Maybe talking through the top of my hat , however -
copy_from_user and copy_to_user are used all over the place and the
return tested to see if an EFAULT should be generated.
Looking at include/asm-i386/uaccess.h and arch/i386/lib/usercopy.c
I don't see how these return anything but the 3rd (length) param.
Margit
On Tue, 2002-12-17 at 10:42, Margit Schubert-While wrote:
> Maybe talking through the top of my hat , however -
> copy_from_user and copy_to_user are used all over the place and the
> return tested to see if an EFAULT should be generated.
> Looking at include/asm-i386/uaccess.h and arch/i386/lib/usercopy.c
> I don't see how these return anything but the 3rd (length) param.
Kernel glibly copies data until a exception occurs, when that happens it
looks at the address of the faulting instruction and jumps to some fixup
code, which somehow makes the function returns the truncated value.
grep for ".section .fixup" and ".section .__ex_table." in those files.
--
// Gianni Tedesco (gianni at ecsc dot co dot uk)
lynx --source http://www.scaramanga.co.uk/gianni-at-ecsc.asc | gpg --import
8646BE7D: 6D9F 2287 870E A2C9 8F60 3A3C 91B5 7669 8646 BE7D
On 17 Dec 2002, Gianni Tedesco wrote:
> On Tue, 2002-12-17 at 10:42, Margit Schubert-While wrote:
> > Maybe talking through the top of my hat , however -
> > copy_from_user and copy_to_user are used all over the place and the
> > return tested to see if an EFAULT should be generated.
> > Looking at include/asm-i386/uaccess.h and arch/i386/lib/usercopy.c
> > I don't see how these return anything but the 3rd (length) param.
>
> Kernel glibly copies data until a exception occurs, when that happens it
> looks at the address of the faulting instruction and jumps to some fixup
> code, which somehow makes the function returns the truncated value.
>
> grep for ".section .fixup" and ".section .__ex_table." in those files.
>
The 'somehow' is that ecx contains the count which is decremented
until the exception occurs. So, the return value (in eax) is the
remaining count. If no exception occurs, then it will be zero.
Cheers,
Dick Johnson
Penguin : Linux version 2.4.18 on an i686 machine (797.90 BogoMips).
Why is the government concerned about the lunatic fringe? Think about it.