On Tuesday 20 July 2010, Masayuki Ohtake wrote:
> > > @@ -147,6 +148,11 @@ static ssize_t i2cdev_read(struct file *file, char __user *buf, size_t count,
> > > if (tmp == NULL)
> > > return -ENOMEM;
> > >
> > > + if (copy_from_user(tmp, buf, count)) {
> > > + kfree(tmp);
> > > + return -EFAULT;
> > > + }
> > > +
> > > pr_debug("i2c-dev: i2c-%d reading %zu bytes.\n",
> > > iminor(file->f_path.dentry->d_inode), count);
> >
> >
> > A read function should not do copy_from_user, only copy_to_user.
> > If you are worried about returning invalid data from kernel space,
> > better use kzalloc instead of kmalloc to get the buffer.
>
> Our I2C HW has special mode.
> To control the mode, our i2c driver has copy_from_user.
That is a highly unusual interface and I would definitely not recommend doing
this. Please use an ioctl operation for anything that has both input and output
data.
Arnd
--
To unsubscribe from this list: send the line "unsubscribe linux-i2c" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
