After all we're calling sys_waitid() with fs set to KERNEL_DS ...
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
long ret;
mm_segment_t old_fs = get_fs();
long ret;
mm_segment_t old_fs = get_fs();
+ if (!access_ok(VERIFY_WRITE, uinfo, sizeof(*uinfo)))
+ return -EFAULT;
+
set_fs (KERNEL_DS);
ret = sys_waitid(which, pid, uinfo, options,
uru ? (struct rusage __user *) &ru : NULL);
set_fs (KERNEL_DS);
ret = sys_waitid(which, pid, uinfo, options,
uru ? (struct rusage __user *) &ru : NULL);