Good job fixing the bug. :) My one concern would be that in set_name() there is a race caused by dropping the lock. It would be better to do that copy_from_user() first, before taking the lock. I don't expect this to actually be a problem in real life.
+ /* + * Local variable to hold the name copied from user space + * This variable is approx of size 270 bytes, not huge + */ + char local_name[ASHMEM_NAME_LEN]; These obvious comments are not needed. We trust you do not overflow the stack. ;) Also it's checked automatically during build. Looks good generally. regards, dan carpenter _______________________________________________ devel mailing list [email protected] http://driverdev.linuxdriverproject.org/mailman/listinfo/devel
