From ad96a7a7ea950d5bc9755f2f568be185c7070f1e Mon Sep 17 00:00:00 2001 From: Julia Lawall Date: Tue, 20 Jul 2010 20:08:59 -0600 Subject: [PATCH] drivers/block: use memdup_user Use memdup_user when user data is immediately copied into the allocated region. Some checkpatch cleanups in nearby code. The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ expression from,to,size,flag; position p; identifier l1,l2; @@ - to = \(kmalloc@p\|kzalloc@p\)(size,flag); + to = memdup_user(from,size); if ( - to==NULL + IS_ERR(to) || ...) { <+... when != goto l1; - -ENOMEM + PTR_ERR(to) ...+> } - if (copy_from_user(to, from, size) != 0) { - <+... when != goto l2; - -EFAULT - ...+> - } // Signed-off-by: Julia Lawall Cc: Chirag Kantharia Signed-off-by: Andrew Morton Signed-off-by: Jens Axboe --- drivers/block/cpqarray.c | 32 ++++++++++---------------------- 1 file changed, 10 insertions(+), 22 deletions(-) diff --git a/drivers/block/cpqarray.c b/drivers/block/cpqarray.c index 28937b661564..9473215956f9 100644 --- a/drivers/block/cpqarray.c +++ b/drivers/block/cpqarray.c @@ -1255,17 +1255,11 @@ static int ida_ctlr_ioctl(ctlr_info_t *h, int dsk, ida_ioctl_t *io) /* Pre submit processing */ switch(io->cmd) { case PASSTHRU_A: - p = kmalloc(io->sg[0].size, GFP_KERNEL); - if (!p) - { - error = -ENOMEM; - cmd_free(h, c, 0); - return(error); - } - if (copy_from_user(p, io->sg[0].addr, io->sg[0].size)) { - kfree(p); - cmd_free(h, c, 0); - return -EFAULT; + p = memdup_user(io->sg[0].addr, io->sg[0].size); + if (IS_ERR(p)) { + error = PTR_ERR(p); + cmd_free(h, c, 0); + return error; } c->req.hdr.blk = pci_map_single(h->pci_dev, &(io->c), sizeof(ida_ioctl_t), @@ -1296,18 +1290,12 @@ static int ida_ctlr_ioctl(ctlr_info_t *h, int dsk, ida_ioctl_t *io) case DIAG_PASS_THRU: case COLLECT_BUFFER: case WRITE_FLASH_ROM: - p = kmalloc(io->sg[0].size, GFP_KERNEL); - if (!p) - { - error = -ENOMEM; - cmd_free(h, c, 0); - return(error); + p = memdup_user(io->sg[0].addr, io->sg[0].size); + if (IS_ERR(p)) { + error = PTR_ERR(p); + cmd_free(h, c, 0); + return error; } - if (copy_from_user(p, io->sg[0].addr, io->sg[0].size)) { - kfree(p); - cmd_free(h, c, 0); - return -EFAULT; - } c->req.sg[0].size = io->sg[0].size; c->req.sg[0].addr = pci_map_single(h->pci_dev, p, c->req.sg[0].size, PCI_DMA_BIDIRECTIONAL); -- 2.39.5