Issue with copy_from_user() function in kernel 3.6.10

Sateesh Kumar sateesh.kumar at redpinesignals.com
Fri Jul 19 11:50:07 EDT 2013 

Hi sudip,

     I am declaring an array of 200 bytes as destination in ioctl 
processing function itself even i am sending 12 bytes from application. 
Here is the sample code how i am doing in kernel.

     ioctl_process(struct iwreq *wrq)
     {
         uint8 buffer[200];
         copy_from_user(buffer, wrq->u.data.pointer, 
wrq->u.data.length); //This line itself is causing the problem for me.
     }

Regards,
Sateesh.

On 07/19/2013 08:26 PM, Sudip Mukherjee wrote:
> Hi Santosh
> Does your destination buffer have sufficient size to hold the data ?
>
> Regards
> Sudip
>
> On Fri, Jul 19, 2013 at 7:48 PM, Sateesh Kumar
> <sateesh.kumar at redpinesignals.com> wrote:
>> Dear Experts,
>>
>> I am using the kernel 3.6.10 for my driver development. When I compiled
>> the code I am getting the following warning. I am facing the same issue
>> with 3.5.4 kernel.
>>
>> "call to ‘copy_from_user_overflow’ declared with attribute warning:
>> copy_from_user() buffer size is not provably correct"
>>
>> When I try to install the module, I am facing the kernel crash. Here is
>> the crash log.
>>
>>
>> //Kernel crash log - Start
>>
>> Call Trace:
>> [19592.491229] [<c044bbf2>] warn_slowpath_common+0x72/0xa0
>> [19592.491233] [<c06882b7>] ? copy_from_user_overflow+0x27/0x30
>> [19592.491236] [<c06882b7>] ? copy_from_user_overflow+0x27/0x30
>> [19592.491241] [<f86f54c0>] ? jtag_usb_card_read+0x70/0x70 [usb_jtag]
>> [19592.491244] [<c044bcc3>] warn_slowpath_fmt+0x33/0x40
>> [19592.491247] [<c06882b7>] copy_from_user_overflow+0x27/0x30
>> [19592.491251] [<f86f54ec>] jtag_usb_ioctl+0x2c/0x80 [usb_jtag]
>> [19592.491256] [<c0565dea>] do_vfs_ioctl+0x7a/0x590
>> [19592.491259] [<c055f41b>] ? putname+0x2b/0x40
>> [19592.491262] [<c055f41b>] ? putname+0x2b/0x40
>> [19592.491265] [<c0555238>] ? do_sys_open+0x158/0x1c0
>> [19592.491269] [<c0566368>] sys_ioctl+0x68/0x80
>> [19592.491274] [<c0980cdf>] sysenter_do_call+0x12/0x28
>> [19592.491276] ---[ end trace 98bdb358664246ac ]---
>> [19592.491277] copy_from_usr error
>>
>> //Kernel crash log - End
>>
>>
>>
>> Please let me know, what wrong with my driver?
>>
>>
>> Thanks in advance,
>> Regards,
>> Sateesh
>>
>>
>> _______________________________________________
>> Kernelnewbies mailing list
>> Kernelnewbies at kernelnewbies.org
>> http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
>


-- 
Regards,
Sateesh.

More information about the Kernelnewbies mailing list