12 Dec
2019
12 Dec
'19
12:14 a.m.
On Wed, 2019-12-11 at 22:20 +0100, Arnd Bergmann wrote: [...]
+static int snd_timer_user_tread(void __user *argp, struct snd_timer_user *tu,
unsigned int cmd, bool compat)+{
- int __user *p = argp;
- int xarg, old_tread;
- if (tu->timeri) /* too late */
return -EBUSY;- if (get_user(xarg, p))
return -EFAULT;- old_tread = tu->tread;
- if (!xarg)
tu->tread = TREAD_FORMAT_NONE;- else if (cmd == SNDRV_TIMER_IOCTL_TREAD64 ||
(IS_ENABLED(CONFIG_64BITS) && !compat))
This needs to check for CONFIG_64BIT not CONFIG_64BITS.
[...]
@@ -2145,14 +2202,34 @@ static ssize_t snd_timer_user_read(struct file *file, char __user *buffer, tu->qused--; spin_unlock_irq(&tu->qlock);
if (tu->tread) {if (copy_to_user(buffer, &tu->tqueue[qhead],sizeof(struct snd_timer_tread)))
tread = &tu->tqueue[qhead];switch (tu->tread) {case TREAD_FORMAT_TIME64:if (copy_to_user(buffer, tread,sizeof(struct snd_timer_tread64))) err = -EFAULT;
} else {
break;case TREAD_FORMAT_TIME32:memset(&tread32, 0, sizeof(tread32));tread32 = (struct snd_timer_tread32) {.event = tread->event,.tstamp_sec = tread->tstamp_sec,.tstamp_sec = tread->tstamp_nsec,.val = tread->val,};if (copy_to_user(buffer, &tread32, sizeof(tread32)))err = -EFAULT;break;case TREAD_FORMAT_NONE: if (copy_to_user(buffer, &tu->queue[qhead], sizeof(struct snd_timer_read))) err = -EFAULT;break;default:err = -ENOTSUPP;
[...]
This is not a valid error code for returning to user-space, but this case should be impossible so I don't think it matters.
Ben.
--
Ben Hutchings, Software Developer Codethink Ltd
https://www.codethink.co.uk/ Dale House, 35 Dale Street
Manchester, M1 2HF, United Kingdom