patch-2.4.19 linux-2.4.19/fs/intermezzo/psdev.c
Next file: linux-2.4.19/fs/intermezzo/super.c
Previous file: linux-2.4.19/fs/intermezzo/kml.c
Back to the patch index
Back to the overall index
- Lines: 817
- Date:
Fri Aug 2 17:39:45 2002
- Orig file:
linux-2.4.18/fs/intermezzo/psdev.c
- Orig date:
Mon Feb 25 11:38:08 2002
diff -urN linux-2.4.18/fs/intermezzo/psdev.c linux-2.4.19/fs/intermezzo/psdev.c
@@ -46,6 +46,7 @@
#include <linux/init.h>
#include <linux/list.h>
#include <asm/io.h>
+#include <asm/ioctls.h>
#include <asm/segment.h>
#include <asm/system.h>
#include <asm/poll.h>
@@ -133,7 +134,6 @@
struct upc_req *tmp;
struct list_head *lh;
struct lento_down_hdr hdr;
- int error;
if ( ! (upccom = presto_psdev_f2u(file)) ) {
kdev_t dev = file->f_dentry->d_inode->i_rdev;
@@ -147,9 +147,8 @@
return -EINVAL;
}
- error = copy_from_user(&hdr, buf, sizeof(hdr));
- if ( error )
- return error;
+ if (copy_from_user(&hdr, buf, sizeof(hdr)))
+ return -EFAULT;
CDEBUG(D_PSDEV, "(process,opc,uniq)=(%d,%d,%d)\n",
current->pid, hdr.opcode, hdr.unique);
@@ -181,9 +180,8 @@
req->rq_bufsize, count, hdr.opcode, hdr.unique);
count = req->rq_bufsize; /* don't have more space! */
}
- error = copy_from_user(req->rq_data, buf, count);
- if ( error )
- return error;
+ if (copy_from_user(req->rq_data, buf, count))
+ return -EFAULT;
/* adjust outsize: good upcalls can be aware of this */
req->rq_rep_size = count;
@@ -276,16 +274,12 @@
struct readmount readmount;
struct readmount *user_readmount = (struct readmount *) arg;
char * tmp;
- int error;
+ int error = 0;
- error = copy_from_user(&readmount, (void *)arg,
- sizeof(readmount));
- if ( error ) {
- printk("psdev: can't copy %Zd bytes from %p to %p\n",
- sizeof(readmount), (struct readmount *) arg,
- &readmount);
+ if (copy_from_user(&readmount, (void *)arg, sizeof(readmount)))
+ {
EXIT;
- return error;
+ return -EFAULT;
}
len = readmount.io_len;
@@ -305,15 +299,16 @@
* I mean, let's let the compiler do a little work ...
* gcc suggested the extra ()
*/
- error = copy_to_user(readmount.io_string, tmp, outlen);
- if ( error ) {
+ if (copy_to_user(readmount.io_string, tmp, outlen)) {
CDEBUG(D_PSDEV, "Copy_to_user string 0x%p failed\n",
readmount.io_string);
+ error = -EFAULT;
}
- if ((!error) && (error = copy_to_user(&(user_readmount->io_len),
- &outlen, sizeof(int))) ) {
+ if (!error && copy_to_user(&(user_readmount->io_len),
+ &outlen, sizeof(int))) {
CDEBUG(D_PSDEV, "Copy_to_user len @0x%p failed\n",
&(user_readmount->io_len));
+ error = -EFAULT;
}
PRESTO_FREE(tmp, len);
@@ -355,13 +350,18 @@
char *path;
struct {
char *path;
- int path_len;
+ unsigned int path_len;
} input;
- error = copy_from_user(&input, (char *)arg, sizeof(input));
- if ( error ) {
+ if (copy_from_user(&input, (char *)arg, sizeof(input))) {
EXIT;
- return error;
+ return -EFAULT;
+ }
+
+ if(input.path_len > PATH_MAX)
+ {
+ EXIT;
+ return -EINVAL;
}
PRESTO_ALLOC(path, char *, input.path_len + 1);
@@ -369,11 +369,10 @@
EXIT;
return -ENOMEM;
}
- error = copy_from_user(path, input.path, input.path_len);
- if ( error ) {
