lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <DC148C5AA1CEBA4E87973D432B1C2D88260ECFDC@P3PWEX4MB002.ex4.secureserver.net>
Date:	Tue, 27 Jan 2015 17:20:27 +0000
From:	Hartley Sweeten <HartleyS@...ionengravers.com>
To:	Ian Abbott <abbotti@....co.uk>,
	"driverdev-devel@...uxdriverproject.org" 
	<driverdev-devel@...uxdriverproject.org>
CC:	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"stable@...r.kernel.org" <stable@...r.kernel.org>
Subject: RE: [PATCH 1/7] staging: comedi: comedi_compat32.c: fix COMEDI_CMD
 copy back

On Tuesday, January 27, 2015 8:59 AM, Ian Abbott wrote:
> On 27/01/15 15:50, Ian Abbott wrote:
>> `do_cmd_ioctl()` in "comedi_fops.c" handles the `COMEDI_CMD` ioctl.
>> This returns `-EAGAIN` if it has copied a modified `struct comedi_cmd`
>> back to user-space.  (This occurs when the low-level Comedi driver's
>> `do_cmdtest()` handler returns non-zero to indicate a problem with the
>> contents of the `struct comedi_cmd`, or when the `struct comedi_cmd` has
>> the `CMDF_BOGUS` flag set.)
>>
>> `compat_cmd()` in "comedi_compat32.c" handles the 32-bit compatible
>> version of the `COMEDI_CMD` ioctl.  Currently, it never copies a 32-bit
>> compatible version of `struct comedi_cmd` back to user-space, which is
>> at odds with the way the regular `COMEDI_CMD` ioctl is handled.  To fix
>> it, change `compat_cmd()` to copy a 32-bit compatible version of the
>> `struct comedi_cmd` back to user-space when the main ioctl handler
>> returns `-EAGAIN`.
>>
>> Signed-off-by: Ian Abbott <abbotti@....co.uk>
>> Cc: <stable@...r.kernel.org>
>> ---
>>   drivers/staging/comedi/comedi_compat32.c | 13 +++++++++++--
>>   1 file changed, 11 insertions(+), 2 deletions(-)
>>
>> diff --git a/drivers/staging/comedi/comedi_compat32.c b/drivers/staging/comedi/comedi_compat32.c
>> index 5a4c74f..2440c60 100644
>> --- a/drivers/staging/comedi/comedi_compat32.c
>> +++ b/drivers/staging/comedi/comedi_compat32.c
>> @@ -262,7 +262,8 @@ static int compat_cmd(struct file *file, unsigned long arg)
>>   {
>>   	struct comedi_cmd __user *cmd;
>>   	struct comedi32_cmd_struct __user *cmd32;
>> -	int rc;
>> +	long rc;
>> +	int err;
>
> Gah!  That change in type of the 'rc' variable resulted from me changing 
> the order of the patches in the series.  It still works, but looks a bit 
> out of place.  Should I post an updated version without this niggle?

Please fix it. I does look strange. Actually, the last patch looks strange.

The "normal" return type in the kernel is an 'int'. As you mention in the
commit message: "The `unlocked_ioctl` and `compat_ioctl` file operations
are both defined to return a `long` (I don't know why)." It seems cleaner
to just have all the static functions return an int and just have
comedi_compat_ioctl() return the long value. Maybe just add a comment
why...

My 2 cents...

Regards,
Hartley




--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