diff options
| author | Dan Carpenter <error27@gmail.com> | 2010-10-08 08:53:48 -0400 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@suse.de> | 2010-10-08 10:29:54 -0400 |
| commit | bf58bd66f6212d838dda4384b8cd21337b47e363 (patch) | |
| tree | 489bde9df2b3c1eacf764ed681a850503e28f6cf /drivers | |
| parent | a1823f2ec3ffa86b7b3676bfd432b6da25298ff6 (diff) | |
Staging: bcm: return -EFAULT on copy_to_user() failures
There were a number of places in the bcm_char_ioctl() which returned the
number of bytes remaining to be copied instead of returning -EFAULT.
Signed-off-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Diffstat (limited to 'drivers')
| -rw-r--r-- | drivers/staging/bcm/Bcmchar.c | 68 |
1 files changed, 44 insertions, 24 deletions
diff --git a/drivers/staging/bcm/Bcmchar.c b/drivers/staging/bcm/Bcmchar.c index 38d21ebb287..77fdfe24d99 100644 --- a/drivers/staging/bcm/Bcmchar.c +++ b/drivers/staging/bcm/Bcmchar.c | |||
| @@ -533,6 +533,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 533 | if(Status) | 533 | if(Status) |
| 534 | { | 534 | { |
| 535 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Failed while copying the IOBufer from user space err:%d",Status); | 535 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Failed while copying the IOBufer from user space err:%d",Status); |
| 536 | Status = -EFAULT; | ||
| 536 | break; | 537 | break; |
| 537 | } | 538 | } |
| 538 | 539 | ||
| @@ -540,6 +541,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 540 | if(Status) | 541 | if(Status) |
| 541 | { | 542 | { |
| 542 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Failed while copying the InputBuffer from user space err:%d",Status); | 543 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Failed while copying the InputBuffer from user space err:%d",Status); |
| 544 | Status = -EFAULT; | ||
| 543 | break; | 545 | break; |
| 544 | } | 546 | } |
| 545 | //if LED thread is running(Actively or Inactively) set it state to make inactive | 547 | //if LED thread is running(Actively or Inactively) set it state to make inactive |
| @@ -574,11 +576,10 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 574 | Status = -EACCES; | 576 | Status = -EACCES; |
| 575 | break; | 577 | break; |
| 576 | } | 578 | } |
| 577 | if(copy_from_user((PCHAR)&IoBuffer, argp, sizeof(IOCTL_BUFFER))) | 579 | if(copy_from_user((PCHAR)&IoBuffer, argp, sizeof(IOCTL_BUFFER))) { |
| 578 | { | 580 | Status = -EFAULT; |
| 579 | Status = -EFAULT; | 581 | break; |
| 580 | break; | 582 | } |
| 581 | } | ||
| 582 | if(copy_from_user(&gpio_info, IoBuffer.InputBuffer, IoBuffer.InputLength)) | 583 | if(copy_from_user(&gpio_info, IoBuffer.InputBuffer, IoBuffer.InputLength)) |
| 583 | { | 584 | { |
| 584 | Status = -EFAULT; | 585 | Status = -EFAULT; |
| @@ -615,6 +616,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 615 | if(Status) | 616 | if(Status) |
| 616 | { | 617 | { |
| 617 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Failed while copying the IOBufer from user space err:%d",Status); | 618 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Failed while copying the IOBufer from user space err:%d",Status); |
| 619 | Status = -EFAULT; | ||
| 618 | break; | 620 | break; |
| 619 | } | 621 | } |
| 620 | 622 | ||
| @@ -622,6 +624,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 622 | if(Status) | 624 | if(Status) |
| 623 | { | 625 | { |
| 624 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Failed while copying the IOBufer Contents from user space err:%d",Status); | 626 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Failed while copying the IOBufer Contents from user space err:%d",Status); |
| 627 | Status = -EFAULT; | ||
| 625 | break; | 628 | break; |
| 626 | } | 629 | } |
| 627 | if(IsReqGpioIsLedInNVM(Adapter,pgpio_multi_info[WIMAX_IDX].uiGPIOMask)== FALSE) | 630 | if(IsReqGpioIsLedInNVM(Adapter,pgpio_multi_info[WIMAX_IDX].uiGPIOMask)== FALSE) |
| @@ -683,6 +686,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 683 | if(Status) | 686 | if(Status) |
| 684 | { | 687 | { |
