From nobody Mon Feb 9 14:46:47 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org ARC-Seal: i=1; a=rsa-sha256; t=1605130916; cv=none; d=zohomail.com; s=zohoarc; b=hom9sphXZCvpzsWGoIYW5NM0OyY7SEjnA8ZLSqjZ9Q2UITDqSc3a5vSB2jRYUu5CdFRVwkSy/bf+cdGANs+0oDNw+v5hzDRpVyLb5SEcY+kSzN8ZdFQXZLS9lRDjvWAVtCfloXAvtLmYPyf+rEElU59cKRzNmnR7uhkiysyODGs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1605130916; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=ei1CzY3YcSzGVkC+of2jXnKwSTZd86LZu9yojLIm+W4=; b=lwUwZ5QoDecTEa86gGHS/DDfHVlKenvOO/8d+ofVDZa2IWItTw1RRiokOhMjxQXBJhynrKEkyyyM++f//tGij/i+V2kasE5TA265FCBvdbbu6+tcPnTBlGkrHpbHxNqzltJNezIAzVOCK4vTPiYZ092f9Atwpv8XrEGkoZ2JO40= ARC-Authentication-Results: i=1; mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1605130916118909.9863737307877; Wed, 11 Nov 2020 13:41:56 -0800 (PST) Received: from localhost ([::1]:37630 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kcxsI-0002A2-V9 for importer@patchew.org; Wed, 11 Nov 2020 16:41:54 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:43458) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kcxrE-0000to-3W for qemu-devel@nongnu.org; Wed, 11 Nov 2020 16:40:48 -0500 Received: from mout.kundenserver.de ([212.227.17.13]:45157) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kcxr8-00069S-75 for qemu-devel@nongnu.org; Wed, 11 Nov 2020 16:40:47 -0500 Received: from localhost.localdomain ([82.252.148.166]) by mrelayeu.kundenserver.de (mreue106 [212.227.15.183]) with ESMTPSA (Nemesis) id 1MRnTQ-1kk4K72HPe-00T9sN; Wed, 11 Nov 2020 22:40:37 +0100 From: Laurent Vivier To: qemu-devel@nongnu.org Subject: [PULL 1/2] linux-user: Correct definition of stack_t Date: Wed, 11 Nov 2020 22:40:32 +0100 Message-Id: <20201111214033.432676-2-laurent@vivier.eu> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20201111214033.432676-1-laurent@vivier.eu> References: <20201111214033.432676-1-laurent@vivier.eu> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Provags-ID: V03:K1:/+exUfBSNQNSBuNEpIBqgHuVU3RaJjApEB8vgM4JeG++K9MobJW T+IFp9Zj8gtyiW6Rd9rPZWO3NsSti/4OiwdnlXM5xAFFd5wVmekQDpPDh0ND3wWv5Ex2jTX hCgfFzqr1p4FY8HmE8WIK+nUqcfnWfcoS+6uD4nXyWqkJMp4aFPDoegbAFPb5WvPazPxONf E9oSdxY3rakzGD+0LG1fA== X-UI-Out-Filterresults: notjunk:1;V03:K0:BtoQETaGNGE=:s6ds4faqezIhI8hkCDn81z c+ON0O1xwm7G+JhfRErBST9w07PFslz6AjrsIBhel/Mwq0m9fGZ8u9uOVyEykhhvvYsMNgjZc cqVrDEfvWhILvZ5Yak/YAINtONdoWa7kNdtV6utPR7EVJZGAMEI71txHCurFS5FXry7wZOKIv /oVgqktxyhzNwle6hxKgy7k0M4ALNyEP1PV5+LtaXkY/3PB/wgTLTgp44wqxh3xAAhLvwoiat fkaOo7w13M4C3bHVBiIkStMe3zCeqPEraPYHxXJe86KeUQ9IbUN15SgrBAAnfnr7A9Sto3529 2AxH81J15P3nVqAlllfNlJhz6j+VuM8T3rN2WwBL/nxSGvv7H1ncHcFfKD5QAj6JiTv/HSvZG ZOgd1+kS2lgdaImsrse2ljrYOLp0Jc24FzcapvU6MZcFkDPcxDs4hcDS76NwM8C5+0PAIQVpb TL9IPBgNFQ== Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: none client-ip=212.227.17.13; envelope-from=laurent@vivier.eu; helo=mout.kundenserver.de X-detected-operating-system: by eggs.gnu.org: First seen = 2020/11/11 16:40:39 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: LemonBoy , Peter Maydell , Laurent Vivier Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Type: text/plain; charset="utf-8" From: LemonBoy Some platforms used the wrong definition of stack_t where the flags and size fields were swapped or where the flags field had type ulong