From c0d6706bd0fc8966a09787c6a7c87694efdbddd1 Mon Sep 17 00:00:00 2001
From: Chris Wright <chrisw@fuzzy.pdx.osdl.net>
Date: Wed, 1 Jun 2005 08:46:07 -0700
Subject: [PATCH] add x86_64: Fix ptrace boundary check from Andi

---
 queue/series                                 |  1 +
 queue/x86_64-fix-ptrace-boundary-check.patch | 40 ++++++++++++++++++++
 2 files changed, 41 insertions(+)
 create mode 100644 queue/x86_64-fix-ptrace-boundary-check.patch

diff --git a/queue/series b/queue/series
index c38cc254b4e..b8562d7f570 100644
--- a/queue/series
+++ b/queue/series
@@ -2,3 +2,4 @@ fix-pte_unmap.patch
 netfilter-ip_queue-deadlock-fix.patch
 hfsplus-oops-hfs-leak-fix.patch
 x86_64-avoid-SMP-bootup-race.patch
+x86_64-fix-ptrace-boundary-check.patch
diff --git a/queue/x86_64-fix-ptrace-boundary-check.patch b/queue/x86_64-fix-ptrace-boundary-check.patch
new file mode 100644
index 00000000000..9578c6bf7d8
--- /dev/null
+++ b/queue/x86_64-fix-ptrace-boundary-check.patch
@@ -0,0 +1,40 @@
+From stable-bounces@linux.kernel.org  Wed Jun  1 03:47:52 2005
+Date: Wed, 1 Jun 2005 12:47:30 +0200
+From: Andi Kleen <ak@suse.de>
+To: stable@kernel.org
+Subject: [PATCH] x86_64: Fix ptrace boundary check
+
+Don't allow accesses below register frame in ptrace
+
+There was a "off by one quad word" error in there. 
+
+Found and fixed by John Blackwood
+
+Signed-off-by: Andi Kleen <ak@suse.de>
+Signed-off-by: Chris Wright <chrisw@osdl.org>
+
+ arch/x86_64/kernel/ptrace.c |    4 ++--
+ 1 files changed, 2 insertions(+), 2 deletions(-)
+
+Index: release-2.6.11/arch/x86_64/kernel/ptrace.c
+===================================================================
+--- release-2.6.11.orig/arch/x86_64/kernel/ptrace.c
++++ release-2.6.11/arch/x86_64/kernel/ptrace.c
+@@ -252,7 +252,7 @@ asmlinkage long sys_ptrace(long request,
+ 			break;
+ 
+ 		switch (addr) { 
+-		case 0 ... sizeof(struct user_regs_struct):
++		case 0 ... sizeof(struct user_regs_struct) - sizeof(long):
+ 			tmp = getreg(child, addr);
+ 			break;
+ 		case offsetof(struct user, u_debugreg[0]):
+@@ -297,7 +297,7 @@ asmlinkage long sys_ptrace(long request,
+ 			break;
+ 
+ 		switch (addr) { 
+-		case 0 ... sizeof(struct user_regs_struct): 
++		case 0 ... sizeof(struct user_regs_struct) - sizeof(long):
+ 			ret = putreg(child, addr, data);
+ 			break;
+ 		/* Disallows to set a breakpoint into the vsyscall */
-- 
2.47.3