+ if (copy_from_user(path, input.path, input.path_len)) {
PRESTO_FREE(path, input.path_len + 1);
EXIT;
- return error;
+ return -EFAULT;
}
path[input.path_len] = '\0';
CDEBUG(D_PSDEV, "clear_fsetroot: path %s\n", path);
@@ -396,13 +395,17 @@
char *path;
struct {
char *path;
- int path_len;
+ unsigned int path_len;
} input;
- error = copy_from_user(&input, (char *)arg, sizeof(input));
- if ( error ) {
+ if (copy_from_user(&input, (char *)arg, sizeof(input))) {
EXIT;
- return error;
+ return -EFAULT;
+ }
+
+ if(input.path_len > PATH_MAX) {
+ EXIT;
+ return -EINVAL;
}
PRESTO_ALLOC(path, char *, input.path_len + 1);
@@ -410,11 +413,10 @@
EXIT;
return -ENOMEM;
}
- error = copy_from_user(path, input.path, input.path_len);
- if ( error ) {
+ if (copy_from_user(path, input.path, input.path_len)) {
PRESTO_FREE(path, input.path_len + 1);
EXIT;
- return error;
+ return -EFAULT;
}
path[input.path_len] = '\0';
CDEBUG(D_PSDEV, "clear_all_fsetroot: path %s\n", path);
@@ -435,13 +437,17 @@
struct {
__u64 size;
char *path;
- int path_len;
+ unsigned int path_len;
} input;
- error = copy_from_user(&input, (char *)arg, sizeof(input));
- if ( error ) {
+ if (copy_from_user(&input, (char *)arg, sizeof(input))) {
EXIT;
- return error;
+ return -EFAULT;
+ }
+
+ if(input.path_len > PATH_MAX) {
+ EXIT;
+ return -EINVAL;
}
PRESTO_ALLOC(path, char *, input.path_len + 1);
@@ -449,11 +455,10 @@
EXIT;
return -ENOMEM;
}
- error = copy_from_user(path, input.path, input.path_len);
- if ( error ) {
+ if (copy_from_user(path, input.path, input.path_len)) {
PRESTO_FREE(path, input.path_len + 1);
EXIT;
- return error;
+ return -EFAULT;
}
path[input.path_len] = '\0';
CDEBUG(D_PSDEV, "get_kmlsize: len %d path %s\n",
@@ -472,7 +477,9 @@
CDEBUG(D_PSDEV, "get_kmlsize: size = %Zd\n", size);
EXIT;
- return copy_to_user((char *)arg, &input, sizeof(input));
+ if (copy_to_user((char *)arg, &input, sizeof(input)))
+ return -EFAULT;
+ return 0;
}
case PRESTO_GET_RECNO: {
@@ -483,13 +490,17 @@
struct {
__u64 recno;
char *path;
- int path_len;
+ unsigned int path_len;
} input;
- error = copy_from_user(&input, (char *)arg, sizeof(input));
- if ( error ) {
+ if (copy_from_user(&input, (char *)arg, sizeof(input))) {
EXIT;
- return error;
+ return -EFAULT;
+ }
+
+ if(input.path_len > PATH_MAX) {
+ EXIT;
+ return -EINVAL;
}
PRESTO_ALLOC(path, char *, input.path_len + 1);
@@ -497,11 +508,10 @@
EXIT;
return -ENOMEM;
}
- error = copy_from_user(path, input.path, input.path_len);
- if ( error ) {
+ if (copy_from_user(path, input.path, input.path_len)) {
PRESTO_FREE(path, input.path_len + 1);
EXIT;
- return error;
+ return -EFAULT;
}
path[input.path_len] = '\0';
CDEBUG(D_PSDEV, "get_recno: len %d path %s\n",
@@ -520,7 +530,9 @@
CDEBUG(D_PSDEV, "get_recno: recno = %d\n", (int) recno);
EXIT;
- return copy_to_user((char *)arg, &input, sizeof(input));
+ if (copy_to_user((char *)arg, &input, sizeof(input)))
+ return -EFAULT;
+ return 0;
}
case PRESTO_SET_FSETROOT: {
@@ -534,27 +546,36 @@
char *path;
struct {
char *path;
- int path_len;
+ unsigned int path_len;
char *name;
- int name_len;
+ unsigned int name_len;
