->sk_wmem_alloc); - err = put_user(amount, (int *)arg); + err = put_user(amount, (int __user *)arg); break; case SIOCINQ: { @@ -1844,12 +1844,12 @@ if (skb) amount=skb->len; spin_unlock(&sk->sk_receive_queue.lock); - err = put_user(amount, (int *)arg); + err = put_user(amount, (int __user *)arg); break; } default: - err = dev_ioctl(cmd, (void *)arg); + err = dev_ioctl(cmd, (void __user *)arg); break; } return err; diff -Nru a/net/wanrouter/af_wanpipe.c b/net/wanrouter/af_wanpipe.c --- a/net/wanrouter/af_wanpipe.c 2004-05-31 15:58:34 -07:00 +++ b/net/wanrouter/af_wanpipe.c 2004-05-31 15:58:34 -07:00 @@ -1765,7 +1765,7 @@ switch(cmd) { case SIOCGSTAMP: - return sock_get_timestamp(sk, (struct timeval *)arg); + return sock_get_timestamp(sk, (struct timeval __user *)arg); case SIOC_WANPIPE_CHECK_TX: @@ -1832,7 +1832,7 @@ #endif default: - return dev_ioctl(cmd,(void *) arg); + return dev_ioctl(cmd,(void __user *) arg); } /*NOTREACHED*/ } diff -Nru a/net/x25/af_x25.c b/net/x25/af_x25.c --- a/net/x25/af_x25.c 2004-05-31 15:58:34 -07:00 +++ b/net/x25/af_x25.c 2004-05-31 15:58:34 -07:00 @@ -1209,7 +1209,7 @@ rc = -EINVAL; if (sk) rc = sock_get_timestamp(sk, - (struct timeval *)arg); + (struct timeval __user *)arg); break; case SIOCGIFADDR: case SIOCSIFADDR: @@ -1306,7 +1306,7 @@ } default: - rc = dev_ioctl(cmd, (void *)arg); + rc = dev_ioctl(cmd, (void __user *)arg); break; }