Re: [PATCH 10/27] drivers/infiniband/core: Use memdup_user
From: walter harms
Date: Sat May 22 2010 - 05:40:07 EST
Julia Lawall schrieb:
> From: Julia Lawall <julia@xxxxxxx>
>
> Use memdup_user when user data is immediately copied into the
> allocated region.
>
> The semantic patch that makes this change is as follows:
> (http://coccinelle.lip6.fr/)
>
> // <smpl>
> @@
> expression from,to,size,flag;
> position p;
> identifier l1,l2;
> @@
>
> - to = \(kmalloc@p\|kzalloc@p\)(size,flag);
> + to = memdup_user(from,size);
> if (
> - to==NULL
> + IS_ERR(to)
> || ...) {
> <+... when != goto l1;
> - -ENOMEM
> + PTR_ERR(to)
> ...+>
> }
> - if (copy_from_user(to, from, size) != 0) {
> - <+... when != goto l2;
> - -EFAULT
> - ...+>
> - }
> // </smpl>
>
> Signed-off-by: Julia Lawall <julia@xxxxxxx>
>
> ---
> drivers/infiniband/core/ucm.c | 11 +++--------
> 1 file changed, 3 insertions(+), 8 deletions(-)
>
> diff --git a/drivers/infiniband/core/ucm.c b/drivers/infiniband/core/ucm.c
> index 4647484..08f948d 100644
> --- a/drivers/infiniband/core/ucm.c
> +++ b/drivers/infiniband/core/ucm.c
> @@ -706,14 +706,9 @@ static int ib_ucm_alloc_data(const void **dest, u64 src, u32 len)
> if (!len)
> return 0;
>
> - data = kmalloc(len, GFP_KERNEL);
> - if (!data)
> - return -ENOMEM;
> -
> - if (copy_from_user(data, (void __user *)(unsigned long)src, len)) {
> - kfree(data);
> - return -EFAULT;
> - }
> + data = memdup_user((void __user *)(unsigned long)src, len);
> + if (IS_ERR(data))
> + return PTR_ERR(data);
>
> *dest = data;
> return 0;
> --
This cast look strange, can it happen that (unsigned long)<(u64) ?
(is there a 32bit infiniband) ?
just my 2 cents,
wh
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/