releases/3.0.8/avoid-using-variable-length-arrays-in-kernel-sys.c.patch - pub/scm/linux/kernel/git/stable/stable-queue - Git at Google

 From a84a79e4d369a73c0130b5858199e949432da4c6 Mon Sep 17 00:00:00 2001
 From: Linus Torvalds <torvalds@linux-foundation.org>
 Date: Mon, 17 Oct 2011 08:24:24 -0700
 Subject: Avoid using variable-length arrays in kernel/sys.c

 From: Linus Torvalds <torvalds@linux-foundation.org>

 commit a84a79e4d369a73c0130b5858199e949432da4c6 upstream.

 The size is always valid, but variable-length arrays generate worse code
 for no good reason (unless the function happens to be inlined and the
 compiler sees the length for the simple constant it is).

 Also, there seems to be some code generation problem on POWER, where
 Henrik Bakken reports that register r28 can get corrupted under some
 subtle circumstances (interrupt happening at the wrong time?).  That all
 indicates some seriously broken compiler issues, but since variable
 length arrays are bad regardless, there's little point in trying to
 chase it down.

 "Just don't do that, then".

 Reported-by: Henrik Grindal Bakken <henribak@cisco.com>
 Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
 Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

 ---
  kernel/sys.c |    2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

 --- a/kernel/sys.c
 +++ b/kernel/sys.c
 @@ -1135,7 +1135,7 @@ DECLARE_RWSEM(uts_sem);
  static int override_release(char __user *release, int len)
  {
  	int ret = 0;
 -	char buf[len];
 +	char buf[65];

  	if (current->personality & UNAME26) {
  		char *rest = UTS_RELEASE;
	From a84a79e4d369a73c0130b5858199e949432da4c6 Mon Sep 17 00:00:00 2001
	From: Linus Torvalds <torvalds@linux-foundation.org>
	Date: Mon, 17 Oct 2011 08:24:24 -0700
	Subject: Avoid using variable-length arrays in kernel/sys.c

	From: Linus Torvalds <torvalds@linux-foundation.org>

	commit a84a79e4d369a73c0130b5858199e949432da4c6 upstream.

	The size is always valid, but variable-length arrays generate worse code
	for no good reason (unless the function happens to be inlined and the
	compiler sees the length for the simple constant it is).

	Also, there seems to be some code generation problem on POWER, where
	Henrik Bakken reports that register r28 can get corrupted under some
	subtle circumstances (interrupt happening at the wrong time?). That all
	indicates some seriously broken compiler issues, but since variable
	length arrays are bad regardless, there's little point in trying to
	chase it down.

	"Just don't do that, then".

	Reported-by: Henrik Grindal Bakken <henribak@cisco.com>
	Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
	Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
	Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

	---
	kernel/sys.c \| 2 +-
	1 file changed, 1 insertion(+), 1 deletion(-)

	--- a/kernel/sys.c
	+++ b/kernel/sys.c
	@@ -1135,7 +1135,7 @@ DECLARE_RWSEM(uts_sem);
	static int override_release(char __user *release, int len)
	{
	int ret = 0;
	- char buf[len];
	+ char buf[65];

	if (current->personality & UNAME26) {
	char *rest = UTS_RELEASE;