[PATCH] usb-serial: fix oti6858.c segfault in termios handling

[Thomas Viehmann]

The oti6858 usb serial driver should use 
kernel_termios_to_user_termios/
user_termios_to_kernel_termios to avoid segfaults because the kernel
uses a structure differing from that of user space with a different 
size.

Signed-off-by: Thomas Viehmann <tv@xxxxxxxxxx>
---
I'm don't know the least thing about the type casting (it is lifted
from kobil_sct.c), but I do get better success with the patch...
--- linux-2.6.23-rc1/drivers/usb/serial/oti6858.c.orig
+++ linux-2.6.23-rc1/drivers/usb/serial/oti6858.c
@@ -818,19 +818,22 @@

       switch (cmd) {
               case TCGETS:
-                       if (copy_to_user(user_arg, port->tty->termios,
-                                               sizeof(struct 
ktermios))) {
+                       if (kernel_termios_to_user_termios(
+                                            (struct ktermios __user 
*)arg,
+                                            port->tty->termios))
                               return -EFAULT;
-                       }
                       return 0;

               case TCSETS:
               case TCSETSW:                  case TCSETSF:   -      
                 if (copy_from_user(port->tty->termios, user_arg,
-                                               sizeof(struct 
ktermios))) {
+                       if 
(user_termios_to_kernel_termios(port->tty->termios,
+                                               (struct ktermios 
__user *)arg))
                               return -EFAULT;
-                       }
                       oti6858_set_termios(port, NULL);
                       return 0;

--
Thomas Viehmann, http://thomas.viehmann.net/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/