Re: Question about mmap

Dear Bing Zhu, You can remap kernel memory to userspace using remap_pfn_range. Thank you. Best regards, Seunguk Shin -- Original Message -- From: "bing zhu" mailto:zhubohon...@gmail.com>> To: kernelnewbies@kernelnewbies.org Sent: 6/11/2018 9:47:55

Re: [PATCH v2] staging: pi433: add mutex fixing concurrency issues.

On Sat, Jun 09, 2018 at 11:48:42AM -0400, Hugo Lefeuvre wrote: > case PI433_IOC_WR_TX_CFG: > if (copy_from_user(>tx_cfg, argp, >sizeof(struct pi433_tx_cfg))) > return -EFAULT; > break; Btw, it looks so wrong to me that we copy partial data to

Re: [PATCH] staging: pi433: add mutex fixing race condition when accessing tx_cfg

> We read the data from the user here and then we write it to the fifo > in pi433_write(). We should be using the device->tx_fifo_lock so that > we don't copy over the data at the same time we're writing it to the > fifo. Oh right, that makes the bug even worse. In this case we don't even need

Re: [PATCH v2] staging: pi433: add mutex fixing concurrency issues.

> > case PI433_IOC_WR_TX_CFG: > > if (copy_from_user(>tx_cfg, argp, > >sizeof(struct pi433_tx_cfg))) > > return -EFAULT; > > break; > > Btw, it looks so wrong to me that we copy partial data to > >tx_cfg... I'd really prefer copying it to a tmp

[PATCH v2] staging: pi433: fix race condition in pi433_ioctl

In the PI433_IOC_WR_TX_CFG case in pi433_ioctl, instance->tx_cfg is modified via copy_from_user(>tx_cfg, argp, sizeof(struct pi433_tx_cfg))) without any kind of synchronization. In the case where two threads would execute this same command concurrently the tx_cfg field might enter in an