instead of int. Due to the presence of padding space in the structure and the prevalence of little-endian machines this problem went unnoticed for a long time. The type definitions have been cross-checked with the ones defined in the Linux kernel v5.9, plus some older versions for a few architecture that have been removed and Xilinx's kernel fork for NiosII [1]. The bsd-user headers remain unchanged as I don't know if they are wrong or not. [1] https://github.com/Xilinx/linux-xlnx/blob/master/arch/nios2/include/uap= i/asm/signal.h Signed-off-by: Giuseppe Musacchio Reviewed-by: Peter Maydell Message-Id: Signed-off-by: Laurent Vivier --- linux-user/alpha/target_signal.h | 3 +-- linux-user/arm/target_signal.h | 6 +++--- linux-user/cris/target_signal.h | 6 +++--- linux-user/hppa/target_signal.h | 2 +- linux-user/i386/target_signal.h | 6 +++--- linux-user/m68k/target_signal.h | 6 +++--- linux-user/microblaze/target_signal.h | 6 +++--- linux-user/mips/target_signal.h | 6 +++--- linux-user/mips64/target_signal.h | 7 +++---- linux-user/nios2/target_signal.h | 5 +++-- linux-user/ppc/target_signal.h | 6 +++--- linux-user/s390x/target_signal.h | 2 +- linux-user/sh4/target_signal.h | 6 +++--- linux-user/sparc/target_signal.h | 6 +++--- linux-user/x86_64/target_signal.h | 6 +++--- 15 files changed, 39 insertions(+), 40 deletions(-) diff --git a/linux-user/alpha/target_signal.h b/linux-user/alpha/target_sig= nal.h index cd63d59fdec1..b83797281c32 100644 --- a/linux-user/alpha/target_signal.h +++ b/linux-user/alpha/target_signal.h @@ -42,8 +42,7 @@ =20 typedef struct target_sigaltstack { abi_ulong ss_sp; - int32_t ss_flags; - int32_t dummy; + abi_int ss_flags; abi_ulong ss_size; } target_stack_t; =20 diff --git a/linux-user/arm/target_signal.h b/linux-user/arm/target_signal.h index ea123c40f38d..0998dd6dfa75 100644 --- a/linux-user/arm/target_signal.h +++ b/linux-user/arm/target_signal.h @@ -4,9 +4,9 @@ /* this struct defines a stack used during syscall handling */ =20 typedef struct target_sigaltstack { - abi_ulong ss_sp; - abi_long ss_flags; - abi_ulong ss_size; + abi_ulong ss_sp; + abi_int ss_flags; + abi_ulong ss_size; } target_stack_t; =20 =20 diff --git a/linux-user/cris/target_signal.h b/linux-user/cris/target_signa= l.h index 1cb5548f85ea..495a14289681 100644 --- a/linux-user/cris/target_signal.h +++ b/linux-user/cris/target_signal.h @@ -4,9 +4,9 @@ /* this struct defines a stack used during syscall handling */ =20 typedef struct target_sigaltstack { - abi_ulong ss_sp; - abi_ulong ss_size; - abi_long ss_flags; + abi_ulong ss_sp; + abi_int ss_flags; + abi_ulong ss_size; } target_stack_t; =20 =20 diff --git a/linux-user/hppa/target_signal.h b/linux-user/hppa/target_signa= l.h index c2a0102ed73d..c52a3ea5794b 100644 --- a/linux-user/hppa/target_signal.h +++ b/linux-user/hppa/target_signal.h @@ -44,7 +44,7 @@ =20 typedef struct target_sigaltstack { abi_ulong ss_sp; - int32_t ss_flags; + abi_int ss_flags; abi_ulong ss_size; } target_stack_t; =20 diff --git a/linux-user/i386/target_signal.h b/linux-user/i386/target_signa= l.h index f55e78fd33e7..50361af8746e 100644 --- a/linux-user/i386/target_signal.h +++ b/linux-user/i386/target_signal.h @@ -4,9 +4,9 @@ /* this struct defines a stack used during syscall handling */ =20 typedef struct target_sigaltstack { - abi_ulong ss_sp; - abi_long ss_flags; - abi_ulong ss_size; + abi_ulong ss_sp; + abi_int ss_flags; + abi_ulong ss_size; } target_stack_t; =20 =20 diff --git a/linux-user/m68k/target_signal.h b/linux-user/m68k/target_signa= l.h index 314e808844a4..d096544ef842 100644 --- a/linux-user/m68k/target_signal.h +++ b/linux-user/m68k/target_signal.h @@ -4,9 +4,9 @@ /* this struct defines a stack used during syscall handling */ =20 typedef struct target_sigaltstack { - abi_ulong ss_sp; - abi_long ss_flags; - abi_ulong ss_size; + abi_ulong ss_sp; + abi_int ss_flags; + abi_ulong ss_size; } target_stack_t; =20 =20 diff --git a/linux-user/microblaze/target_signal.h b/linux-user/microblaze/= target_signal.h index 08bcf24b9d1c..1c326296de42 100644 --- a/linux-user/microblaze/target_signal.h +++ b/linux-user/microblaze/target_signal.h @@ -4,9 +4,9 @@ /* this struct defines a stack used during syscall handling */ =20 typedef struct target_sigaltstack { - abi_ulong ss_sp; - abi_ulong ss_size; - abi_long ss_flags; + abi_ulong ss_sp; + abi_int ss_flags; + abi_ulong ss_size; } target_stack_t; =20 =20 diff --git a/linux-user/mips/target_signal.h b/linux-user/mips/target_signa= l.h index 66e1ad44a64e..fa4084a99dcd 100644 --- a/linux-user/mips/target_signal.h +++ b/linux-user/mips/target_signal.h @@ -45,9 +45,9 @@ /* this struct defines a stack used during syscall handling */ =20 typedef struct target_sigaltstack { - abi_long ss_sp; - abi_ulong ss_size; - abi_long ss_flags; + abi_ulong ss_sp; + abi_ulong ss_size; + abi_int ss_flags; } target_stack_t; =20 =20 diff --git a/linux-user/mips64/target_signal.h b/linux-user/mips64/target_s= ignal.h index 753e91fbd695..799f7a668cd0 100644 --- a/linux-user/mips64/target_signal.h +++ b/linux-user/mips64/target_signal.h @@ -45,12 +45,11 @@ /* this struct defines a stack used during syscall handling */ =20 typedef struct target_sigaltstack { - abi_long ss_sp; - abi_ulong ss_size; - abi_int ss_flags; + abi_ulong ss_sp; + abi_ulong ss_size; + abi_int ss_flags; } target_stack_t; =20 - /* * sigaltstack controls */ diff --git a/linux-user/nios2/target_signal.h b/linux-user/nios2/target_sig= nal.h index fe48721b3db0..aebf749f1278 100644 --- a/linux-user/nios2/target_signal.h +++ b/linux-user/nios2/target_signal.h @@ -4,11 +4,12 @@ /* this struct defines a stack used during syscall handling */ =20 typedef struct target_sigaltstack { - abi_long ss_sp; + abi_ulong ss_sp; + abi_int ss_flags; abi_ulong ss_size; - abi_long ss_flags; } target_stack_t; =20 + /* sigaltstack controls */ #define TARGET_SS_ONSTACK 1 #define TARGET_SS_DISABLE 2 diff --git a/linux-user/ppc/target_signal.h b/linux-user/ppc/target_signal.h index 4453e2e7efd7..72fcdd9bfa20 100644 --- a/linux-user/ppc/target_signal.h +++ b/linux-user/ppc/target_signal.h @@ -4,9 +4,9 @@ /* this struct defines a stack used during syscall handling */ =20 typedef struct target_sigaltstack { - abi_ulong ss_sp; - int ss_flags; - abi_ulong ss_size; + abi_ulong ss_sp; + abi_int ss_flags; + abi_ulong ss_size; } target_stack_t; =20 =20 diff --git a/linux-user/s390x/target_signal.h b/linux-user/s390x/target_sig= nal.h index b58bc7c20f63..bbfc464d4417 100644 --- a/linux-user/s390x/target_signal.h +++ b/linux-user/s390x/target_signal.h @@ -3,7 +3,7 @@ =20 typedef struct target_sigaltstack { abi_ulong ss_sp; - int ss_flags; + abi_int ss_flags; abi_ulong ss_size; } target_stack_t; =20 diff --git a/linux-user/sh4/target_signal.h b/linux-user/sh4/target_signal.h index 434970a9900a..d7309b7136d7 100644 --- a/linux-user/sh4/target_signal.h +++ b/linux-user/sh4/target_signal.h @@ -4,9 +4,9 @@ /* this struct defines a stack used during syscall handling */ =20 typedef struct target_sigaltstack { - abi_ulong ss_sp; - abi_long ss_flags; - abi_ulong ss_size; + abi_ulong ss_sp; + abi_int ss_flags; + abi_ulong ss_size; } target_stack_t; =20 =20 diff --git a/linux-user/sparc/target_signal.h b/linux-user/sparc/target_sig= nal.h index 5cc40327d2c2..1b10d1490fc9 100644 --- a/linux-user/sparc/target_signal.h +++ b/linux-user/sparc/target_signal.h @@ -42,9 +42,9 @@ /* this struct defines a stack used during syscall handling */ =20 typedef struct target_sigaltstack { - abi_ulong ss_sp; - abi_long ss_flags; - abi_ulong ss_size; + abi_ulong ss_sp; + abi_int ss_flags; + abi_ulong ss_size; } target_stack_t; =20 =20 diff --git a/linux-user/x86_64/target_signal.h b/linux-user/x86_64/target_s= ignal.h index 4c4380f7b949..4ea74f20dd42 100644 --- a/linux-user/x86_64/target_signal.h +++ b/linux-user/x86_64/target_signal.h @@ -4,9 +4,9 @@ /* this struct defines a stack used during syscall handling */ =20 typedef struct target_sigaltstack { - abi_ulong ss_sp; - abi_long ss_flags; - abi_ulong ss_size; + abi_ulong ss_sp; + abi_int ss_flags; + abi_ulong ss_size; } target_stack_t; =20 =20 --=20 2.28.0 From nobody Mon Feb 9 14:46:47 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org ARC-Seal: i=1; a=rsa-sha256; t=1605130932; cv=none; d=zohomail.com; s=zohoarc; b=L0mh/mFM+fklGCziQr1eMOTV1lYY2GjF/97WIMXGGNsF+tX+ryvWr0GrElBWEkpAJGM2LrNczM3nk0Mt7fUe8yECW2HlcXG+gsfsvN8vyvV1z4B5+IFNHPbshQXiiHXl8GFse7seiQ5NPCwTWnd1vfVW4RYNwX6c3ozDez6kLUA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1605130932; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=q12/isE8Tzc6il5xil48EWS/fy4gIWcbZMiWHmN0WtI=; b=dbcdF13Qg2yt37Ed5Wr8iCEyX11N5D9J40QXVXiwMZ603GGhzRx/BmIdOk3NbI3hc6rXwztzo7ju5cEvUTUFu9SGWc5sbotFGJs5dpNbMeqnErgJ6JQk8pgpgNb2GMFq17xlqNntqcUxud0ss+qqZzUpSGCsOGO6OI9O7qpd8s0= ARC-Authentication-Results: i=1; mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1605130932083845.4022618984712; Wed, 11 Nov 2020 13:42:12 -0800 (PST) Received: from localhost ([::1]:38368 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kcxsZ-0002SK-13 for importer@patchew.org; Wed, 11 Nov 2020 16:42:11 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:43428) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kcxrC-0000sc-K9 for qemu-devel@nongnu.org; Wed, 11 Nov 2020 16:40:46 -0500 Received: from mout.kundenserver.de ([217.72.192.74]:52581) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kcxr8-00069R-3E for qemu-devel@nongnu.org; Wed, 11 Nov 2020 16:40:45 -0500 Received: from localhost.localdomain ([82.252.148.166]) by mrelayeu.kundenserver.de (mreue106 [212.227.15.183]) with ESMTPSA (Nemesis) id 1N8nnU-1kGVKC0TdG-015o5L; Wed, 11 Nov 2020 22:40:38 +0100 From: Laurent Vivier To: qemu-devel@nongnu.org Subject: [PULL 2/2] linux-user: Prevent crash in epoll_ctl Date: Wed, 11 Nov 2020 22:40:33 +0100 Message-Id: <20201111214033.432676-3-laurent@vivier.eu> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20201111214033.432676-1-laurent@vivier.eu> References: <20201111214033.432676-1-laurent@vivier.eu> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Provags-ID: V03:K1:jglzoGbgvW1Letey5uAHnyjWsE/7vIJCxP5BpAxta2OY4hzK/zV 09W7XhnH94dZC4mHy0qxWcljzxuKMSFqbxvPRQsM8R1mI1+r+AFVNckRUyiS85rpYAUtB3L AHdNm6CPnCLvMUo6LklwEFWsmfj7Gr/mx21JhaJgpAPLfg8qc/CwCSEe0K+CX+7d0s611bA /Xj0avqnInA9nIpL75ENw== X-UI-Out-Filterresults: notjunk:1;V03:K0:998k9TTgBHI=:iiT6eq+gEJw7b/B7rUKSBp vGBCRslTPta62rP6WZzoHJJQsG5PRcatK7nc4B+XAazEZIy+0uA3wPe+mIoAMaq4OJxGf31l1 rjSpgf3AVXY3jayv+ljv+ncTTW9wrZToo6uIyhZIy+PBJusMcH4wmlU25jjj1sJEUd7ifFEUj hzTZxNoYghu0UopURJcHKR3MKpUA6GmQWIriv2S16Tun20aJ3Ry/welkKLCHXZE+FG0qWfISy ryjkHT1bP1uYhjObjOYeLZWbXYQS5PXq8n4cYgRkuaTTtb5bxMBjbW0qit+KSf4Zg8Zmq/ecu 3a8tSCnWATF6eSyyIfJ8yFoQJpeRX2Xu5nR2gHL+DyUBZxV/Ry7XEi8W+bPphb0F2me5vFHyF GywXw2HHSSGdEbiY1f/mn9Jhf4spTHF/mPXB6CbhAQAEsyvEhSZxeogMM2ab5oSvrkHfdmO4/ 7zpUe40JSA== Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: none client-ip=217.72.192.74; envelope-from=laurent@vivier.eu; helo=mout.kundenserver.de X-detected-operating-system: by eggs.gnu.org: First seen = 2020/11/11 16:40:37 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: LemonBoy , Laurent Vivier Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Type: text/plain; charset="utf-8" From: LemonBoy From 894bb5172705e46a3a04c93b4962c0f0cafee814 Mon Sep 17 00:00:00 2001 From: Giuseppe Musacchio Date: Fri, 17 Apr 2020 17:25:07 +0200 Subject: [PATCH] linux-user: Prevent crash in epoll_ctl The `event` parameter is ignored by the kernel if `op` is EPOLL_CTL_DEL, do the same and avoid returning EFAULT if garbage is passed instead of a valid pointer. Signed-off-by: Giuseppe Musacchio Reviewed-by: Laurent Vivier Message-Id: Signed-off-by: Laurent Vivier --- linux-user/syscall.c | 26 +++++++++++++++++--------- 1 file changed, 17 insertions(+), 9 deletions(-) diff --git a/linux-user/syscall.c b/linux-user/syscall.c index 3160a9ba06bd..27adee908ebc 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -12590,17 +12590,25 @@ static abi_long do_syscall1(void *cpu_env, int nu= m, abi_long arg1, struct epoll_event ep; struct epoll_event *epp =3D 0; if (arg4) { - struct target_epoll_event *target_ep; - if (!lock_user_struct(VERIFY_READ, target_ep, arg4, 1)) { - return -TARGET_EFAULT; + if (arg2 !=3D EPOLL_CTL_DEL) { + struct target_epoll_event *target_ep; + if (!lock_user_struct(VERIFY_READ, target_ep, arg4, 1)) { + return -TARGET_EFAULT; + } + ep.events =3D tswap32(target_ep->events); + /* + * The epoll_data_t union is just opaque data to the kerne= l, + * so we transfer all 64 bits across and need not worry wh= at + * actual data type it is. + */ + ep.data.u64 =3D tswap64(target_ep->data.u64); + unlock_user_struct(target_ep, arg4, 0); } - ep.events =3D tswap32(target_ep->events); - /* The epoll_data_t union is just opaque data to the kernel, - * so we transfer all 64 bits across and need not worry what - * actual data type it is. + /* + * before kernel 2.6.9, EPOLL_CTL_DEL operation required a + * non-null pointer, even though this argument is ignored. + * */ - ep.data.u64 =3D tswap64(target_ep->data.u64); - unlock_user_struct(target_ep, arg4, 0); epp =3D &ep; } return get_errno(epoll_ctl(arg1, arg2, arg3, epp)); --=20 2.28.0