On Mon, Aug 6, 2012 at 2:12 PM, Tabi Timur-B04825 <b04825@xxxxxxxxxxxxx> wrote: > On Mon, Jul 30, 2012 at 3:15 AM, Tiejun Chen <tiejun.chen@xxxxxxxxxxxxx> wrote: >> We miss that correct WDIOC_GETSUPPORT return path when perform >> copy_to_user() properly. > > Thanks for catching this. I'm amazed that this driver still has bugs like this. While you're at it, I found a few related bugs. Can you fix these, also? 1. case WDIOC_SETOPTIONS: if (get_user(tmp, p)) return -EINVAL; This should return -EFAULT. 2. case WDIOC_GETBOOTSTATUS: /* XXX: something is clearing TSR */ tmp = mfspr(SPRN_TSR) & TSR_WRS(3); /* returns CARDRESET if last reset was caused by the WDT */ return (tmp ? WDIOF_CARDRESET : 0); This should use put_user() to return the value, instead of returning it as a return code. You can title the new patch something like, "booke/wdt: some ioctls do not return values properly" -- Timur Tabi Linux kernel developer at Freescale -- To unsubscribe from this list: send the line "unsubscribe linux-watchdog" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
