From: Arun Sharma <arun.sharma@intel.com>
To: Andrew Morton <akpm@osdl.org>
Cc: linux-kernel@vger.kernel.org, "Tian, Kevin" <kevin.tian@intel.com>
Subject: [PATCH] ioctl32 fix for bond_ioctl
Date: Wed, 01 Oct 2003 13:41:59 -0700 [thread overview]
Message-ID: <3F7B3C17.10909@intel.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 445 bytes --]
Problem: These four ioctls use ifreq32.ifr_ifru.ifru_data.
case SIOCBONDENSLAVE:
case SIOCBONDRELEASE:
case SIOCBONDSETHWADDR:
case SIOCBONDCHANGEACTIVE:
Whereas these use ifreq32.ifr_ifru.ifru_slave:
case SIOCBONDSLAVEINFOQUERY:
case SIOCBONDINFOQUERY:
The current code assumes ifru_data for all 6 ioctls. This fails with EFAULT for the last two. The attached patch fixes the problem and has been tested on ia64.
-Arun
[-- Attachment #2: bonding.patch --]
[-- Type: text/plain, Size: 2200 bytes --]
Index: linux-2.6/fs/compat_ioctl.c
===================================================================
--- linux-2.6/fs/compat_ioctl.c (revision 13715)
+++ linux-2.6/fs/compat_ioctl.c (working copy)
@@ -576,54 +576,45 @@
static int bond_ioctl(unsigned long fd, unsigned int cmd, unsigned long arg)
{
- struct ifreq ifr;
+ struct ifreq kifr;
+ struct ifreq *uifr;
+ struct ifreq32 *ifr32 = (struct ifreq32 *) arg;
mm_segment_t old_fs;
- int err, len;
+ int err;
u32 data;
-
- if (copy_from_user(&ifr, (struct ifreq32 *)arg, sizeof(struct ifreq32)))
- return -EFAULT;
- ifr.ifr_data = (__kernel_caddr_t)get_zeroed_page(GFP_KERNEL);
- if (!ifr.ifr_data)
- return -EAGAIN;
+ void *datap;
switch (cmd) {
case SIOCBONDENSLAVE:
case SIOCBONDRELEASE:
case SIOCBONDSETHWADDR:
case SIOCBONDCHANGEACTIVE:
- len = IFNAMSIZ * sizeof(char);
- break;
+ if (copy_from_user(&kifr, ifr32, sizeof(struct ifreq32)))
+ return -EFAULT;
+
+ old_fs = get_fs();
+ set_fs (KERNEL_DS);
+ err = sys_ioctl (fd, cmd, (unsigned long)&kifr);
+ set_fs (old_fs);
+
+ return err;
case SIOCBONDSLAVEINFOQUERY:
- len = sizeof(struct ifslave);
- break;
case SIOCBONDINFOQUERY:
- len = sizeof(struct ifbond);
- break;
- default:
- err = -EINVAL;
- goto out;
- };
+ uifr = compat_alloc_user_space(sizeof(*uifr));
+ if (copy_in_user(&uifr->ifr_name, &ifr32->ifr_name, IFNAMSIZ))
+ return -EFAULT;
- __get_user(data, &(((struct ifreq32 *)arg)->ifr_ifru.ifru_data));
- if (copy_from_user(ifr.ifr_data, compat_ptr(data), len)) {
- err = -EFAULT;
- goto out;
- }
+ if (get_user(data, &ifr32->ifr_ifru.ifru_data))
+ return -EFAULT;
- old_fs = get_fs();
- set_fs (KERNEL_DS);
- err = sys_ioctl (fd, cmd, (unsigned long)&ifr);
- set_fs (old_fs);
- if (!err) {
- len = copy_to_user(compat_ptr(data), ifr.ifr_data, len);
- if (len)
- err = -EFAULT;
- }
+ datap = compat_ptr(data);
+ if (put_user(datap, &uifr->ifr_ifru.ifru_data))
+ return -EFAULT;
-out:
- free_page((unsigned long)ifr.ifr_data);
- return err;
+ return sys_ioctl (fd, cmd, (unsigned long)uifr);
+ default:
+ return -EINVAL;
+ };
}
int siocdevprivate_ioctl(unsigned int fd, unsigned int cmd, unsigned long arg)
reply other threads:[~2003-10-01 20:43 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3F7B3C17.10909@intel.com \
--to=arun.sharma@intel.com \
--cc=akpm@osdl.org \
--cc=kevin.tian@intel.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.