int id;
int flags;
} input;
- error = copy_from_user(&input, (char *)arg, sizeof(input));
- if ( error ) {
+ if (copy_from_user(&input, (char *)arg, sizeof(input))) {
EXIT;
- return error;
+ return -EFAULT;
+ }
+
+ if(input.name_len > PATH_MAX) {
+ EXIT;
+ return -EINVAL;
}
+ if(input.path_len > PATH_MAX) {
+ EXIT;
+ return -EINVAL;
+ }
+
PRESTO_ALLOC(path, char *, input.path_len + 1);
if ( !path ) {
EXIT;
return -ENOMEM;
}
- error = copy_from_user(path, input.path, input.path_len);
- if ( error ) {
+ if (copy_from_user(path, input.path, input.path_len)) {
EXIT;
+ error = -EFAULT;
goto exit_free_path;
}
path[input.path_len] = '\0';
@@ -565,9 +586,9 @@
EXIT;
goto exit_free_path;
}
- error = copy_from_user(fsetname, input.name, input.name_len);
- if ( error ) {
+ if (copy_from_user(fsetname, input.name, input.name_len)) {
EXIT;
+ error = -EFAULT;
goto exit_free_fsetname;
}
fsetname[input.name_len] = '\0';
@@ -616,15 +637,14 @@
int dogetopt(int, struct psdev_opt *);
int minor = 0;
struct psdev_opt kopt;
+ int error = 0;
struct psdev_opt *user_opt = (struct psdev_opt *) arg;
- int error;
- error = copy_from_user(&kopt, (void *)arg, sizeof(kopt));
- if ( error ) {
+ if (copy_from_user(&kopt, (void *)arg, sizeof(kopt))) {
printk("psdev: can't copyin %Zd bytes from %p to %p\n",
sizeof(kopt), (struct kopt *) arg, &kopt);
EXIT;
- return error;
+ return -EFAULT;
}
minor = MINOR(dev);
if (cmd == PRESTO_SETOPT)
@@ -648,12 +668,11 @@
return error;
}
- error = copy_to_user(user_opt, &kopt, sizeof(kopt));
- if ( error ) {
+ if (copy_to_user(user_opt, &kopt, sizeof(kopt))) {
CDEBUG(D_PSDEV, "Copy_to_user opt 0x%p failed\n",
user_opt);
EXIT;
- return error;
+ return -EFAULT;
}
CDEBUG(D_PSDEV, "dosetopt minor %d, opt %d, val %d return %d\n",
minor, kopt.optname, kopt.optval, error);
@@ -666,10 +685,9 @@
struct lento_input_attr input;
struct iattr iattr;
- error = copy_from_user(&input, (char *)arg, sizeof(input));
- if ( error ) {
+ if (copy_from_user(&input, (char *)arg, sizeof(input))) {
EXIT;
- return error;
+ return -EFAULT;
}
iattr.ia_valid = input.valid;
iattr.ia_mode = (umode_t)input.mode;
@@ -690,10 +708,9 @@
int error;
struct lento_input_mode input;
- error = copy_from_user(&input, (char *)arg, sizeof(input));
- if ( error ) {
+ if (copy_from_user(&input, (char *)arg, sizeof(input))) {
EXIT;
- return error;
+ return -EFAULT;
}
error = lento_create(input.name, input.mode, &input.info);
@@ -705,10 +722,9 @@
int error;
struct lento_input_old_new input;
- error = copy_from_user(&input, (char *)arg, sizeof(input));
- if ( error ) {
+ if (copy_from_user(&input, (char *)arg, sizeof(input))) {
EXIT;
- return error;
+ return -EFAULT;
}
error = lento_link(input.oldname, input.newname, &input.info);
@@ -720,10 +736,9 @@
int error;
struct lento_input input;
- error = copy_from_user(&input, (char *)arg, sizeof(input));
- if ( error ) {
+ if (copy_from_user(&input, (char *)arg, sizeof(input))) {
EXIT;
- return error;
+ return -EFAULT;
}
error = lento_unlink(input.name, &input.info);
@@ -735,10 +750,9 @@
int error;
struct lento_input_old_new input;
