Linux kernel & device driver programming

Cross-Referenced Linux and Device Driver Code

[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ]
Version: [ 2.6.11.8 ] [ 2.6.25 ] [ 2.6.25.8 ] [ 2.6.31.13 ] Architecture: [ i386 ] 
  1 /*
  2  * faulty.c -- a module which generates an oops when read
  3  *
  4  * Copyright (C) 2001 Alessandro Rubini and Jonathan Corbet
  5  * Copyright (C) 2001 O'Reilly & Associates
  6  *
  7  * The source code in this file can be freely used, adapted,
  8  * and redistributed in source or binary form, so long as an
  9  * acknowledgment appears in derived source files.  The citation
 10  * should list that the code comes from the book "Linux Device
 11  * Drivers" by Alessandro Rubini and Jonathan Corbet, published
 12  * by O'Reilly & Associates.   No warranty is attached;
 13  * we cannot take responsibility for errors or fitness for use.
 14  *
 15  * $Id: faulty.c,v 1.3 2004/09/26 07:02:43 gregkh Exp $
 16  */
 17 
 18 #include <linux/module.h>
 19 #include <linux/init.h>
 20 
 21 #include <linux/kernel.h> /* printk() */
 22 #include <linux/fs.h>     /* everything... */
 23 #include <linux/types.h>  /* size_t */
 24 #include <asm/uaccess.h>
 25 
 26 MODULE_LICENSE("Dual BSD/GPL");
 27 
 28 
 29 int faulty_major = 0;
 30 
 31 ssize_t faulty_read(struct file *filp, char __user *buf,
 32                     size_t count, loff_t *pos)
 33 {
 34         int ret;
 35         char stack_buf[4];
 36 
 37         /* Let's try a buffer overflow  */
 38         memset(stack_buf, 0xff, 20);
 39         if (count > 4)
 40                 count = 4; /* copy 4 bytes to the user */
 41         ret = copy_to_user(buf, stack_buf, count);
 42         if (!ret)
 43                 return count;
 44         return ret;
 45 }
 46 
 47 ssize_t faulty_write (struct file *filp, const char __user *buf, size_t count,
 48                 loff_t *pos)
 49 {
 50         /* make a simple fault by dereferencing a NULL pointer */
 51         *(int *)0 = 0;
 52         return 0;
 53 }
 54 
 55 
 56 
 57 struct file_operations faulty_fops = {
 58         .read =  faulty_read,
 59         .write = faulty_write,
 60         .owner = THIS_MODULE
 61 };
 62 
 63 
 64 int faulty_init(void)
 65 {
 66         int result;
 67 
 68         /*
 69          * Register your major, and accept a dynamic number
 70          */
 71         result = register_chrdev(faulty_major, "faulty", &faulty_fops);
 72         if (result < 0)
 73                 return result;
 74         if (faulty_major == 0)
 75                 faulty_major = result; /* dynamic */
 76 
 77         return 0;
 78 }
 79 
 80 void faulty_cleanup(void)
 81 {
 82         unregister_chrdev(faulty_major, "faulty");
 83 }
 84 
 85 module_init(faulty_init);
 86 module_exit(faulty_cleanup);
 87 
 88
  This page was automatically generated by the LXR engine.