>>>>> On Mon, 30 Apr 2001 00:44:57 -0300, Ralf Baechle <ralf@oss.sgi.com> said:
>> The attached patch fixes a problem with shm ipc. The structs
>> ipc_perm in /u/i/bits/ipc.h and ipc64_perm in include/asm/ipcbuf.h
>> had different sizes and so caused the copy_shminfo_to_user in
>> ipc/shm.c to corrupt user space(the kernel structure was 8 bytes
>> larger).
>> ...
ralf> Thanks for the report. Now, the kernel interface is what it is
ralf> supposed to be so you patch was unacceptable. Instead I've sent
ralf> below patch to to the libc maintainers for inclusion. Also for
ralf> semaphores we also had a structure missmatch.
There is still a structure mismatch between msqid_ds (in libc's
bits/msq.h) and msqid64_ds (in kernel's asm-mips/msgbuf.h).
Here is a patch to fix kernel's header, but I can not tell which one
should be fixed.
---
Atsushi Nemoto
--- linux/include/asm-mips/msgbuf.h:1.1.1.1 Fri Jul 6 11:22:16 2001
+++ linux/include/asm-mips/msgbuf.h Thu Jul 26 12:13:43 2001
@@ -2,7 +2,7 @@
#define _ASM_MSGBUF_H
/*
- * The msqid64_ds structure for alpha architecture.
+ * The msqid64_ds structure for MIPS architecture.
* Note extra padding because this structure is passed back and forth
* between kernel and user space.
*
@@ -13,15 +13,18 @@
struct msqid64_ds {
struct ipc64_perm msg_perm;
__kernel_time_t msg_stime; /* last msgsnd time */
+ unsigned long int __unused1;
__kernel_time_t msg_rtime; /* last msgrcv time */
+ unsigned long int __unused2;
__kernel_time_t msg_ctime; /* last change time */
+ unsigned long int __unused3;
unsigned long msg_cbytes; /* current number of bytes on queue */
unsigned long msg_qnum; /* number of messages in queue */
unsigned long msg_qbytes; /* max number of bytes on queue */
__kernel_pid_t msg_lspid; /* pid of last msgsnd */
__kernel_pid_t msg_lrpid; /* last receive pid */
- unsigned long __unused1;
- unsigned long __unused2;
+ unsigned long __unused4;
+ unsigned long __unused5;
};
#endif /* _ASM_MSGBUF_H */