- error = copy_from_user(&input, (char *)arg, sizeof(input));
- if ( error ) {
+ if (copy_from_user(&input, (char *)arg, sizeof(input))) {
EXIT;
- return error;
+ return -EFAULT;
}
error = lento_symlink(input.oldname, input.newname,&input.info);
@@ -750,10 +764,9 @@
int error;
struct lento_input_mode input;
- error = copy_from_user(&input, (char *)arg, sizeof(input));
- if ( error ) {
+ if (copy_from_user(&input, (char *)arg, sizeof(input))) {
EXIT;
- return error;
+ return -EFAULT;
}
error = lento_mkdir(input.name, input.mode, &input.info);
@@ -765,10 +778,9 @@
int error;
struct lento_input input;
- error = copy_from_user(&input, (char *)arg, sizeof(input));
- if ( error ) {
+ if (copy_from_user(&input, (char *)arg, sizeof(input))) {
EXIT;
- return error;
+ return -EFAULT;
}
error = lento_rmdir(input.name, &input.info);
@@ -780,10 +792,9 @@
int error;
struct lento_input_dev input;
- error = copy_from_user(&input, (char *)arg, sizeof(input));
- if ( error ) {
+ if (copy_from_user(&input, (char *)arg, sizeof(input))) {
EXIT;
- return error;
+ return -EFAULT;
}
error = lento_mknod(input.name, input.mode,
@@ -796,10 +807,9 @@
int error;
struct lento_input_old_new input;
- error = copy_from_user(&input, (char *)arg, sizeof(input));
- if ( error ) {
+ if (copy_from_user(&input, (char *)arg, sizeof(input))) {
EXIT;
- return error;
+ return -EFAULT;
}
error = lento_rename(input.oldname, input.newname, &input.info);
@@ -815,30 +825,27 @@
char *name;
char *buffer;
- error = copy_from_user(&input, (char *)arg, sizeof(input));
- if ( error ) {
+ if (copy_from_user(&input, (char *)arg, sizeof(input))) {
EXIT;
- return error;
+ return -EFAULT;
}
/* Now setup the input parameters */
PRESTO_ALLOC(name, char *, input.name_len+1);
/* We need null terminated strings for attr names */
name[input.name_len] = '\0';
- error=copy_from_user(name, input.name, input.name_len);
- if ( error ) {
+ if (copy_from_user(name, input.name, input.name_len)) {
EXIT;
PRESTO_FREE(name,input.name_len+1);
- return error;
+ return -EFAULT;
}
PRESTO_ALLOC(buffer, char *, input.buffer_len+1);
- error=copy_from_user(buffer, input.buffer, input.buffer_len);
- if ( error ) {
+ if (copy_from_user(buffer, input.buffer, input.buffer_len)) {
EXIT;
PRESTO_FREE(name,input.name_len+1);
PRESTO_FREE(buffer,input.buffer_len+1);
- return error;
+ return -EFAULT;
}
/* Make null terminated for easy printing */
buffer[input.buffer_len]='\0';
@@ -867,21 +874,19 @@
struct lento_input_ext_attr input;
char *name;
- error = copy_from_user(&input, (char *)arg, sizeof(input));
- if ( error ) {
+ if (copy_from_user(&input, (char *)arg, sizeof(input))) {
EXIT;
- return error;
+ return -EFAULT;
}
/* Now setup the input parameters */
PRESTO_ALLOC(name, char *, input.name_len+1);
/* We need null terminated strings for attr names */
name[input.name_len] = '\0';
- error=copy_from_user(name, input.name, input.name_len);
- if ( error ) {
+ if (copy_from_user(name, input.name, input.name_len)) {
EXIT;
PRESTO_FREE(name,input.name_len+1);
- return error;
+ return -EFAULT;
}
CDEBUG(D_PSDEV," delextattr params: name %s,"
