Raw-gadget ioctls may access uninitialized data

[ryan-summers]

For the IOCTLs of the raw-gadget module that do not accept any data (e.g. raw_ioctl_run), the value argument of the IOCTL call is uninitialized (variadic arg to ioctl()) and should not be read.

This causes issue when using cross-language bindings to IOCTL into the raw-gadget driver, such as using nix from Rust, which intentionally omits any variadic arguments to ioctl since the call requires no data. This causes these functions to spuriously EINVAL as an error code.

I added some logging to the raw_ioctl_run() and was noticing that value was taking on random, uninitialized values and causing the call to emit an error.

[ryan-summers]

For context: I'm looking to leverage raw-gadget as a break-in to the linux USB stack and want to use it for entire-host side testing of the Rust embedded usb-device peripheral-side USB stack.

[xairy]

Hi,

This appears to be the same issue as in #11. The _IO* definition of an ioctl number do not formally specify the types of arguments this ioctl accepts. _IO() ioctls can and do take arguments. I believe the documentation for this nix library offers a solution for this.

Thanks!