From: Takuya Yoshikawa Date: Thu, 27 May 2010 10:01:58 +0000 (+0900) Subject: vhost-net: fix to check the return value of copy_to/from_user() correctly X-Git-Tag: v2.6.35-rc1~24^2~11 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=d3553a52490dcac54f45083f8fa018e26c22e947;p=platform%2Fkernel%2Flinux-3.10.git vhost-net: fix to check the return value of copy_to/from_user() correctly copy_to/from_user() returns the number of bytes that could not be copied. So we need to check if it is not zero, and in that case, we should return the error number -EFAULT rather than directly return the return value from copy_to/from_user(). Signed-off-by: Takuya Yoshikawa Signed-off-by: Michael S. Tsirkin --- diff --git a/drivers/vhost/net.c b/drivers/vhost/net.c index aa88911c..0f41c91 100644 --- a/drivers/vhost/net.c +++ b/drivers/vhost/net.c @@ -593,17 +593,17 @@ static long vhost_net_ioctl(struct file *f, unsigned int ioctl, int r; switch (ioctl) { case VHOST_NET_SET_BACKEND: - r = copy_from_user(&backend, argp, sizeof backend); - if (r < 0) - return r; + if (copy_from_user(&backend, argp, sizeof backend)) + return -EFAULT; return vhost_net_set_backend(n, backend.index, backend.fd); case VHOST_GET_FEATURES: features = VHOST_FEATURES; - return copy_to_user(featurep, &features, sizeof features); + if (copy_to_user(featurep, &features, sizeof features)) + return -EFAULT; + return 0; case VHOST_SET_FEATURES: - r = copy_from_user(&features, featurep, sizeof features); - if (r < 0) - return r; + if (copy_from_user(&features, featurep, sizeof features)) + return -EFAULT; if (features & ~VHOST_FEATURES) return -EOPNOTSUPP; return vhost_net_set_features(n, features);