in nsm-driver/nsm.c [162:191]
static int message_copy_to_user(struct nsm_message *user_msg,
struct nsm_kernel_message *kern_msg)
{
struct nsm_message shallow_copy;
if (!kern_msg || !user_msg)
return -EINVAL;
/*
* First, do a shallow copy of the user-space message. This is needed in
* order to get the request block data, which we do not need to copy but
* must preserve in the message sent back to user-space.
*/
if (copy_from_user(&shallow_copy, user_msg, sizeof(shallow_copy)) != 0)
return -EINVAL;
/* Do not exceed the capacity of the user-provided response buffer */
shallow_copy.response.iov_len = kern_msg->response.iov_len;
/* Only the response content must be copied back to user-space */
if (copy_to_user(shallow_copy.response.iov_base,
kern_msg->response.iov_base,
shallow_copy.response.iov_len) != 0)
return -EINVAL;
if (copy_to_user(user_msg, &shallow_copy, sizeof(shallow_copy)) != 0)
return -EFAULT;
return 0;
}