Re: [Dri-devel] copy_from_user question

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

José Fonseca wrote:
> Hollis,
> 
> On Wed, Jun 04, 2003 at 05:17:52PM -0500, Hollis Blanchard wrote:
> 
>>This is what the Stanford checker turned up recently when analyzing the  
>>copy_to/from_user calls in the Linux kernel:
>>
> 
> [...]
> 
>>This is all because the DRM_COPY_FROM_USER_UNCHECKED is being called in  
>>radeon_cp_dispatch_indices. If the copy_from_user is needed, the whole  
>>sarea_priv structure must be in user space, in which case all the other  
>>direct sarea references are in error. The other possibility is that  
>>copy_from_user isn't needed here at all. Can anyone comment?
> 
> 
> The SAREA, and hence drm_radeon_sarea_t and 'boxes', lives on a shared memory
> segment accessible by all intervenients (kernel, X server, client).  So
> the copy_from_user shouldn't be used.
> 
> I guess that at some point, radeon_cp_dispatch_indices was called on
> userspace cliprects, but now it appears only to be called on the SAREA.
> Perhaps Keith can tell more about it.

Yes, there's no need to be calling COPY_FROM_USER on these cliprects - just 
referencing them directly would be fine.

Keith