Received: by 10.213.65.68 with SMTP id h4csp296616imn; Mon, 26 Mar 2018 22:12:11 -0700 (PDT) X-Google-Smtp-Source: AG47ELvUbTkEdVzOCKectoZOTLyW+MnaTnPzFRova6sSX8/VGejT5NSFYFKwzIviUfxe3XJ5e7KZ X-Received: by 10.98.41.134 with SMTP id p128mr35609701pfp.120.1522127530963; Mon, 26 Mar 2018 22:12:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1522127530; cv=none; d=google.com; s=arc-20160816; b=mAjXeoQ6Be9HVx1VGT3B8SfTrPuLBHKoLJtZE6VKjaI6nX4F+xbMZ+HRL/9OSRcmsY SrhfkRdG/KBXVVsm1BwJI87QX3+/PFF6qp1WSEVTG4uKHcmJpiSiDO1nCiAnxter4zgD 9UlTMHgQmhMZQwLuC9fsWbgl+6lbmYxzgE/7Liq1/nA+9tARpUa2TmlBXAhUwvEQRV+9 mNYhtkOh7QiZxeQt5J0XGQ/n7pmspaZB38eR7t0OEpswS19BSaIEEo10owiv8F00CbnN ZDeLx36F33sETMpi2xmM1te/r1EyUHEcoCaVixv0kMI6+pUBMuWWKpUD1V9E1C3QrbnU LqlA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :organization:references:in-reply-to:message-id:subject:cc:to:from :date:arc-authentication-results; bh=KgR4alzYrirIFZ8OV69ZxEMBkN8PWVP0lUkNeD7SGBU=; b=caDZORQyne0mycX2ItMRvDuWMbJqxFo7s7eqpJXwW9INL/ulqXi5+DcZfgGNt7V+/K f+4JL5b3nT0AqUQwkSSEU0YrWCm6rWChkWO0fH2+cT7fjEX8HJKfLPxNE5KNQX1j9pSd jenfz3Rejd0y1BBz5zr5MrdlebmgknqOa6/nVM8h6fA/eRLljAbprm8tjQCSTTSh9jkP zuxJe94pOvskgtyJ0AQMcN/AmBvj3KYd3Kzfk5hcm7U4CtmKrVflw8XCCNcwlMoNUU/0 DvIb6DFBjvQnOO2DPYo94IiDMDN/50CPNZsWLkASqS9H4NKpK5p4O7VQAfVplA/4q4l7 aCZg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v11si312528pff.189.2018.03.26.22.11.56; Mon, 26 Mar 2018 22:12:10 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751152AbeC0FLD (ORCPT + 99 others); Tue, 27 Mar 2018 01:11:03 -0400 Received: from esa4.microchip.iphmx.com ([68.232.154.123]:18410 "EHLO esa4.microchip.iphmx.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750878AbeC0FLC (ORCPT ); Tue, 27 Mar 2018 01:11:02 -0400 X-IronPort-AV: E=Sophos;i="5.48,366,1517900400"; d="scan'208";a="12426291" Received: from smtpout.microchip.com (HELO email.microchip.com) ([198.175.253.82]) by esa4.microchip.iphmx.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 26 Mar 2018 22:11:01 -0700 Received: from ajaysk-VirtualBox (10.10.76.4) by chn-sv-exch02.mchp-main.com (10.10.76.38) with Microsoft SMTP Server id 14.3.352.0; Mon, 26 Mar 2018 22:11:00 -0700 Date: Tue, 27 Mar 2018 10:40:54 +0530 From: Ajay Singh To: Colin King CC: Aditya Shankar , Ganesh Krishna , Greg Kroah-Hartman , , , , Subject: Re: [PATCH] staging: wilc1000: replace kmalloc + memcpy with kmemdup Message-ID: <20180327104054.69479b47@ajaysk-VirtualBox> In-Reply-To: <20180326171629.28700-1-colin.king@canonical.com> References: <20180326171629.28700-1-colin.king@canonical.com> Organization: Microchip Techonology X-Mailer: Claws Mail 3.13.2 (GTK+ 2.24.30; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 26 Mar 2018 18:16:29 +0100 Colin King wrote: > From: Colin Ian King > > Replace several allocation and memcpys with kmemdup and add in some > missing memory allocation failure checks. Also fix an incorrect > -EFAULT return with -ENOMEM. > > Signed-off-by: Colin Ian King > --- > drivers/staging/wilc1000/host_interface.c | 75 +++++++++++++++++++------------ > 1 file changed, 46 insertions(+), 29 deletions(-) > > diff --git a/drivers/staging/wilc1000/host_interface.c b/drivers/staging/wilc1000/host_interface.c > index 9b9b86654958..8fd367f87fa5 