[PATCH v2 10/11] Bluetooth: ath3k: use usb_control_msg_send() and usb_control_msg_recv()

From: Greg Kroah-Hartman
Date: Mon Sep 07 2020 - 11:54:23 EST


The usb_control_msg_send() and usb_control_msg_recv() calls can return
an error if a "short" write/read happens, and they can handle data off
of the stack, so move the driver over to using those calls instead,
saving some logic when dynamically allocating memory.

Cc: Marcel Holtmann <marcel@xxxxxxxxxxxx>
Cc: Johan Hedberg <johan.hedberg@xxxxxxxxx>
Cc: linux-bluetooth@xxxxxxxxxxxxxxx
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
v2:
- no change from v1

drivers/bluetooth/ath3k.c | 90 +++++++++++----------------------------
1 file changed, 26 insertions(+), 64 deletions(-)

diff --git a/drivers/bluetooth/ath3k.c b/drivers/bluetooth/ath3k.c
index 4ce270513695..1472cccfd0b3 100644
--- a/drivers/bluetooth/ath3k.c
+++ b/drivers/bluetooth/ath3k.c
@@ -212,19 +212,16 @@ static int ath3k_load_firmware(struct usb_device *udev,

BT_DBG("udev %p", udev);

- pipe = usb_sndctrlpipe(udev, 0);
-
send_buf = kmalloc(BULK_SIZE, GFP_KERNEL);
if (!send_buf) {
BT_ERR("Can't allocate memory chunk for firmware");
return -ENOMEM;
}

- memcpy(send_buf, firmware->data, FW_HDR_SIZE);
- err = usb_control_msg(udev, pipe, USB_REQ_DFU_DNLOAD, USB_TYPE_VENDOR,
- 0, 0, send_buf, FW_HDR_SIZE,
- USB_CTRL_SET_TIMEOUT);
- if (err < 0) {
+ err = usb_control_msg_send(udev, 0, USB_REQ_DFU_DNLOAD, USB_TYPE_VENDOR,
+ 0, 0, firmware->data, FW_HDR_SIZE,
+ USB_CTRL_SET_TIMEOUT);
+ if (err) {
BT_ERR("Can't change to loading configuration err");
goto error;
}
@@ -259,44 +256,17 @@ static int ath3k_load_firmware(struct usb_device *udev,

static int ath3k_get_state(struct usb_device *udev, unsigned char *state)
{
- int ret, pipe = 0;
- char *buf;
-
- buf = kmalloc(sizeof(*buf), GFP_KERNEL);
- if (!buf)
- return -ENOMEM;
-
- pipe = usb_rcvctrlpipe(udev, 0);
- ret = usb_control_msg(udev, pipe, ATH3K_GETSTATE,
- USB_TYPE_VENDOR | USB_DIR_IN, 0, 0,
- buf, sizeof(*buf), USB_CTRL_SET_TIMEOUT);
-
- *state = *buf;
- kfree(buf);
-
- return ret;
+ return usb_control_msg_recv(udev, 0, ATH3K_GETSTATE,
+ USB_TYPE_VENDOR | USB_DIR_IN, 0, 0,
+ state, 1, USB_CTRL_SET_TIMEOUT);
}

static int ath3k_get_version(struct usb_device *udev,
struct ath3k_version *version)
{
- int ret, pipe = 0;
- struct ath3k_version *buf;
- const int size = sizeof(*buf);
-
- buf = kmalloc(size, GFP_KERNEL);
- if (!buf)
- return -ENOMEM;
-
- pipe = usb_rcvctrlpipe(udev, 0);
- ret = usb_control_msg(udev, pipe, ATH3K_GETVERSION,
- USB_TYPE_VENDOR | USB_DIR_IN, 0, 0,
- buf, size, USB_CTRL_SET_TIMEOUT);
-
- memcpy(version, buf, size);
- kfree(buf);
-
- return ret;
+ return usb_control_msg_recv(udev, 0, ATH3K_GETVERSION,
+ USB_TYPE_VENDOR | USB_DIR_IN, 0, 0,
+ version, sizeof(*version), USB_CTRL_SET_TIMEOUT);
}

static int ath3k_load_fwfile(struct usb_device *udev,
@@ -316,13 +286,10 @@ static int ath3k_load_fwfile(struct usb_device *udev,
}

size = min_t(uint, count, FW_HDR_SIZE);
- memcpy(send_buf, firmware->data, size);

- pipe = usb_sndctrlpipe(udev, 0);
- ret = usb_control_msg(udev, pipe, ATH3K_DNLOAD,
- USB_TYPE_VENDOR, 0, 0, send_buf,
- size, USB_CTRL_SET_TIMEOUT);
- if (ret < 0) {
+ ret = usb_control_msg_send(udev, 0, ATH3K_DNLOAD, USB_TYPE_VENDOR, 0, 0,
+ firmware->data, size, USB_CTRL_SET_TIMEOUT);
+ if (ret) {
BT_ERR("Can't change to loading configuration err");
kfree(send_buf);
return ret;
@@ -355,23 +322,19 @@ static int ath3k_load_fwfile(struct usb_device *udev,
return 0;
}

-static int ath3k_switch_pid(struct usb_device *udev)
+static void ath3k_switch_pid(struct usb_device *udev)
{
- int pipe = 0;
-
- pipe = usb_sndctrlpipe(udev, 0);
- return usb_control_msg(udev, pipe, USB_REG_SWITCH_VID_PID,
- USB_TYPE_VENDOR, 0, 0,
- NULL, 0, USB_CTRL_SET_TIMEOUT);
+ usb_control_msg_send(udev, 0, USB_REG_SWITCH_VID_PID, USB_TYPE_VENDOR,
+ 0, 0, NULL, 0, USB_CTRL_SET_TIMEOUT);
}

static int ath3k_set_normal_mode(struct usb_device *udev)
{
unsigned char fw_state;
- int pipe = 0, ret;
+ int ret;

ret = ath3k_get_state(udev, &fw_state);
- if (ret < 0) {
+ if (ret) {
BT_ERR("Can't get state to change to normal mode err");
return ret;
}
@@ -381,10 +344,9 @@ static int ath3k_set_normal_mode(struct usb_device *udev)
return 0;
}

- pipe = usb_sndctrlpipe(udev, 0);
- return usb_control_msg(udev, pipe, ATH3K_SET_NORMAL_MODE,
- USB_TYPE_VENDOR, 0, 0,
- NULL, 0, USB_CTRL_SET_TIMEOUT);
+ return usb_control_msg_send(udev, 0, ATH3K_SET_NORMAL_MODE,
+ USB_TYPE_VENDOR, 0, 0, NULL, 0,
+ USB_CTRL_SET_TIMEOUT);
}

static int ath3k_load_patch(struct usb_device *udev)
@@ -397,7 +359,7 @@ static int ath3k_load_patch(struct usb_device *udev)
int ret;

ret = ath3k_get_state(udev, &fw_state);
- if (ret < 0) {
+ if (ret) {
BT_ERR("Can't get state to change to load ram patch err");
return ret;
}
@@ -408,7 +370,7 @@ static int ath3k_load_patch(struct usb_device *udev)
}

ret = ath3k_get_version(udev, &fw_version);
- if (ret < 0) {
+ if (ret) {
BT_ERR("Can't get version to change to load ram patch err");
return ret;
}
@@ -449,13 +411,13 @@ static int ath3k_load_syscfg(struct usb_device *udev)
int clk_value, ret;

ret = ath3k_get_state(udev, &fw_state);
- if (ret < 0) {
+ if (ret) {
BT_ERR("Can't get state to change to load configuration err");
return -EBUSY;
}

ret = ath3k_get_version(udev, &fw_version);
- if (ret < 0) {
+ if (ret) {
BT_ERR("Can't get version to change to load ram patch err");
return ret;
}
@@ -529,7 +491,7 @@ static int ath3k_probe(struct usb_interface *intf,
return ret;
}
ret = ath3k_set_normal_mode(udev);
- if (ret < 0) {
+ if (ret) {
BT_ERR("Set normal mode failed");
return ret;
}
--
2.28.0