The attached file shows that the kernel thinks it's doing something helpful by checking the length of the input buffer for a read(). It will return "Bad Address" until the length is 1632 bytes. Apparently the kernel thinks 1632 is a good length!
Likely because only 1632 bytes of memory is accessible after the start of the buf buffer, and trying to read in more than that results in copy_to_user failing to write some data.
Did anybody consider the overhead necessary to do this and the fact that the kernel has no way of knowing if the pointer to the buffer is valid until it actually does the write. What was wrong with copy_to_user()? Why is there the additional bogus check?
What additional check?
-- Robert Hancock Saskatoon, SK, Canada To email, remove "nospam" from [EMAIL PROTECTED] Home Page: http://www.roberthancock.com/
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
