linux_ioctl_cdrom: reduce stack usage

... by moving two ~2KB structures from stack to heap allocation.
I experienced stack overflow in linux emulation on i386 (8K stack)
when LINUX_DVD_READ_STRUCT ioctl was performed on atapicam cd
device and there was an error that resulted in additional quite
heavy stack use in cam layer.

Reviewed by:	dchagin
Approved by:	jhb (mentor)

1 files changed, 16 insertions, 11 deletions

diff --git a/sys/compat/linux/linux_ioctl.c b/sys/compat/linux/linux_ioctl.c
index 2b4ca75..f0a7559 100644
--- a/sys/compat/linux/linux_ioctl.c
+++ b/sys/compat/linux/linux_ioctl.c
@@ -1556,23 +1556,28 @@ linux_ioctl_cdrom(struct thread *td, struct linux_ioctl_args *args)
 	/* LINUX_CDROMAUDIOBUFSIZ */
 
 	case LINUX_DVD_READ_STRUCT: {
-		l_dvd_struct lds;
-		struct dvd_struct bds;
+		l_dvd_struct *lds;
+		struct dvd_struct *bds;
 
-		error = copyin((void *)args->arg, &lds, sizeof(lds));
+		lds = malloc(sizeof(*lds), M_LINUX, M_WAITOK);
+		bds = malloc(sizeof(*bds), M_LINUX, M_WAITOK);
+		error = copyin((void *)args->arg, lds, sizeof(*lds));
 		if (error)
-			break;
-		error = linux_to_bsd_dvd_struct(&lds, &bds);
+			goto out;
+		error = linux_to_bsd_dvd_struct(lds, bds);
 		if (error)
-			break;
-		error = fo_ioctl(fp, DVDIOCREADSTRUCTURE, (caddr_t)&bds,
+			goto out;
+		error = fo_ioctl(fp, DVDIOCREADSTRUCTURE, (caddr_t)bds,
 		    td->td_ucred, td);
 		if (error)
-			break;
-		error = bsd_to_linux_dvd_struct(&bds, &lds);
+			goto out;
+		error = bsd_to_linux_dvd_struct(bds, lds);
 		if (error)
-			break;
-		error = copyout(&lds, (void *)args->arg, sizeof(lds));
+			goto out;
+		error = copyout(lds, (void *)args->arg, sizeof(*lds));
+	out:
+		free(bds, M_LINUX);
+		free(lds, M_LINUX);
 		break;
 	}