On Tue, May 8, 2018 at 6:46 AM, Hans de Goede wrote:
> Hi Wenwen,
>
> On 06-05-18 05:30, Wenwen Wang wrote:
>>
>> In vbg_misc_device_ioctl(), the header of the ioctl argument is copied
>> from
>> the userspace pointer 'arg' and saved to the kernel object 'hdr'. Then the
>> 'version', 'size_in', an
Hi Wenwen,
On 06-05-18 05:30, Wenwen Wang wrote:
In vbg_misc_device_ioctl(), the header of the ioctl argument is copied from
the userspace pointer 'arg' and saved to the kernel object 'hdr'. Then the
'version', 'size_in', and 'size_out' fields of 'hdr' are verified. For
example, if 'hdr.version'
In vbg_misc_device_ioctl(), the header of the ioctl argument is copied from
the userspace pointer 'arg' and saved to the kernel object 'hdr'. Then the
'version', 'size_in', and 'size_out' fields of 'hdr' are verified. For
example, if 'hdr.version' is not VBG_IOCTL_HDR_VERSION, an error code
-EINVAL
3 matches
Mail list logo
