Re: [PATCH for-4.5] vfio: fix ioctl error handling

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Feb 25, 2016 at 01:34:43PM +0200, Michael S. Tsirkin wrote:
> Calling return copy_to_user(...) in an ioctl will not
> do the right thing if there's a pagefault:
> copy_to_user returns the number of bytes not copied
> in this case.
> 
> Fix up vfio to do
> 	if (copy_to_user(...))
> 		return -EFAULT;
> 
> everywhere.
> 
> Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>

Heh.  I don't exactly deserve this credit.

I have updated Smatch to check for this (will push next week probably).
I wouldn't have caught the issues in vfio_platform_common.c because
that's ARM only.

regards,
dan carpenter

--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]