[openib-general] Re: [RFC] [PATCH] user_mad: Support RMPP on send side
Roland Dreier
roland at topspin.com
Wed May 18 16:04:14 PDT 2005
This looks OK to check in with one small comment on the following:
- if (copy_to_user(buf, &packet->mad, sizeof packet->mad))
+ if (copy_to_user(buf, &packet->mad,
+ min(count, packet->length +
+ sizeof (struct ib_user_mad))))
ret = -EFAULT;
else
- ret = sizeof packet->mad;
+ ret = count;
This code will truncate a received MAD that is bigger than the buffer
passed into read(), but return the full size of the packet. I don't
think read() is allowed to do this: the return value can be at most
the count value passed in by the user.
I think we have two options: truncate and return the actual amount of
data read to the user, or return an error if the user's buffer is too
small.
- R.
More information about the general
mailing list