diff options
author | Thomas Gleixner <tglx@linutronix.de> | 2014-09-06 12:18:07 +0200 |
---|---|---|
committer | Thomas Gleixner <tglx@linutronix.de> | 2014-09-06 12:58:18 +0200 |
commit | 849151dd5481bc8acb1d287a299b5d6a4ca9f1c3 (patch) | |
tree | e14c9ddf3bda4da1668d4c4c52a77d5e74aea293 | |
parent | 40bea039593dfc7f3f9814dab844f6db43ae580b (diff) | |
download | op-kernel-dev-849151dd5481bc8acb1d287a299b5d6a4ca9f1c3.zip op-kernel-dev-849151dd5481bc8acb1d287a299b5d6a4ca9f1c3.tar.gz |
compat: nanosleep: Clarify error handling
The error handling in compat_sys_nanosleep() is correct, but
completely non obvious. Document it and restrict it to the
-ERESTART_RESTARTBLOCK return value for clarity.
Reported-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
-rw-r--r-- | kernel/compat.c | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/kernel/compat.c b/kernel/compat.c index 633394f..ebb3c36 100644 --- a/kernel/compat.c +++ b/kernel/compat.c @@ -226,7 +226,7 @@ static long compat_nanosleep_restart(struct restart_block *restart) ret = hrtimer_nanosleep_restart(restart); set_fs(oldfs); - if (ret) { + if (ret == -ERESTART_RESTARTBLOCK) { rmtp = restart->nanosleep.compat_rmtp; if (rmtp && compat_put_timespec(&rmt, rmtp)) @@ -256,7 +256,26 @@ COMPAT_SYSCALL_DEFINE2(nanosleep, struct compat_timespec __user *, rqtp, HRTIMER_MODE_REL, CLOCK_MONOTONIC); set_fs(oldfs); - if (ret) { + /* + * hrtimer_nanosleep() can only return 0 or + * -ERESTART_RESTARTBLOCK here because: + * + * - we call it with HRTIMER_MODE_REL and therefor exclude the + * -ERESTARTNOHAND return path. + * + * - we supply the rmtp argument from the task stack (due to + * the necessary compat conversion. So the update cannot + * fail, which excludes the -EFAULT return path as well. If + * it fails nevertheless we have a bigger problem and wont + * reach this place anymore. + * + * - if the return value is 0, we do not have to update rmtp + * because there is no remaining time. + * + * We check for -ERESTART_RESTARTBLOCK nevertheless if the + * core implementation decides to return random nonsense. + */ + if (ret == -ERESTART_RESTARTBLOCK) { struct restart_block *restart = ¤t_thread_info()->restart_block; @@ -266,7 +285,6 @@ COMPAT_SYSCALL_DEFINE2(nanosleep, struct compat_timespec __user *, rqtp, if (rmtp && compat_put_timespec(&rmt, rmtp)) return -EFAULT; } - return ret; } |