@@ -903,12 +908,10 @@
case PRESTO_VFS_IOPEN: {
struct lento_input_iopen input;
- int error;
- error = copy_from_user(&input, (char *)arg, sizeof(input));
- if ( error ) {
+ if (copy_from_user(&input, (char *)arg, sizeof(input))) {
EXIT;
- return error;
+ return -EFAULT;
}
input.fd = lento_iopen(input.name, (ino_t)input.ino,
@@ -919,17 +922,18 @@
return input.fd;
}
EXIT;
- return copy_to_user((char *)arg, &input, sizeof(input));
+ if (copy_to_user((char *)arg, &input, sizeof(input)))
+ return -EFAULT;
+ return 0;
}
case PRESTO_VFS_CLOSE: {
int error;
struct lento_input_close input;
- error = copy_from_user(&input, (char *)arg, sizeof(input));
- if ( error ) {
+ if (copy_from_user(&input, (char *)arg, sizeof(input))) {
EXIT;
- return error;
+ return -EFAULT;
}
CDEBUG(D_PIOCTL, "lento_close file descriptor: %d\n", input.fd);
@@ -940,7 +944,6 @@
case PRESTO_BACKFETCH_LML: {
char *user_path;
- int error;
struct lml_arg {
char *path;
__u32 path_len;
@@ -950,11 +953,16 @@
struct presto_version remote_file_version;
} input;
- error = copy_from_user(&input, (char *)arg, sizeof(input));
- if ( error ) {
+ if (copy_from_user(&input, (char *)arg, sizeof(input))) {
EXIT;
- return error;
+ return -EFAULT;
+ }
+
+ if(input.path_len > PATH_MAX) {
+ EXIT;
+ return -EINVAL;
}
+
user_path = input.path;
PRESTO_ALLOC(input.path, char *, input.path_len + 1);
@@ -962,11 +970,10 @@
EXIT;
return -ENOMEM;
}
- error = copy_from_user(input.path, user_path, input.path_len);
- if ( error ) {
+ if (copy_from_user(input.path, user_path, input.path_len)) {
EXIT;
PRESTO_FREE(input.path, input.path_len + 1);
- return error;
+ return -EFAULT;
}
input.path[input.path_len] = '\0';
@@ -983,7 +990,6 @@
case PRESTO_CANCEL_LML: {
char *user_path;
- int error;
struct lml_arg {
char *path;
__u64 lml_offset;
@@ -994,11 +1000,16 @@
struct lento_vfs_context info;
} input;
- error = copy_from_user(&input, (char *)arg, sizeof(input));
- if ( error ) {
+ if (copy_from_user(&input, (char *)arg, sizeof(input))) {
EXIT;
- return error;
+ return -EFAULT;
}
+
+ if(input.path_len > PATH_MAX) {
+ EXIT;
+ return -EINVAL;
+ }
+
user_path = input.path;
PRESTO_ALLOC(input.path, char *, input.path_len + 1);
@@ -1006,11 +1017,10 @@
EXIT;
return -ENOMEM;
}
- error = copy_from_user(input.path, user_path, input.path_len);
- if ( error ) {
+ if (copy_from_user(input.path, user_path, input.path_len)) {
EXIT;
PRESTO_FREE(input.path, input.path_len + 1);
- return error;
+ return -EFAULT;
}
input.path[input.path_len] = '\0';
@@ -1033,11 +1043,16 @@
__u32 path_len;
} input;
- error = copy_from_user(&input, (char *)arg, sizeof(input));
- if ( error ) {
+ if (copy_from_user(&input, (char *)arg, sizeof(input))) {
EXIT;
- return error;
+ return -EFAULT;
}
+
+ if(input.path_len > PATH_MAX) {
+ EXIT;
+ return -EINVAL;
+ }
+
user_path = input.path;
PRESTO_ALLOC(input.path, char *, input.path_len + 1);
@@ -1045,11 +1060,10 @@
EXIT;
return -ENOMEM;
}
- error = copy_from_user(input.path, user_path, input.path_len);
- if ( error ) {
+ if (copy_from_user(input.path, user_path, input.path_len)) {
EXIT;
