From: Johannes Stezenbach <js@convergence.de>
To: viro@parcelfarce.linux.theplanet.co.uk
Cc: Andrew Morton <akpm@osdl.org>, linux-kernel@vger.kernel.org
Subject: Re: 2.6.8-rc2-mm1
Date: Thu, 29 Jul 2004 01:24:53 +0200 [thread overview]
Message-ID: <20040728232453.GA6377@convergence.de> (raw)
In-Reply-To: <20040728224423.GJ12308@parcelfarce.linux.theplanet.co.uk>
On Wed, Jul 28, 2004 at 11:44:23PM +0100, viro@parcelfarce.linux.theplanet.co.uk wrote:
> On Thu, Jul 29, 2004 at 12:24:55AM +0200, Johannes Stezenbach wrote:
> > Signed-off-by: Johannes Stezenbach <js@convergence.de>
> >
> > --- linux-2.6.8-rc2/drivers/media/dvb/dvb-core/dvb_functions.c.orig 2004-07-29 00:19:50.000000000 +0200
> > +++ linux-2.6.8-rc2/drivers/media/dvb/dvb-core/dvb_functions.c 2004-07-29 00:20:05.000000000 +0200
> > @@ -36,7 +36,7 @@ int dvb_usercopy(struct inode *inode, st
> > /* Copy arguments into temp kernel buffer */
> > switch (_IOC_DIR(cmd)) {
> > case _IOC_NONE:
> > - parg = NULL;
> > + parg = (void *) arg;
>
> Mind explaining why it is the right thing to do? You are creating a kernel
> pointer out of value passed to you by userland and feed it to a function
> that expects a kernel pointer. Which is an invitation for trouble - if
> it ends up dereferenced, we are screwed and won't notice that.
This is a hack introduced by someone years ago. The "pointer" is
actually an integer argument, e.g. in include/linux/dvb/audio.h:
#define AUDIO_SET_MUTE _IO('o', 6)
actually takes an integer argument (!0 mute, 0 unmute), so one can write
if (ioctl(fd, AUDIO_SET_MUTE, 1) == -1)
perror("mute");
It is unusual (maybe even wrong?), but we cannot change it without
losing binary API compatibility. However, I see that sparse might
flag this as a possible bug :-(
Johannes
next prev parent reply other threads:[~2004-07-28 23:30 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-07-28 9:04 2.6.8-rc2-mm1 Andrew Morton
2004-07-28 16:36 ` 2.6.8-rc2-mm1 Jesse Barnes
2004-07-28 17:08 ` 2.6.8-rc2-mm1 (compile stats) John Cherry
2004-07-28 19:37 ` 2.6.8-rc2-mm1 Peter Osterlund
2004-07-28 22:24 ` 2.6.8-rc2-mm1 Johannes Stezenbach
2004-07-28 22:44 ` 2.6.8-rc2-mm1 viro
2004-07-28 23:24 ` Johannes Stezenbach [this message]
2004-07-28 23:34 ` 2.6.8-rc2-mm1 Andrew Morton
2004-07-29 0:08 ` 2.6.8-rc2-mm1 Johannes Stezenbach
2004-07-29 6:42 ` 2.6.8-rc2-mm1 Andrew Morton
2004-07-29 19:35 ` 2.6.8-rc2-mm1 Michael Hunold
2004-07-29 21:02 ` 2.6.8-rc2-mm1 Andrew Morton
2004-07-28 22:49 ` 2.6.8-rc2-mm1 Adam Kropelin
2004-07-28 23:20 ` 2.6.8-rc2-mm1 Andrew Morton
2004-07-28 23:13 ` 2.6.8-rc2-mm1 Paul Jackson
2004-07-29 14:36 ` 2.6.8-rc2-mm1 Adrian Bunk
2004-07-29 19:36 ` 2.6.8-rc2-mm1 David Woodhouse
2004-07-29 14:41 ` 2.6.8-rc2-mm1: NTFS compile error with gcc 2.95 Adrian Bunk
2004-07-29 15:54 ` Jan-Benedict Glaw
2004-07-29 20:42 ` [patch] " Adrian Bunk
[not found] ` <Pine.LNX.4.60.0407292249120.25661@hermes-1.csi.cam.ac.uk>
2004-07-29 23:18 ` Adrian Bunk
2004-07-29 21:27 ` 2.6.8-rc2-mm1: DVB: "errno" undefined Adrian Bunk
2004-07-29 22:44 ` Kenneth Aafløy
2004-07-29 23:24 ` Adrian Bunk
2004-07-30 14:30 ` Arnd Bergmann
2004-07-31 10:09 ` 2.6.8-rc2-mm1 breaks PPPoE for me (was: 2.6.8-rc2-mm1) Matthias Andree
2004-07-31 16:39 ` 2.6.8-rc2-mm1 Zwane Mwaikambo
2004-07-31 18:47 ` 2.6.8-rc2-mm1 Andrew Morton
2004-07-31 19:54 ` 2.6.8-rc2-mm1 Zwane Mwaikambo
2004-07-31 20:09 ` 2.6.8-rc2-mm1 Zwane Mwaikambo
2004-07-31 20:21 ` 2.6.8-rc2-mm1 Andrew Morton
2004-08-01 4:21 ` 2.6.8-rc2-mm1 Zwane Mwaikambo
2004-08-01 11:16 ` 2.6.8-rc2-mm1 Ingo Molnar
2004-08-01 11:05 ` 2.6.8-rc2-mm1 Ingo Molnar
2004-08-01 2:36 ` 2.6.8-rc2-mm1 William Lee Irwin III
2004-08-01 8:05 ` 2.6.8-rc2-mm1 Andrew Morton
2004-08-01 12:33 ` 2.6.8-rc2-mm1 William Lee Irwin III
2004-08-01 21:11 ` 2.6.8-rc2-mm1 Sam Ravnborg
2004-08-01 23:57 ` 2.6.8-rc2-mm1 William Lee Irwin III
2004-08-03 20:46 ` 2.6.8-rc2-mm1 Sam Ravnborg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20040728232453.GA6377@convergence.de \
--to=js@convergence.de \
--cc=akpm@osdl.org \
--cc=linux-kernel@vger.kernel.org \
--cc=viro@parcelfarce.linux.theplanet.co.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox