Message ID | 20230604131215.78847-1-andriy.shevchenko@linux.intel.com |
---|---|
State | New |
Headers | show |
Series | [v1,1/2] pinctrl: Duplicate user memory in one go in pinmux_select() | expand |
On Sun, Jun 4, 2023 at 3:12 PM Andy Shevchenko <andriy.shevchenko@linux.intel.com> wrote: > Current code is suboptimal in three ways: > 1) it explicitly terminates the string which is not needed; > 2) it might provoke additional faults, because asked lenght might be > bigger than the real one; > 3) it consumes more than needed lines in the source. > > Instead of using kmalloc() + strncpy_from_user() + terminating, just > utilize memdup_user_nul(). > > Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Excellent patch, applied! Yours, Linus Walleij
On Tue, Jun 13, 2023 at 04:30:44PM +0200, Markus Elfring wrote: > > …, because asked lenght … > > * Are there any chances to avoid a typo in such a change description? Not anymore as explained in the other email, but thanks for pointing this out. > * Was a cover letter accidentally omitted? What do you want to see in such cover letter? How can it be helpful? (Note that these are rhetorical towards this change, as it's already in the non-rebased branch)
diff --git a/drivers/pinctrl/pinmux.c b/drivers/pinctrl/pinmux.c index 021382632608..2d2f3bd164d5 100644 --- a/drivers/pinctrl/pinmux.c +++ b/drivers/pinctrl/pinmux.c @@ -692,14 +692,9 @@ static ssize_t pinmux_select(struct file *file, const char __user *user_buf, if (len > PINMUX_SELECT_MAX) return -ENOMEM; - buf = kzalloc(PINMUX_SELECT_MAX, GFP_KERNEL); - if (!buf) - return -ENOMEM; - - ret = strncpy_from_user(buf, user_buf, PINMUX_SELECT_MAX); - if (ret < 0) - goto exit_free_buf; - buf[len-1] = '\0'; + buf = memdup_user_nul(user_buf, len); + if (IS_ERR(buf)) + return PTR_ERR(buf); /* remove leading and trailing spaces of input buffer */ gname = strstrip(buf);
Current code is suboptimal in three ways: 1) it explicitly terminates the string which is not needed; 2) it might provoke additional faults, because asked lenght might be bigger than the real one; 3) it consumes more than needed lines in the source. Instead of using kmalloc() + strncpy_from_user() + terminating, just utilize memdup_user_nul(). Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> --- drivers/pinctrl/pinmux.c | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-)