On 7/11/2012 11:32 AM, Will Deacon wrote:
> The msgsnd and msgrcv system calls use size_t to represent the size of
> the message being transferred. POSIX states that values of msgsz greater
> than SSIZE_MAX cause the result to be implementation-defined. On Linux,
> this equates to returning -EINVAL if (long) msgsz < 0.
>
> For compat tasks where !CONFIG_ARCH_WANT_OLD_COMPAT_IPC and
> compat_size_t is smaller than size_t, negative size values passed from
> userspace will be interpreted as positive values by do_msg{rcv,snd} and
> will fail to exit early with -EINVAL.
>
> This patch changes the compat prototypes for msg{rcv,snd} so that the
> message size is represented as a compat_ssize_t, which we cast to the
> native ssize_t type for the core IPC code.
>
> Cc: Arnd Bergmann <arnd@xxxxxxxx>
> Acked-by: Catalin Marinas <catalin.marinas@xxxxxxx>
> Signed-off-by: Will Deacon <will.deacon@xxxxxxx>
> ---
> include/linux/compat.h | 4 ++--
> ipc/compat.c | 8 ++++----
> 2 files changed, 6 insertions(+), 6 deletions(-)
Acked-by: Chris Metcalf <cmetcalf@xxxxxxxxxx>
--
Chris Metcalf, Tilera Corp.
http://www.tilera.com
--
To unsubscribe from this list: send the line "unsubscribe linux-arch" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
