Missing copy_from_user.  Against Ubuntu 2.6.35-13.18
FDO bug 29340 originally triggered by Ubuntu bug 606081

  Signed-off-by: Dr. David Alan Gilbert <linux@treblig.org>

--- ../orig/linux-2.6.35/drivers/gpu/drm/radeon/radeon_kms.c	2010-07-26 17:38:24.000000000 +0100
+++ drivers/gpu/drm/radeon/radeon_kms.c	2010-08-01 15:40:39.899102004 +0100
@@ -112,7 +112,15 @@
 
 	info = data;
 	value_ptr = (uint32_t *)((unsigned long)info->value);
-	value = *value_ptr;
+
+	/* Should we just move this down into the only case below it that uses
+	   or leave it here on the basis that something else might use it in
+	   the future? */
+        if (DRM_COPY_FROM_USER(&value, value_ptr, sizeof(value))) {
+                DRM_ERROR("copy_from_user\n");
+                return -EFAULT;
+        }
+
 	switch (info->request) {
 	case RADEON_INFO_DEVICE_ID:
 		value = dev->pci_device;