From: Christophe Leroy christophe.leroy@csgroup.eu
[ Upstream commit b3a9e523237013477bea914b7fbfbe420428b988 ]
get_user_instr() lacks sparse detection for the __user tag.
This is because __gui_ptr is assigned with a cast.
Fix that by adding a __chk_user_ptr()
Signed-off-by: Christophe Leroy christophe.leroy@csgroup.eu Signed-off-by: Michael Ellerman mpe@ellerman.id.au Link: https://lore.kernel.org/r/0320e5b41a794fd456ab8c5993bbfadcf9e1d8b4.162151682... Signed-off-by: Sasha Levin sashal@kernel.org --- arch/powerpc/include/asm/inst.h | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/include/asm/inst.h b/arch/powerpc/include/asm/inst.h index 268d3bd073c8..887ef150fdda 100644 --- a/arch/powerpc/include/asm/inst.h +++ b/arch/powerpc/include/asm/inst.h @@ -12,6 +12,8 @@ unsigned long __gui_ptr = (unsigned long)ptr; \ struct ppc_inst __gui_inst; \ unsigned int __prefix, __suffix; \ + \ + __chk_user_ptr(ptr); \ __gui_ret = gu_op(__prefix, (unsigned int __user *)__gui_ptr); \ if (__gui_ret == 0) { \ if ((__prefix >> 26) == OP_PREFIX) { \ @@ -29,7 +31,10 @@ }) #else /* !CONFIG_PPC64 */ #define ___get_user_instr(gu_op, dest, ptr) \ - gu_op((dest).val, (u32 __user *)(ptr)) +({ \ + __chk_user_ptr(ptr); \ + gu_op((dest).val, (u32 __user *)(ptr)); \ +}) #endif /* CONFIG_PPC64 */
#define get_user_instr(x, ptr) \