• Dale Farnsworth's avatar
    PPC32: Fix copy_from_user to copy as much as possible. · 8ebe7055
    Dale Farnsworth authored
    copy_from_user is supposed to transfer as much data as is
    valid and then to return the number of bytes not tranferred.
    That's how it works on x86.  On ppc it can be as much as 15
    bytes short.
    
    I initially saw the problem with the mount system call.
    
    Note that the fifth argument to mount is an address 8 bytes from the end
    of user data space.  There is a null byte at that address, since no mount
    options are being passed.
    
    In the kernel, sys_mount() allocates a page for the options and
    does copy_from_user(new_page, 0x1005eff8, PAGE_SIZE).  copy_from_user
    should copy 8 bytes and return (PAGE_SIZE-8).  Instead, on ppc it reads
    8 bytes, faults, writes no bytes, and returns PAGE_SIZE, which causes the
    EFAULT to be erroneously reported.
    8ebe7055
string.S 12 KB