Re: [PATCH 1/2] vfio/fsl-mc: return -EFAULT if copy_to_user() fails

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 23 Oct 2020 14:34:50 +0300
Dan Carpenter <dan.carpenter@xxxxxxxxxx> wrote:

> The copy_to_user() function returns the number of bytes remaining to be
> copied, but this code should return -EFAULT.
> 
> Fixes: df747bcd5b21 ("vfio/fsl-mc: Implement VFIO_DEVICE_GET_REGION_INFO ioctl call")
> Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
> ---
>  drivers/vfio/fsl-mc/vfio_fsl_mc.c | 8 ++++++--
>  1 file changed, 6 insertions(+), 2 deletions(-)

Applied this and the following patch to vfio for-linus branch with
Diana's acks for v5.10.  Thanks,

Alex


> diff --git a/drivers/vfio/fsl-mc/vfio_fsl_mc.c b/drivers/vfio/fsl-mc/vfio_fsl_mc.c
> index 0113a980f974..21f22e3da11f 100644
> --- a/drivers/vfio/fsl-mc/vfio_fsl_mc.c
> +++ b/drivers/vfio/fsl-mc/vfio_fsl_mc.c
> @@ -248,7 +248,9 @@ static long vfio_fsl_mc_ioctl(void *device_data, unsigned int cmd,
>  		info.size = vdev->regions[info.index].size;
>  		info.flags = vdev->regions[info.index].flags;
>  
> -		return copy_to_user((void __user *)arg, &info, minsz);
> +		if (copy_to_user((void __user *)arg, &info, minsz))
> +			return -EFAULT;
> +		return 0;
>  	}
>  	case VFIO_DEVICE_GET_IRQ_INFO:
>  	{
> @@ -267,7 +269,9 @@ static long vfio_fsl_mc_ioctl(void *device_data, unsigned int cmd,
>  		info.flags = VFIO_IRQ_INFO_EVENTFD;
>  		info.count = 1;
>  
> -		return copy_to_user((void __user *)arg, &info, minsz);
> +		if (copy_to_user((void __user *)arg, &info, minsz))
> +			return -EFAULT;
> +		return 0;
>  	}
>  	case VFIO_DEVICE_SET_IRQS:
>  	{




[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux