From: Ingo Molnar <mingo@elte.hu>

- added an explicit access_ok() check to the futex_atomic_cmpxchg()
  function.  This is not needed in the place it's currently used (there we
  have already validated the access_ok() range validity of the userspace
  pointer), but it's good to do it nevertheless, just in case the function
  gets used elsewhere in the futex code.

Signed-off-by: Andrew Morton <akpm@osdl.org>
---

 include/asm-x86_64/futex.h |    3 +++
 1 files changed, 3 insertions(+)

diff -puN include/asm-x86_64/futex.h~lightweight-robust-futexes-x86_64-fix include/asm-x86_64/futex.h
--- devel/include/asm-x86_64/futex.h~lightweight-robust-futexes-x86_64-fix	2006-02-21 00:59:11.000000000 -0800
+++ devel-akpm/include/asm-x86_64/futex.h	2006-02-21 00:59:11.000000000 -0800
@@ -97,6 +97,9 @@ futex_atomic_op_inuser (int encoded_op, 
 static inline int
 futex_atomic_cmpxchg_inuser(int __user *uaddr, int oldval, int newval)
 {
+	if (!access_ok(VERIFY_WRITE, uaddr, sizeof(int)))
+		return -EFAULT;
+
 	__asm__ __volatile__(
 		"1:	" LOCK_PREFIX "cmpxchgl %3, %1		\n"
 
_