100644 > --- a/drivers/staging/wilc1000/host_interface.c > +++ b/drivers/staging/wilc1000/host_interface.c > @@ -797,6 +797,10 @@ static s32 handle_scan(struct wilc_vif *vif, struct scan_attr *scan_info) > for (i = 0; i < hidden_net->n_ssids; i++) > valuesize += ((hidden_net->net_info[i].ssid_len) + 1); > hdn_ntwk_wid_val = kmalloc(valuesize + 1, GFP_KERNEL); > + if (!hdn_ntwk_wid_val) { > + result = -ENOMEM; > + goto error; > + } Please do not apply this changes. It will change the code flow differently. Check for NULl value in '(wid_list[index].val)' is already presented. It has to proceed with the below flow instead of returning from there. > wid_list[index].val = hdn_ntwk_wid_val; > if (wid_list[index].val) { > buffer = wid_list[index].val; > @@ -943,39 +947,35 @@ static s32 handle_connect(struct wilc_vif *vif, > } > > if (conn_attr->bssid) { > - hif_drv->usr_conn_req.bssid = kmalloc(6, GFP_KERNEL); > + hif_drv->usr_conn_req.bssid = kmemdup(conn_attr->bssid, 6, > + GFP_KERNEL); > if (!hif_drv->usr_conn_req.bssid) { > result = -ENOMEM; > goto error; > } > - memcpy(hif_drv->usr_conn_req.bssid, conn_attr->bssid, 6); > } > > hif_drv->usr_conn_req.ssid_len = conn_attr->ssid_len; > if (conn_attr->ssid) { > - hif_drv->usr_conn_req.ssid = kmalloc(conn_attr->ssid_len + 1, > + hif_drv->usr_conn_req.ssid = kmemdup(conn_attr->ssid, > + conn_attr->ssid_len + 1, > GFP_KERNEL); Sorry, I too missed to see that scenario. As suggested, kmemdup can not be used directly to replace kmalloc & memcpy in this case. The size used for kmalloc is not equal to size of data copy in memcpy i.e kmalloc is done for 1 byte extra to keep the NULL character. The direct replacement of kmalloc with kmemdup is not applicable here. > if (!hif_drv->usr_conn_req.ssid) { > result = -ENOMEM; > goto error; > } > - memcpy(hif_drv->usr_conn_req.ssid, > - conn_attr->ssid, > - conn_attr->ssid_len); > hif_drv->usr_conn_req.ssid[conn_attr->ssid_len] = '\0'; > } > > hif_drv->usr_conn_req.ies_len = conn_attr->ies_len; > if (conn_attr->ies) { > - hif_drv->usr_conn_req.ies = kmalloc(conn_attr->ies_len, > + hif_drv->usr_conn_req.ies = kmemdup(conn_attr->ies, > + conn_attr->ies_len, > GFP_KERNEL); > if (!hif_drv->usr_conn_req.ies) { > result = -ENOMEM; > goto error; > } > - memcpy(hif_drv->usr_conn_req.ies, > - conn_attr->ies, > - conn_attr->ies_len); > } > > hif_drv->usr_conn_req.security = conn_attr->security; > @@ -1009,9 +1009,12 @@ static s32 handle_connect(struct wilc_vif *vif, > > if (memcmp("DIRECT-", conn_attr->ssid, 7)) { > info_element_size = hif_drv->usr_conn_req.ies_len; > - info_element = kmalloc(info_element_size, GFP_KERNEL); > - memcpy(info_element, hif_drv->usr_conn_req.ies, > - info_element_size); > + info_element = kmemdup(hif_drv->usr_conn_req.ies, > + info_element_size, GFP_KERNEL); > + if (!info_element) { > + result = -ENOMEM; > + goto error; > + } > } "info_element" variable was removed in my previous submitted patchset. Those changes are still not included in Greg's staging repo. Few changes in this patch are already included in previous patchset,which might give conflict. But few changes are not present which can be applied like returning -ENOMEM in case of allocation failure. Regards, Ajay