| 685 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Failed while copying Content to IOBufer for user space err:%d",Status); | 688 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Failed while copying Content to IOBufer for user space err:%d",Status); |
| 689 | Status = -EFAULT; | ||
| 686 | break; | 690 | break; |
| 687 | } | 691 | } |
| 688 | } | 692 | } |
| @@ -704,6 +708,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 704 | if(Status) | 708 | if(Status) |
| 705 | { | 709 | { |
| 706 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Failed while copying the IOBufer from user space err:%d",Status); | 710 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Failed while copying the IOBufer from user space err:%d",Status); |
| 711 | Status = -EFAULT; | ||
| 707 | break; | 712 | break; |
| 708 | } | 713 | } |
| 709 | 714 | ||
| @@ -711,6 +716,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 711 | if(Status) | 716 | if(Status) |
| 712 | { | 717 | { |
| 713 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Failed while copying the IOBufer Contents from user space err:%d",Status); | 718 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Failed while copying the IOBufer Contents from user space err:%d",Status); |
| 719 | Status = -EFAULT; | ||
| 714 | break; | 720 | break; |
| 715 | } | 721 | } |
| 716 | 722 | ||
| @@ -763,6 +769,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 763 | if(Status) | 769 | if(Status) |
| 764 | { | 770 | { |
| 765 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Failed while copying Content to IOBufer for user space err:%d",Status); | 771 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Failed while copying Content to IOBufer for user space err:%d",Status); |
| 772 | Status = -EFAULT; | ||
| 766 | break; | 773 | break; |
| 767 | } | 774 | } |
| 768 | } | 775 | } |
| @@ -1322,7 +1329,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 1322 | if(Status) | 1329 | if(Status) |
| 1323 | { | 1330 | { |
| 1324 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Copy From User space failed. status :%d", Status); | 1331 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Copy From User space failed. status :%d", Status); |
| 1325 | return Status; | 1332 | return -EFAULT; |
| 1326 | } | 1333 | } |
| 1327 | uiSectorSize = *((PUINT)(IoBuffer.InputBuffer)); /* FIXME: unchecked __user access */ | 1334 | uiSectorSize = *((PUINT)(IoBuffer.InputBuffer)); /* FIXME: unchecked __user access */ |
| 1328 | if((uiSectorSize < MIN_SECTOR_SIZE) || (uiSectorSize > MAX_SECTOR_SIZE)) | 1335 | if((uiSectorSize < MIN_SECTOR_SIZE) || (uiSectorSize > MAX_SECTOR_SIZE)) |
| @@ -1334,7 +1341,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 1334 | if(Status) | 1341 | if(Status) |
| 1335 | { | 1342 | { |
| 1336 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Coping the sector size to use space failed. status:%d",Status); | 1343 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Coping the sector size to use space failed. status:%d",Status); |
| 1337 | return Status; | 1344 | return -EFAULT; |
| 1338 | } | 1345 | } |
| 1339 | } | 1346 | } |
| 1340 | else | 1347 | else |
| @@ -1347,7 +1354,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 1347 | if(Status) | 1354 | if(Status) |
| 1348 | { | 1355 | { |
| 1349 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Coping the sector size to use space failed. status:%d",Status); | 1356 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Coping the sector size to use space failed. status:%d",Status); |
| 1350 | return Status; | 1357 | return -EFAULT; |
| 1351 | } | 1358 | } |
| 1352 | 1359 | ||
| 1353 | } | 1360 | } |
| @@ -1383,13 +1390,14 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 1383 | if(Status) | 1390 | if(Status) |
| 1384 | { | 1391 | { |
| 1385 | BCM_DEBUG_PRINT (Adapter, DBG_TYPE_PRINTK, 0, 0, "Copy from user failed\n"); | 1392 | BCM_DEBUG_PRINT (Adapter, DBG_TYPE_PRINTK, 0, 0, "Copy from user failed\n"); |
| 1393 | Status = -EFAULT; | ||
| 1386 | break; | 1394 | break; |
| 1387 | } | 1395 | } |
