I have an small program. In this program, a pointer to struct data (in user
space) is received in function make_local_copy (in kernel) using ioctl. In
function make_local_copy, I want to make a local copy using copy_from_usr. I
think, accessing p_usr_data->p_len in second call to copy_from_usr in this
program is incorrect. Can someone confirm it?
struct data {
int len;
int *p_len;
};
struct data* make_local_copy(unsigned long arg) {
struct data *p_usr_data = (struct data*)arg;
struct data *p_kernel_data =
(struct data*) kmalloc(sizeof(struct data), GFP_KERNEL);
copy_from_usr(p_kernel_data, p_usr_data, sizeof(*p_usr_data));
p_kernel_data->p_len =
(int*) kmalloc(p_kernel_data->len, GFP_KERNEL);
copy_from_usr(p_kernel_data->p_len,
p_usr_data->p_len, p_kernel_data->len);
/* ^^^^^^^^^^^^^ */
return p_kernel_data;
}
Regards
Mohanlal
--
Kernelnewbies: Help each other learn about the Linux kernel.
Archive: http://mail.nl.linux.org/kernelnewbies/
FAQ: http://kernelnewbies.org/faq/
