From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jason@jasonjgw.net>
Received: by befuddled.reisers.ca (Postfix, from userid 65534)
 id 5E8361EF6B4; Thu, 18 Jul 2013 19:43:11 -0400 (EDT)
Received: from jdc.jasonjgw.net (jdc.jasonjgw.net [59.167.198.218])
 by befuddled.reisers.ca (Postfix) with ESMTPS id 8FC171EF56E
 for <speakup@linux-speakup.org>; Thu, 18 Jul 2013 19:43:10 -0400 (EDT)
Received: by jdc.jasonjgw.net (Postfix, from userid 1000)
 id A21531808B65C; Fri, 19 Jul 2013 09:43:02 +1000 (EST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=jasonjgw.net; s=mail;
 t=1374190982; bh=xi0cyo10DrbEr3X8jqtQPPVGlusPtoKLF0vf+sEIP7Y=;
 h=Date:From:To:Subject:References:In-Reply-To;
 b=G/7lYHOc9zDswSQAy1NvDZhmmhw9+TVVa76VZmLOCunb/ikZO1aqm6omhgw9mH3yP
 9AOSaaq+fTkVHAUu0F1OH2GBH9VnF6C3ax/mpUZAvDJgY3hgkDYRW/5Tgok5YLW2Jr
 sTJHxFMt8/JxBZCl6RJZhU2fE1WnIVzHkQ2H0TMM=
Date: Fri, 19 Jul 2013 09:43:02 +1000
From: Jason White <jason@jasonjgw.net>
To: speakup@linux-speakup.org
Subject: Re: OT: kernel oops
Message-ID: <20130718234302.GA7934@jdc.jasonjgw.net>
References: <0d30e6e5-261e-47e0-b5da-2ce5fe6bad24@default>
 <87mwpjx3ae.fsf@mushroom.PK5001Z>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <87mwpjx3ae.fsf@mushroom.PK5001Z>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.2
X-BeenThere: speakup@linux-speakup.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: "Speakup is a screen review system for Linux."
 <speakup@linux-speakup.org>
List-Id: "Speakup is a screen review system for Linux."
 <speakup.linux-speakup.org>
List-Unsubscribe: <http://linux-speakup.org/cgi-bin/mailman/options/speakup>,
 <mailto:speakup-request@linux-speakup.org?subject=unsubscribe>
List-Archive: <http://linux-speakup.org/pipermail/speakup/>
List-Post: <mailto:speakup@linux-speakup.org>
List-Help: <mailto:speakup-request@linux-speakup.org?subject=help>
List-Subscribe: <http://linux-speakup.org/cgi-bin/mailman/listinfo/speakup>,
 <mailto:speakup-request@linux-speakup.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Jul 2013 23:43:11 -0000

Chris Brannon <chris@the-brannons.com> wrote:
> Don Raikes <don.raikes@oracle.com> writes:
> 
> > The section of code that is having problems looks like this:
> *SNIP*
> > if (copy_from_user(&tbuf, buf, count))
> 
> This line is your problem.  You are passing a
> pointer-to-pointer-to-character (char **) as the first argument to
> copy_from_user, but you should be passing char * instead.  So ditch the
> ampersand, and all will be right with the world!
> I could give you a thorough explanation of why this is failing, if you
> like, but to make a long story short, this line of code is smashing the
> stack!

In other words, you're passing it the address of the pointer to the buffer,
rather than the pointer itself, which holds the address of the buffer.