patch_name: cpqarray-stack.patch patch_version: 2003-04-02.21:10:01 author: Randy.Dunlap description: reduce stack in block/cqparray.c::ida_ioctl() from 0x550 to 0x48; product: Linux product_versions: linux-2566 changelog: allocate and free maintainer: Steve Cameron: arrays@hp.com, steve.cameron@hp.com diffstat: = drivers/block/cpqarray.c | 20 ++++++++++++++------ 1 files changed, 14 insertions(+), 6 deletions(-) diff -Naur ./drivers/block/cpqarray.c%IDAIOC ./drivers/block/cpqarray.c --- ./drivers/block/cpqarray.c%IDAIOC 2003-03-24 14:00:03.000000000 -0800 +++ ./drivers/block/cpqarray.c 2003-04-02 20:05:57.000000000 -0800 @@ -1021,7 +1021,7 @@ int diskinfo[4]; struct hd_geometry *geo = (struct hd_geometry *)arg; ida_ioctl_t *io = (ida_ioctl_t*)arg; - ida_ioctl_t my_io; + ida_ioctl_t *my_io; switch(cmd) { case HDIO_GETGEO: @@ -1046,11 +1046,19 @@ return 0; case IDAPASSTHRU: if (!capable(CAP_SYS_RAWIO)) return -EPERM; - if (copy_from_user(&my_io, io, sizeof(my_io))) - return -EFAULT; - error = ida_ctlr_ioctl(ctlr, dsk, &my_io); - if (error) return error; - return copy_to_user(io, &my_io, sizeof(my_io)) ? -EFAULT : 0; + my_io = kmalloc(sizeof(ida_ioctl_t), GFP_KERNEL); + if (!my_io) + return -ENOMEM; + if (copy_from_user(my_io, io, sizeof(*my_io))) { + error = -EFAULT; + goto iocfree; + } + error = ida_ctlr_ioctl(ctlr, dsk, my_io); + if (error) goto iocfree; + error = copy_to_user(io, my_io, sizeof(*my_io)) ? -EFAULT : 0; + iocfree: + kfree(my_io); + return error; case IDAGETCTLRSIG: if (!arg) return -EINVAL; put_user(hba[ctlr]->ctlr_sig, (int*)arg);