diff options
author | FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp> | 2010-01-05 11:41:44 +0100 |
---|---|---|
committer | James Bottomley <James.Bottomley@suse.de> | 2010-02-08 20:43:18 +0100 |
commit | 84eb8fb42c120ff32b201c1cdd910033c888f699 (patch) | |
tree | 6524fd3b36c939f532b579448e6a5fbda47d02b7 | |
parent | [SCSI] qla2xxx: make msix interrupt handler safe for irq (diff) | |
download | linux-84eb8fb42c120ff32b201c1cdd910033c888f699.tar.xz linux-84eb8fb42c120ff32b201c1cdd910033c888f699.zip |
[SCSI] compat_ioct: fix bsg SG_IO
bsg's SG_IO doesn't work on 32-bit userspace and 64-bit kernelspace.
The problem is that both sg and bsg drivers use SG_IO
ioctl. sg_ioctl_trans() does 32/64-bit conversion even against bsg
header. It messes up bsg header. bsg driver gets garbage.
This patch fixes sg_ioctl_trans to handle only sg header (struct
sg_io_hdr).
Reported-by: Giridhar Malavali <giridhar.malavali@qlogic.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
-rw-r--r-- | fs/compat_ioctl.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/fs/compat_ioctl.c b/fs/compat_ioctl.c index c5c45de1a2ee..7cbbc7ab4b50 100644 --- a/fs/compat_ioctl.c +++ b/fs/compat_ioctl.c @@ -301,6 +301,12 @@ static int sg_ioctl_trans(unsigned int fd, unsigned int cmd, u32 data; void __user *dxferp; int err; + int interface_id; + + if (get_user(interface_id, &sgio32->interface_id)) + return -EFAULT; + if (interface_id != 'S') + return sys_ioctl(fd, cmd, (unsigned long)sgio32); if (get_user(iovec_count, &sgio32->iovec_count)) return -EFAULT; |