Re: dev_ifname32() fails on 32->64bit calls in copy_in_user().
From: Eric W. Biederman
Date: Wed Oct 31 2007 - 04:04:33 EST
Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> writes:
> Bug is in the new dev_ifname32:
>
> uifr = compat_alloc_user_space(sizeof(struct ifreq));
> if (copy_in_user(uifr, compat_ptr(arg), sizeof(struct ifreq32)));
> return -EFAULT;
>
> There's a stray ";" after the if statement, that was obviously not
> tested :-)
Grr sorry about that, and thanks for catching this.
Eric
> This fixes it here (tested):
> ----------------------------------------------------------------------------
> [PATCH] Fix new dev_ifname32 returning -EFAULT
>
> A stray semicolon slipped in the patch that updated dev_ifname32 to
> not be inline, causing it to always return -EFAULT. This fixes it.
>
> Signed-off-by: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx>
> ---
>
> Index: linux-work/fs/compat_ioctl.c
> ===================================================================
> --- linux-work.orig/fs/compat_ioctl.c 2007-10-31 13:30:42.000000000 +1100
> +++ linux-work/fs/compat_ioctl.c 2007-10-31 13:30:46.000000000 +1100
> @@ -322,7 +322,7 @@ static int dev_ifname32(unsigned int fd,
> int err;
>
> uifr = compat_alloc_user_space(sizeof(struct ifreq));
> - if (copy_in_user(uifr, compat_ptr(arg), sizeof(struct ifreq32)));
> + if (copy_in_user(uifr, compat_ptr(arg), sizeof(struct ifreq32)))
> return -EFAULT;
>
> err = sys_ioctl(fd, SIOCGIFNAME, (unsigned long)uifr);
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/