From: "Randy.Dunlap" <rddunlap@osdl.org>
From: Eugene TEO <eugeneteo@eugeneteo.net>




---

 arch/i386/kernel/i387.c |    5 +++--
 1 files changed, 3 insertions(+), 2 deletions(-)

diff -puN arch/i386/kernel/i387.c~janitor-09-i387-usercopy-check arch/i386/kernel/i387.c
--- 25/arch/i386/kernel/i387.c~janitor-09-i387-usercopy-check	2004-01-19 00:10:13.000000000 -0800
+++ 25-akpm/arch/i386/kernel/i387.c	2004-01-19 00:10:13.000000000 -0800
@@ -452,8 +452,9 @@ int get_fpxregs( struct user_fxsr_struct
 int set_fpxregs( struct task_struct *tsk, struct user_fxsr_struct __user *buf )
 {
 	if ( cpu_has_fxsr ) {
-		__copy_from_user( &tsk->thread.i387.fxsave, buf,
-				  sizeof(struct user_fxsr_struct) );
+		if (__copy_from_user( &tsk->thread.i387.fxsave, buf,
+				  sizeof(struct user_fxsr_struct) ))
+			return -EFAULT;
 		/* mxcsr bit 6 and 31-16 must be zero for security reasons */
 		tsk->thread.i387.fxsave.mxcsr &= 0xffbf;
 		return 0;

_