diff options
author | Al Viro <viro@zeniv.linux.org.uk> | 2016-09-10 16:50:00 -0400 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2016-09-15 19:51:56 -0400 |
commit | 4855bd255f9fb429d296dc3c620f1b563d20353e (patch) | |
tree | 3efb0a7b31da80ea65917bd7b5d8832576269bc3 | |
parent | 91344493b7da9487a8dbc1109d7486e51c8e5235 (diff) |
arm64: don't zero in __copy_from_user{,_inatomic}
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-rw-r--r-- | arch/arm64/include/asm/uaccess.h | 10 | ||||
-rw-r--r-- | arch/arm64/lib/copy_from_user.S | 7 |
2 files changed, 7 insertions, 10 deletions
diff --git a/arch/arm64/include/asm/uaccess.h b/arch/arm64/include/asm/uaccess.h index c47257c91b77..bcaf6fba1b65 100644 --- a/arch/arm64/include/asm/uaccess.h +++ b/arch/arm64/include/asm/uaccess.h @@ -278,14 +278,16 @@ static inline unsigned long __must_check __copy_to_user(void __user *to, const v static inline unsigned long __must_check copy_from_user(void *to, const void __user *from, unsigned long n) { + unsigned long res = n; kasan_check_write(to, n); if (access_ok(VERIFY_READ, from, n)) { check_object_size(to, n, false); - n = __arch_copy_from_user(to, from, n); - } else /* security hole - plug it */ - memset(to, 0, n); - return n; + res = __arch_copy_from_user(to, from, n); + } + if (unlikely(res)) + memset(to + (n - res), 0, res); + return res; } static inline unsigned long __must_check copy_to_user(void __user *to, const void *from, unsigned long n) diff --git a/arch/arm64/lib/copy_from_user.S b/arch/arm64/lib/copy_from_user.S index 0b90497d4424..4fd67ea03bb0 100644 --- a/arch/arm64/lib/copy_from_user.S +++ b/arch/arm64/lib/copy_from_user.S @@ -79,11 +79,6 @@ ENDPROC(__arch_copy_from_user) .section .fixup,"ax" .align 2 -9998: - sub x0, end, dst -9999: - strb wzr, [dst], #1 // zero remaining buffer space - cmp dst, end - b.lo 9999b +9998: sub x0, end, dst // bytes not copied ret .previous |