From: Chen Jun <chenjun102@xxxxxxxxxx>
commit 2d036dfa5f10df9782f5278fc591d79d283c1fad upstream.
The return value on success (>= 0) is overwritten by the return value of
compat_put_timex(). That works correct in the fault case, but is wrong for
the success case where compat_put_timex() returns 0.
Just check the return value of compat_put_timex() and return -EFAULT in case
it is not zero.
[ tglx: Massage changelog ]
[ tglx: Backport to 4.19, 4.14 ]
Fixes: 3a4d44b61625 ("ntp: Move adjtimex related compat syscalls to native counterparts")
Signed-off-by: Chen Jun <chenjun102@xxxxxxxxxx>
Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
Reviewed-by: Richard Cochran <richardcochran@xxxxxxxxx>
Cc: stable@xxxxxxxxxxxxxxx
Link: https://lore.kernel.org/r/20210414030449.90692-1-chenjun102@xxxxxxxxxx
---
kernel/time/posix-timers.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/kernel/time/posix-timers.c
+++ b/kernel/time/posix-timers.c
@@ -1166,8 +1166,8 @@ COMPAT_SYSCALL_DEFINE2(clock_adjtime, cl
err = kc->clock_adj(which_clock, &ktx);
- if (err >= 0)
- err = compat_put_timex(utp, &ktx);
+ if (err >= 0 && compat_put_timex(utp, &ktx))
+ return -EFAULT;
return err;
}
