On 18/07/2020 00:46, Valdis Klētnieks wrote: > On Fri, 17 Jul 2020 02:13:34 +0200, Richard Sailer said: > >> unsigned long. Is this (correctness and security wise) sane? Because as >> I understand it put_user() determines the amount it copies from the >> pointer type. > >> rc = put_user(amount, (int __user *)arg); > > If that were true, you wouldn't need to pass the 'amount' variable.... > Hmm, that would make no sense to me. arg is a pointer to user space memory, put_user would still need the value to copy to that memory. And my understanding of put_user() comes from its definition in uaccess.h: #define put_user(x, ptr) \ ({ \ int __ret_pu; \ __typeof__(*(ptr)) __pu_val; \ __chk_user_ptr(ptr); \ might_fault(); \ __pu_val = x; \ switch (sizeof(*(ptr))) { \ case 1: \ __put_user_x(1, __pu_val, ptr, __ret_pu); \ break; \ case 2: \ __put_user_x(2, __pu_val, ptr, __ret_pu); \ break; \ case 4: \ __put_user_x(4, __pu_val, ptr, __ret_pu); \ break; \ case 8: \ __put_user_x8(__pu_val, ptr, __ret_pu); \ break; \ [...] But please tell me if I got anything wrong here, I'm still not 100% sure -- Richard
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Kernelnewbies mailing list Kernelnewbies@xxxxxxxxxxxxxxxxx https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies