cmtp: fix compat_ioctl · tjh.dev/kernel@89c0c24

tjh.dev / kernel

fork atom

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

fork atom

cmtp: fix compat_ioctl

Use compat_ptr(). And don't mess with fs/compat_ioctl.c

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

Al Viro 7 years ago 89c0c24b cc04f6e2

+12 -16

2 changed files

expand all

compat_ioctl.c

net

bluetooth

cmtp

sock.c

-9

fs/compat_ioctl.c

··· 534 534 #define HCIUARTSETFLAGS _IOW('U', 203, int) 535 535 #define HCIUARTGETFLAGS _IOR('U', 204, int) 536 536 537 - #define CMTPCONNADD _IOW('C', 200, int) 538 - #define CMTPCONNDEL _IOW('C', 201, int) 539 - #define CMTPGETCONNLIST _IOR('C', 210, int) 540 - #define CMTPGETCONNINFO _IOR('C', 211, int) 541 - 542 537 #define HIDPCONNADD _IOW('H', 200, int) 543 538 #define HIDPCONNDEL _IOW('H', 201, int) 544 539 #define HIDPGETCONNLIST _IOR('H', 210, int) ··· 1085 1090 COMPATIBLE_IOCTL(RFCOMMGETDEVLIST) 1086 1091 COMPATIBLE_IOCTL(RFCOMMGETDEVINFO) 1087 1092 COMPATIBLE_IOCTL(RFCOMMSTEALDLC) 1088 - COMPATIBLE_IOCTL(CMTPCONNADD) 1089 - COMPATIBLE_IOCTL(CMTPCONNDEL) 1090 - COMPATIBLE_IOCTL(CMTPGETCONNLIST) 1091 - COMPATIBLE_IOCTL(CMTPGETCONNINFO) 1092 1093 COMPATIBLE_IOCTL(HIDPCONNADD) 1093 1094 COMPATIBLE_IOCTL(HIDPCONNDEL) 1094 1095 COMPATIBLE_IOCTL(HIDPGETCONNLIST)

+12 -7

net/bluetooth/cmtp/sock.c

··· 63 63 return 0; 64 64 } 65 65 66 - static int cmtp_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) 66 + static int do_cmtp_sock_ioctl(struct socket *sock, unsigned int cmd, void __user *argp) 67 67 { 68 68 struct cmtp_connadd_req ca; 69 69 struct cmtp_conndel_req cd; 70 70 struct cmtp_connlist_req cl; 71 71 struct cmtp_conninfo ci; 72 72 struct socket *nsock; 73 - void __user *argp = (void __user *)arg; 74 73 int err; 75 74 76 - BT_DBG("cmd %x arg %lx", cmd, arg); 75 + BT_DBG("cmd %x arg %p", cmd, argp); 77 76 78 77 switch (cmd) { 79 78 case CMTPCONNADD: ··· 136 137 return -EINVAL; 137 138 } 138 139 140 + static int cmtp_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) 141 + { 142 + return do_cmtp_sock_ioctl(sock, cmd, (void __user *)arg); 143 + } 144 + 139 145 #ifdef CONFIG_COMPAT 140 146 static int cmtp_sock_compat_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) 141 147 { 148 + void __user *argp = compat_ptr(arg); 142 149 if (cmd == CMTPGETCONNLIST) { 143 150 struct cmtp_connlist_req cl; 151 + u32 __user *p = argp; 144 152 u32 uci; 145 153 int err; 146 154 147 - if (get_user(cl.cnum, (u32 __user *) arg) || 148 - get_user(uci, (u32 __user *) (arg + 4))) 155 + if (get_user(cl.cnum, p) || get_user(uci, p + 1)) 149 156 return -EFAULT; 150 157 151 158 cl.ci = compat_ptr(uci); ··· 161 156 162 157 err = cmtp_get_connlist(&cl); 163 158 164 - if (!err && put_user(cl.cnum, (u32 __user *) arg)) 159 + if (!err && put_user(cl.cnum, p)) 165 160 err = -EFAULT; 166 161 167 162 return err; 168 163 } 169 164 170 - return cmtp_sock_ioctl(sock, cmd, arg); 165 + return do_cmtp_sock_ioctl(sock, cmd, argp); 171 166 } 172 167 #endif 173 168