PRESTO_FREE(input.path, input.path_len + 1);
- return error;
+ return -EFAULT;
}
input.path[input.path_len] = '\0';
@@ -1062,7 +1076,6 @@
case PRESTO_RESET_FSET: {
char *user_path;
- int error;
struct lml_arg {
char *path;
__u32 path_len;
@@ -1070,11 +1083,16 @@
__u32 recno;
} input;
- error = copy_from_user(&input, (char *)arg, sizeof(input));
- if ( error ) {
+ if (copy_from_user(&input, (char *)arg, sizeof(input))) {
EXIT;
- return error;
+ return -EFAULT;
+ }
+
+ if(input.path_len > PATH_MAX) {
+ EXIT;
+ return -EINVAL;
}
+
user_path = input.path;
PRESTO_ALLOC(input.path, char *, input.path_len + 1);
@@ -1082,11 +1100,10 @@
EXIT;
return -ENOMEM;
}
- error = copy_from_user(input.path, user_path, input.path_len);
- if ( error ) {
+ if (copy_from_user(input.path, user_path, input.path_len)) {
EXIT;
PRESTO_FREE(input.path, input.path_len + 1);
- return error;
+ return -EFAULT;
}
input.path[input.path_len] = '\0';
@@ -1105,15 +1122,20 @@
int mark_what;
int and_flag;
int or_flag;
- int path_len;
+ unsigned int path_len;
char *path;
} input;
- error = copy_from_user(&input, (char *)arg, sizeof(input));
- if ( error ) {
+ if (copy_from_user(&input, (char *)arg, sizeof(input))) {
EXIT;
- return error;
+ return -EFAULT;
+ }
+
+ if(input.path_len > PATH_MAX) {
+ EXIT;
+ return -EINVAL;
}
+
user_path = input.path;
PRESTO_ALLOC(input.path, char *, input.path_len + 1);
@@ -1121,11 +1143,10 @@
EXIT;
return -ENOMEM;
}
- error = copy_from_user(input.path, user_path, input.path_len);
- if ( error ) {
+ if (copy_from_user(input.path, user_path, input.path_len)) {
EXIT;
PRESTO_FREE(input.path, input.path_len + 1);
- return error;
+ return -EFAULT;
}
input.path[input.path_len] = '\0';
@@ -1188,7 +1209,9 @@
}
/* return the correct cookie to wait for */
input.mark_what = res;
- return copy_to_user((char *)arg, &input, sizeof(input));
+ if (copy_to_user((char *)arg, &input, sizeof(input)))
+ return -EFAULT;
+ return 0;
}
#ifdef CONFIG_KREINT
@@ -1205,15 +1228,19 @@
char *user_path;
struct {
int cookie;
- int path_len;
+ unsigned int path_len;
char *path;
} permit;
- error = copy_from_user(&permit, (char *)arg, sizeof(permit));
- if ( error ) {
+ if (copy_from_user(&permit, (char *)arg, sizeof(permit))) {
EXIT;
- return error;
- }
+ return -EFAULT;
+ }
+
+ if(permit.path_len > PATH_MAX) {
+ EXIT;
+ return -EINVAL;
+ }
user_path = permit.path;
PRESTO_ALLOC(permit.path, char *, permit.path_len + 1);
@@ -1221,11 +1248,10 @@
EXIT;
return -ENOMEM;
}
- error = copy_from_user(permit.path, user_path, permit.path_len);
- if ( error ) {
+ if (copy_from_user(permit.path, user_path, permit.path_len)) {
EXIT;
PRESTO_FREE(permit.path, permit.path_len + 1);
- return error;
+ return -EFAULT;
}
permit.path[permit.path_len] = '\0';
@@ -1239,7 +1265,9 @@
return error;
}
/* return the correct cookie to wait for */
- return copy_to_user((char *)arg, &permit, sizeof(permit));
+ if (copy_to_user((char *)arg, &permit, sizeof(permit)))
+ return -EFAULT;
+ return 0;
}
default:
FUNET's LINUX-ADM group, linux-adm@nic.funet.fi
TCL-scripts by Sam Shen (who was at: slshen@lbl.gov)