Error checking in ioctl(2)?
Garrett Cooper
yanefbsd at gmail.com
Fri Apr 23 00:45:40 UTC 2010
On Thu, Apr 22, 2010 at 4:36 PM, Matthew Fleming
<matthew.fleming at isilon.com> wrote:
>> Hi hackers,
>> I realize that this isn't 100% userland code, so the checks should
>> be minimalized, but when looking at the ioctl(2) syscall code (at
>> least I think it is... there's another dupe hanging around in
>> sys/dev/hptmv/ioctl.c), I had some questions related to the error
>> handling not being done in the code:
>>
>> if (size > 0) {
>> if (com & IOC_VOID) {
>> /* Integer argument. */
>> arg = (intptr_t)uap->data;
>> data = (void *)&arg;
>> size = 0;
>> } else
>> data = malloc((u_long)size, M_IOCTLOPS,
>> M_WAITOK); /* XXX: can fail -- do we care? */
>
> malloc(9) with M_WAITOK cannot return NULL. So the rest of your XXX
> comments are not at issue.
>
> Also, free(9) is documented to do the right thing when asked to
> free(NULL).
>
> copyin/copyout are really just bcopy but unlike most kernel code they
> are allowed to take a page fault. They deal with this by setting a
> function pointer in PCB_ONFAULT, which is used in trap() to set a return
> instruction pointer.
Matt,
Awesome. I can see I need to do a bit more reading in malloc(3) :)...
Thanks for the info!
-Garrett
More information about the freebsd-hackers
mailing list