| Message ID | 20240508094628.308221-2-thorsten.blum@toblux.com (mailing list archive) |
|---|---|
| State | Superseded, archived |
| Headers | show |
| Series | platform/x86/amd/pmf: Use memdup_user() | expand |
…
> Fixes the following Coccinelle/coccicheck warning …
Would a corresponding imperative wording be more desirable for such a change description?
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/process/submitting-patches.rst?h=v6.9-rc7#n94
Regards,
Markus
diff --git a/drivers/platform/x86/amd/pmf/tee-if.c b/drivers/platform/x86/amd/pmf/tee-if.c index b438de4d6bfc..1b53cabc9aa2 100644 --- a/drivers/platform/x86/amd/pmf/tee-if.c +++ b/drivers/platform/x86/amd/pmf/tee-if.c @@ -301,14 +301,9 @@ static ssize_t amd_pmf_get_pb_data(struct file *filp, const char __user *buf, return -EINVAL; /* re-alloc to the new buffer length of the policy binary */ - new_policy_buf = kzalloc(length, GFP_KERNEL); - if (!new_policy_buf) - return -ENOMEM; - - if (copy_from_user(new_policy_buf, buf, length)) { - kfree(new_policy_buf); - return -EFAULT; - } + new_policy_buf = memdup_user(buf, length); + if (IS_ERR(new_policy_buf)) + return PTR_ERR(new_policy_buf); kfree(dev->policy_buf); dev->policy_buf = new_policy_buf;
Switching to memdup_user() overwrites the allocated memory only once, whereas kzalloc() followed by copy_from_user() initializes the allocated memory to zero and then immediately overwrites it. Fixes the following Coccinelle/coccicheck warning reported by memdup_user.cocci: WARNING opportunity for memdup_user Signed-off-by: Thorsten Blum <thorsten.blum@toblux.com> --- drivers/platform/x86/amd/pmf/tee-if.c | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-)