summaryrefslogtreecommitdiff
path: root/arch/x86/kernel/xsave.c
diff options
context:
space:
mode:
Diffstat (limited to 'arch/x86/kernel/xsave.c')
-rw-r--r--arch/x86/kernel/xsave.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/arch/x86/kernel/xsave.c b/arch/x86/kernel/xsave.c
index cdc6cf903078..460e72155f51 100644
--- a/arch/x86/kernel/xsave.c
+++ b/arch/x86/kernel/xsave.c
@@ -394,7 +394,9 @@ int __restore_xstate_sig(void __user *buf, void __user *buf_fx, int size)
drop_fpu(tsk);
if (__copy_from_user(&fpu->state->xsave, buf_fx, state_size) ||
- __copy_from_user(&env, buf, sizeof(env))) {
+ __copy_from_user(&env, buf, sizeof(env)) ||
+ (state_size > offsetof(struct xsave_struct, xsave_hdr) &&
+ fpu->state->xsave.xsave_hdr.xcomp_bv)) {
fpu_finit(fpu);
err = -1;
} else {
generated by cgit v1.2.3 (git 2.39.1) at 2025-06-15 14:18:41 +0000