RE: [microblaze-uclinux] Re: copy_to_user problem

["Bartsch Carsten" <cbartsch@xxxxxxxxxx>]

Hi John,

 

It's just to protect ALL the arguments using brackets but the important part is

the pointers.

The macros contain

   (char *)to, (char *)from

and the IPC message code in msgutil.c calls

   copy_from_user(msg + 1, src, alen)

   copy_to_user(dest, msg + 1, alen)

with msg being a pointer to a structure bigger than a char.

Copying the other way around "undid the mistake" and worked in some cases.

Grep found some occurrences of pointer arithmetic in calls to these macros,

don't know if they are used.

 

Kind regards,

Carsten

 

 

De: owner-microblaze-uclinux@xxxxxxxxxxxxxx [mailto:owner-microblaze-uclinux@xxxxxxxxxxxxxx] En nombre de John Williams
Enviado el: jueves, 12 de marzo de 2009 0:11
Para: microblaze-uclinux@xxxxxxxxxxxxxx
Asunto: Re: [microblaze-uclinux] Re: copy_to_user problem

 

Hi Carsten,

So the patch just makes the count parameter 'n' macro-safe, right?

What was the error condition you saw, and how was this triggered?

Thanks,

John

On Tue, Mar 3, 2009 at 7:11 PM, Bartsch Carsten <cbartsch@xxxxxxxxxx> wrote:

Forgot the attachment...


-----Mensaje original-----
De: Bartsch Carsten
Enviado el: martes, 03 de marzo de 2009 10:09
Para: 'microblaze-uclinux@xxxxxxxxxxxxxx'
Asunto: copy_to_user problem

Here is a small fix for the macros copy_to_user and copy_from_user. It
took me quite some time to figure out why the ipc messages didn't work
as intended. I saw other code that could trigger this bug, so this might
help.

Carsten