* large copy_to_user fills only one page?
@ 2002-05-30 14:36 Emmanuel Michon
2002-05-30 15:16 ` Andi Kleen
2002-05-30 15:25 ` Ingo Oeser
0 siblings, 2 replies; 3+ messages in thread
From: Emmanuel Michon @ 2002-05-30 14:36 UTC (permalink / raw)
To: linux-kernel
Hi,
I'm working with linux-2.4.18, and writing some
trivial code to get from kernel a grabbed image working this way:
#define IMSIZE 350000
user mode runs:
u_p=malloc(IMSIZE);
ioctl(grabberfd,DOGRAB,u_p);
write *u_p to disk
free(u_p);
kernelmode runs:
case DOGRAB:
char *u_p,*k_p;
copy_from_user(u_p,arg,sizeof(char *));
k_p=vmalloc(IMSIZE);
kernelgrabs(k_p);
copy_to_user(u_p,k_p,IMSIZE);
vfree(k_p);
break;
What I get actually is only 4K filled in userland, but copy_to_user
returns IMSIZE!
If I memset the memory area *u_p to any value, the grab happens
properly.
I guess memset'ing faults the good pages in, I'm quite surprised
this does not happen smoothly by itself ;-(
Any clue?
Sincerely yours,
--
Emmanuel Michon
Chef de projet
REALmagic France SAS
Mobile: 0614372733 GPGkeyID: D2997E42
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: large copy_to_user fills only one page?
2002-05-30 14:36 large copy_to_user fills only one page? Emmanuel Michon
@ 2002-05-30 15:16 ` Andi Kleen
2002-05-30 15:25 ` Ingo Oeser
1 sibling, 0 replies; 3+ messages in thread
From: Andi Kleen @ 2002-05-30 15:16 UTC (permalink / raw)
To: Emmanuel Michon; +Cc: linux-kernel
Emmanuel Michon <emmanuel_michon@realmagic.fr> writes:
> case DOGRAB:
> char *u_p,*k_p;
> copy_from_user(u_p,arg,sizeof(char *));
^^^
You copy into random stack garbage here. After that it goes downwards.
-Andi
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: large copy_to_user fills only one page?
2002-05-30 14:36 large copy_to_user fills only one page? Emmanuel Michon
2002-05-30 15:16 ` Andi Kleen
@ 2002-05-30 15:25 ` Ingo Oeser
1 sibling, 0 replies; 3+ messages in thread
From: Ingo Oeser @ 2002-05-30 15:25 UTC (permalink / raw)
To: Emmanuel Michon; +Cc: linux-kernel
Hi Emmanuel,
On Thu, May 30, 2002 at 04:36:22PM +0200, Emmanuel Michon wrote:
> I'm working with linux-2.4.18, and writing some
> trivial code to get from kernel a grabbed image working this way:
> What I get actually is only 4K filled in userland, but copy_to_user
> returns IMSIZE!
copy_to_user() returns the number of bytes NOT copied.
same for copy_from_user().
This is a common mistake and your code using this functions should
look like this:
if (copy_from_user(to,uptr,size)) {
return -EFAULT;
}
/* Do some processing */
if (copy_to_user(uptr,from,size)) {
return -EFAULT;
}
PS: CC'ed linux-kernel, that you will not get 1000 answers ;-)
Regards
Ingo Oeser
--
Science is what we can tell a computer. Art is everything else. --- D.E.Knuth
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2002-05-30 15:25 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-05-30 14:36 large copy_to_user fills only one page? Emmanuel Michon
2002-05-30 15:16 ` Andi Kleen
2002-05-30 15:25 ` Ingo Oeser
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.