mii ioctls , copy_to/from_user?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello all,

I've written a program that uses SIOCGMIIREG to query
various mii interfaces on my board. 
I'm using kernel 2.6.23

I set the ifru_data up like this in user space

#include <linux/mii.h> // The user side if.h
struct mii_ioctl_data mii;
mii.phy_addr=myphy;
mii.reg_num=myreg;
ifr.ifru_data=(__caddr_t)&mii;

as according to my libc (uclibc) <net/if.h> that is what ifr_data is.
Then call the ioctl.

This doesn't work. I get garbage in the ifr_data used by the network
driver.

If I add a copy_from/to_user around the call to generic_mii_ioctl, then
it works. My driver isn't in the main kernel it is at stlinux.org
but the ioctl function is the same as many in main tree, pcnet32_ioctl()
for example.

mii-tool works without me patching the driver.

mii-tool sets the ioctl up like this.

#include "mii.h" // it's own mmi structure
struct mii_data *mii = (struct mii_data *)&ifr.ifr_data;
mii->reg_num = location;

in mii-tool ifr_data is a pointer not allocated storage so you shouldn't
do that. However it part of a union and the biggest thing in it is
bigger than mii_data, so we are not going to crap on our stack/heap. Not
safe though if the structure of mii_data grows.

looking at <linux/if.h> (the kernel side if.h)
ifru_data is a 
void __user *ifru_data;

i.e. it needs copy_to/from_user.

Are the drivers AND mii-tool wrong? I'm feeling like either I've
uncovered a long standing bug (in both mii ioctls and mmi-tool) or I'm
missing something.

Apologies for the verbose message but I'm trying to tell it
as thoroughly as I can.

-- 
John Paul Foster <jaypee@xxxxxxxxxxxxx>

Attachment: signature.asc
Description: This is a digitally signed message part


[Index of Archives]     [Netdev]     [Ethernet Bridging]     [Linux 802.1Q VLAN]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Git]     [Bugtraq]     [Yosemite News and Information]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux PCI]     [Linux Admin]     [Samba]

  Powered by Linux