| 1388 | Status = copy_from_user(&sUserDebugState,IoBuffer.InputBuffer, sizeof(USER_BCM_DBG_STATE)); | 1396 | Status = copy_from_user(&sUserDebugState,IoBuffer.InputBuffer, sizeof(USER_BCM_DBG_STATE)); |
| 1389 | if(Status) | 1397 | if(Status) |
| 1390 | { | 1398 | { |
| 1391 | BCM_DEBUG_PRINT (Adapter, DBG_TYPE_PRINTK, 0, 0, "Copy of IoBuffer.InputBuffer failed"); | 1399 | BCM_DEBUG_PRINT (Adapter, DBG_TYPE_PRINTK, 0, 0, "Copy of IoBuffer.InputBuffer failed"); |
| 1392 | return Status; | 1400 | return -EFAULT; |
| 1393 | } | 1401 | } |
| 1394 | 1402 | ||
| 1395 | BCM_DEBUG_PRINT (Adapter, DBG_TYPE_PRINTK, 0, 0, "IOCTL_BCM_SET_DEBUG: OnOff=%d Type = 0x%x ", | 1403 | BCM_DEBUG_PRINT (Adapter, DBG_TYPE_PRINTK, 0, 0, "IOCTL_BCM_SET_DEBUG: OnOff=%d Type = 0x%x ", |
| @@ -1448,7 +1456,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 1448 | if(copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER))) | 1456 | if(copy_from_user(&IoBuffer, argp, sizeof(IOCTL_BUFFER))) |
| 1449 | { | 1457 | { |
| 1450 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"copy_from_user failed\n"); | 1458 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"copy_from_user failed\n"); |
| 1451 | Status = -EFAULT; | 1459 | Status = -EFAULT; |
| 1452 | break; | 1460 | break; |
| 1453 | } | 1461 | } |
| 1454 | if(IOCTL_BCM_NVM_READ == cmd) | 1462 | if(IOCTL_BCM_NVM_READ == cmd) |
| @@ -1619,7 +1627,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 1619 | if(Status) | 1627 | if(Status) |
| 1620 | { | 1628 | { |
| 1621 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed"); | 1629 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed"); |
| 1622 | return Status ; | 1630 | return -EFAULT; |
| 1623 | } | 1631 | } |
| 1624 | 1632 | ||
| 1625 | //Reading FLASH 2.x READ structure | 1633 | //Reading FLASH 2.x READ structure |
| @@ -1627,7 +1635,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 1627 | if(Status) | 1635 | if(Status) |
| 1628 | { | 1636 | { |
| 1629 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of Input Buffer failed"); | 1637 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of Input Buffer failed"); |
| 1630 | return Status ; | 1638 | return -EFAULT; |
| 1631 | } | 1639 | } |
| 1632 | 1640 | ||
| 1633 | 1641 | ||
| @@ -1692,6 +1700,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 1692 | if(Status) | 1700 | if(Status) |
| 1693 | { | 1701 | { |
| 1694 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,"Copy to use failed with status :%d", Status); | 1702 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,"Copy to use failed with status :%d", Status); |
| 1703 | Status = -EFAULT; | ||
| 1695 | break; | 1704 | break; |
| 1696 | } | 1705 | } |
| 1697 | NOB = NOB - ReadBytes; | 1706 | NOB = NOB - ReadBytes; |
| @@ -1732,7 +1741,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 1732 | if(Status) | 1741 | if(Status) |
| 1733 | { | 1742 | { |
| 1734 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed"); | 1743 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed"); |
| 1735 | return Status; | 1744 | return -EFAULT; |
| 1736 | } | 1745 | } |
| 1737 | 1746 | ||
| 1738 | //Reading FLASH 2.x READ structure | 1747 | //Reading FLASH 2.x READ structure |
| @@ -1740,7 +1749,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 1740 | if(Status) | 1749 | if(Status) |
| 1741 | { | 1750 | { |
| 1742 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Reading of output Buffer from IOCTL buffer fails"); | 1751 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Reading of output Buffer from IOCTL buffer fails"); |
| 1743 | return Status; | 1752 | return -EFAULT; |
| 1744 | } | 1753 | } |
| 1745 | 1754 | ||
| 1746 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,"\nsFlash2xRead.Section :%x" ,sFlash2xWrite.Section); | 1755 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,"\nsFlash2xRead.Section :%x" ,sFlash2xWrite.Section); |
| @@ -1807,6 +1816,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 1807 | if(Status) | 1816 | if(Status) |
| 1808 | { | 1817 | { |
