From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Martin Berglund <martin@rogsta.net>
Cc: devel@driverdev.osuosl.org,
Forest Bond <forest@alittletooquiet.net>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] staging: vt6655: wpactl.c: Fix sparse warnings
Date: Fri, 8 Aug 2014 06:47:25 -0700 [thread overview]
Message-ID: <20140808134725.GE4427@kroah.com> (raw)
In-Reply-To: <20140808070755.GA12023@astc-ogir.Teknik.UU.SE>
On Fri, Aug 08, 2014 at 09:07:55AM +0200, Martin Berglund wrote:
> On Thu, Aug 07, 2014 at 07:18:13PM -0700, Greg Kroah-Hartman wrote:
> > On Thu, Aug 07, 2014 at 11:08:34PM +0100, Martin Berglund wrote:
> > > Add missing __user macro casting in the function wpa_set_keys.
> > > This is okay since the function handles the possibility of
> > > param->u.wpa_key.key and param->u.wpa_key.seq pointing to
> > > kernelspace using a flag, fcpfkernel.
> > >
> > > Signed-off-by: Martin Berglund <martin@rogsta.net>
> > > ---
> > > This was submitted as part of Eudyptula challenge task 16
> > >
> > > drivers/staging/vt6655/wpactl.c | 8 ++++++--
> > > 1 file changed, 6 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/drivers/staging/vt6655/wpactl.c b/drivers/staging/vt6655/wpactl.c
> > > index 5f454ca..d75dd79 100644
> > > --- a/drivers/staging/vt6655/wpactl.c
> > > +++ b/drivers/staging/vt6655/wpactl.c
> > > @@ -224,7 +224,9 @@ int wpa_set_keys(PSDevice pDevice, void *ctx,
> > > } else {
> > > spin_unlock_irq(&pDevice->lock);
> > > if (param->u.wpa_key.key &&
> > > - copy_from_user(&abyKey[0], param->u.wpa_key.key, param->u.wpa_key.key_len)) {
> > > + copy_from_user(&abyKey[0],
> > > + (void __user *)param->u.wpa_key.key,
> >
> > Would it be better to mark this pointer as __user in the structure
> > itself? Or is it also used as a kernel structure in other places?
> >
> > thanks,
> >
> > greg k-h
>
> Yes, the structure is used as a kernel structure in some other places.
> Even this function is sometimes called with the pointers in the
> structure pointing to kernel memory. However, that is correctly
> handled with a flag also sent to the function.
Ugh, that's a mess. And should be cleaned up...
> As a side note: there are some uses of memcpy in this file that
> might be good to switch to copy_from/to_user but it's not as clear
> to me if these pointers never can point to kernel memory (because of
> the mixing of the two). For example all copying of ssid and bssid.
That also is not good, if memcpy is used for userspace memory pointers,
bad things can happen on some machines...
Look at how this was fixed up in the other staging vt* driver, odds are
you can do the same thing here, right?
thanks,
greg k-h
next prev parent reply other threads:[~2014-08-08 13:47 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-07 22:08 [PATCH] staging: vt6655: wpactl.c: Fix sparse warnings Martin Berglund
2014-08-08 2:18 ` Greg Kroah-Hartman
2014-08-08 7:07 ` Martin Berglund
2014-08-08 13:47 ` Greg Kroah-Hartman [this message]
2014-08-08 23:55 ` Martin Berglund
2014-08-10 3:36 ` Greg Kroah-Hartman
2014-08-10 13:28 ` Martin Berglund
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140808134725.GE4427@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=devel@driverdev.osuosl.org \
--cc=forest@alittletooquiet.net \
--cc=linux-kernel@vger.kernel.org \
--cc=martin@rogsta.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox