From owner-svn-src-all@FreeBSD.ORG Tue Jan 18 16:43:02 2011 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 057D4106566B; Tue, 18 Jan 2011 16:43:02 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id CE3648FC16; Tue, 18 Jan 2011 16:43:01 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id p0IGh1WG044185; Tue, 18 Jan 2011 16:43:01 GMT (envelope-from jhb@svn.freebsd.org) Received: (from jhb@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id p0IGh19F044182; Tue, 18 Jan 2011 16:43:01 GMT (envelope-from jhb@svn.freebsd.org) Message-Id: <201101181643.p0IGh19F044182@svn.freebsd.org> From: John Baldwin Date: Tue, 18 Jan 2011 16:43:01 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r217543 - in head/sys: amd64/amd64 i386/i386 X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Jan 2011 16:43:02 -0000 Author: jhb Date: Tue Jan 18 16:43:01 2011 New Revision: 217543 URL: http://svn.freebsd.org/changeset/base/217543 Log: - Remove some always-true checks (checking for unsigned < 0). - Only check largs->num against max_ldt_segment on amd64 for I386_SET_LDT when descriptors are provided. Specifically, allow the 'start == 0' and 'num == 0' special case used to free all LDT entries that previously failed with EINVAL. Submitted by: clang via rdivacky (some of 1) Reviewed by: kib Modified: head/sys/amd64/amd64/sys_machdep.c head/sys/i386/i386/sys_machdep.c Modified: head/sys/amd64/amd64/sys_machdep.c ============================================================================== --- head/sys/amd64/amd64/sys_machdep.c Tue Jan 18 16:27:40 2011 (r217542) +++ head/sys/amd64/amd64/sys_machdep.c Tue Jan 18 16:43:01 2011 (r217543) @@ -95,14 +95,14 @@ sysarch_ldt(struct thread *td, struct sy largs = &la; } else largs = (struct i386_ldt_args *)uap->parms; - if (largs->num > max_ldt_segment || largs->num <= 0) - return (EINVAL); switch (uap->op) { case I386_GET_LDT: error = amd64_get_ldt(td, largs); break; case I386_SET_LDT: + if (largs->descs != NULL && largs->num > max_ldt_segment) + return (EINVAL); set_pcb_flags(td->td_pcb, PCB_FULL_IRET); if (largs->descs != NULL) { lp = (struct user_segment_descriptor *) @@ -539,7 +539,7 @@ amd64_set_ldt(td, uap, descs) /* Free descriptors */ if (uap->start == 0 && uap->num == 0) uap->num = max_ldt_segment; - if (uap->num <= 0) + if (uap->num == 0) return (EINVAL); if ((pldt = mdp->md_ldt) == NULL || uap->start >= max_ldt_segment) @@ -559,7 +559,7 @@ amd64_set_ldt(td, uap, descs) /* verify range of descriptors to modify */ largest_ld = uap->start + uap->num; if (uap->start >= max_ldt_segment || - uap->num < 0 || largest_ld > max_ldt_segment) + largest_ld > max_ldt_segment) return (EINVAL); } Modified: head/sys/i386/i386/sys_machdep.c ============================================================================== --- head/sys/i386/i386/sys_machdep.c Tue Jan 18 16:27:40 2011 (r217542) +++ head/sys/i386/i386/sys_machdep.c Tue Jan 18 16:43:01 2011 (r217543) @@ -623,7 +623,7 @@ i386_set_ldt(td, uap, descs) uap->start = NLDT; uap->num = MAX_LD - NLDT; } - if (uap->num <= 0) + if (uap->num == 0) return (EINVAL); mtx_lock_spin(&dt_lock); if ((pldt = mdp->md_ldt) == NULL || @@ -644,8 +644,7 @@ i386_set_ldt(td, uap, descs) if (!(uap->start == LDT_AUTO_ALLOC && uap->num == 1)) { /* verify range of descriptors to modify */ largest_ld = uap->start + uap->num; - if (uap->start >= MAX_LD || - uap->num < 0 || largest_ld > MAX_LD) { + if (uap->start >= MAX_LD || largest_ld > MAX_LD) { return (EINVAL); } }