From: Andrew Morton, and me (I did a first fix for 2.6 and sent to him, he
checked everything and committed it and I changed the trivial bits for 2.4 +
did a little fix).
- remove unused `file *' arg from do_write_mem()
- Add checking for copy_from_user() failures in do_write_mem()
(Note: /dev/kmem can be written to only by root, so this *cannot* have
security implications)
- Return correct value from kmem writes() when a fault is encountered. A
write()-style syscall's return values are:
0 when nothing was written and there was no error (someone tried to
write zero bytes)
>0: the number of bytes copied, whether or not there was an error.
Userspace detects errors by noting that the write() return value is less
than was requested.
<0: there was an error and no bytes were copied
- Fix this line:
+ unwritten = copy_from_user(kbuf, buf, len);
+ if (unwritten != len) {
to this:
+ unwritten = copy_from_user(kbuf, buf, len);
+ if (unwritten != 0) {
TODO: Do the same changes for read_mem() and read_kmem(). The code is more
messy so I must create do_read_mem() to avoid clumsy counting; I have posted
the patch first for 2.6, when it is accepted I'll backport it.
--
Paolo Giarrusso, aka Blaisorblade
Linux registered user n. 292729