s390/uaccess: remove copy_from_user_real()

There is no user left, so remove it. It was also potentially broken, since the function didn't clear destination memory if copy_from_user() failed. Which would allow for information leaks. Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2014-02-24 16:18:55 +01:00 · 2014-02-24 16:18:55 +01:00 · 823002023d
--- a/arch/s390/include/asm/uaccess.h
+++ b/arch/s390/include/asm/uaccess.h
@ -344,6 +344,5 @@ static inline unsigned long __must_check clear_user(void __user *to, unsigned lo
 }

 int copy_to_user_real(void __user *dest, void *src, unsigned long count);
-int copy_from_user_real(void *dest, void __user *src, unsigned long count);

 #endif /* __S390_UACCESS_H */
--- a/arch/s390/mm/maccess.c
+++ b/arch/s390/mm/maccess.c
@ -151,32 +151,6 @@ out:
 	return rc;
 }

-/*
- * Copy memory from user (virtual) to kernel (real)
- */
-int copy_from_user_real(void *dest, void __user *src, unsigned long count)
-{
-	int offs = 0, size, rc;
-	char *buf;
-
-	buf = (char *) __get_free_page(GFP_KERNEL);
-	if (!buf)
-		return -ENOMEM;
-	rc = -EFAULT;
-	while (offs < count) {
-		size = min(PAGE_SIZE, count - offs);
-		if (copy_from_user(buf, src + offs, size))
-			goto out;
-		if (memcpy_real(dest + offs, buf, size))
-			goto out;
-		offs += size;
-	}
-	rc = 0;
-out:
-	free_page((unsigned long) buf);
-	return rc;
-}
-
 /*
 * Check if physical address is within prefix or zero page
 */