arm64/signal: Only read new data when parsing the ZT context

broonie · ctmarinas · commit ad678be42387 · 2023-02-01T17:56:47.000Z
When we parse the ZT signal context we read the entire context from userspace, including the generic signal context header which was already read by parse_user_sigframe() and padding bytes that we ignore. Avoid the possibility of relying on the second read of the data read twice by only reading the data which we are actually going to use. Signed-off-by: Mark Brown <broonie@kernel.org> Link: https://lore.kernel.org/r/20221212-arm64-signal-cleanup-v3-7-4545c94b20ff@kernel.org Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
diff --git a/arch/arm64/kernel/signal.c b/arch/arm64/kernel/signal.c
@@ -521,7 +521,7 @@ static int preserve_zt_context(struct zt_context __user *ctx)
 static int restore_zt_context(struct user_ctxs *user)
 {
 	int err;
-	struct zt_context zt;
+	u16 nregs;
 
 	/* ZA must be restored first for this check to be valid */
 	if (!thread_za_enabled(&current->thread))
@@ -530,10 +530,10 @@ static int restore_zt_context(struct user_ctxs *user)
 	if (user->zt_size != ZT_SIG_CONTEXT_SIZE(1))
 		return -EINVAL;
 
-	if (__copy_from_user(&zt, user->zt, sizeof(zt)))
+	if (__copy_from_user(&nregs, &(user->zt->nregs), sizeof(nregs)))
 		return -EFAULT;
 
-	if (zt.nregs != 1)
+	if (nregs != 1)
 		return -EINVAL;
 
 	/*