| 1809 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Copy to user failed with status :%d", Status); | 1818 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Copy to user failed with status :%d", Status); |
| 1819 | Status = -EFAULT; | ||
| 1810 | break ; | 1820 | break ; |
| 1811 | } | 1821 | } |
| 1812 | BCM_DEBUG_PRINT_BUFFER(Adapter,DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,pWriteBuff,WriteBytes); | 1822 | BCM_DEBUG_PRINT_BUFFER(Adapter,DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,pWriteBuff,WriteBytes); |
| @@ -1847,7 +1857,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 1847 | if(Status) | 1857 | if(Status) |
| 1848 | { | 1858 | { |
| 1849 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed"); | 1859 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed"); |
| 1850 | return Status; | 1860 | return -EFAULT; |
| 1851 | } | 1861 | } |
| 1852 | if(IoBuffer.OutputLength != sizeof(FLASH2X_BITMAP)) | 1862 | if(IoBuffer.OutputLength != sizeof(FLASH2X_BITMAP)) |
| 1853 | { | 1863 | { |
| @@ -1881,7 +1891,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 1881 | { | 1891 | { |
| 1882 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "copying Flash2x bitMap failed"); | 1892 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "copying Flash2x bitMap failed"); |
| 1883 | bcm_kfree(psFlash2xBitMap); | 1893 | bcm_kfree(psFlash2xBitMap); |
| 1884 | return Status; | 1894 | return -EFAULT; |
| 1885 | } | 1895 | } |
| 1886 | bcm_kfree(psFlash2xBitMap); | 1896 | bcm_kfree(psFlash2xBitMap); |
| 1887 | } | 1897 | } |
| @@ -1901,14 +1911,14 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 1901 | if(Status) | 1911 | if(Status) |
| 1902 | { | 1912 | { |
| 1903 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed"); | 1913 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed"); |
| 1904 | return Status; | 1914 | return -EFAULT; |
| 1905 | } | 1915 | } |
| 1906 | 1916 | ||
| 1907 | Status = copy_from_user(&eFlash2xSectionVal,IoBuffer.InputBuffer, sizeof(INT)); | 1917 | Status = copy_from_user(&eFlash2xSectionVal,IoBuffer.InputBuffer, sizeof(INT)); |
| 1908 | if(Status) | 1918 | if(Status) |
| 1909 | { | 1919 | { |
| 1910 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of flash section val failed"); | 1920 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of flash section val failed"); |
| 1911 | return Status; | 1921 | return -EFAULT; |
| 1912 | } | 1922 | } |
| 1913 | 1923 | ||
| 1914 | down(&Adapter->NVMRdmWrmLock); | 1924 | down(&Adapter->NVMRdmWrmLock); |
| @@ -1945,13 +1955,13 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 1945 | if(Status) | 1955 | if(Status) |
| 1946 | { | 1956 | { |
| 1947 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Copy of IOCTL BUFFER failed"); | 1957 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Copy of IOCTL BUFFER failed"); |
| 1948 | return Status; | 1958 | return -EFAULT; |
| 1949 | } | 1959 | } |
| 1950 | Status = copy_from_user((PCHAR)section,(PCHAR)&IoBuffer, sizeof(INT)); | 1960 | Status = copy_from_user((PCHAR)section,(PCHAR)&IoBuffer, sizeof(INT)); |
| 1951 | if(Status) | 1961 | if(Status) |
| 1952 | { | 1962 | { |
| 1953 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Copy of section type failed failed"); | 1963 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Copy of section type failed failed"); |
| 1954 | return Status; | 1964 | return -EFAULT; |
| 1955 | } | 1965 | } |
| 1956 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,"Read Section :%d", section); | 1966 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,"Read Section :%d", section); |
| 1957 | if(section == DSD) | 1967 | if(section == DSD) |
| @@ -1979,14 +1989,14 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 1979 | if(Status) | 1989 | if(Status) |
| 1980 | { | 1990 | { |
| 1981 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed Status :%d", Status); | 1991 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed Status :%d", Status); |
| 1982 | return Status; | 1992 | return -EFAULT; |
| 1983 | } | 1993 | } |
| 1984 | 1994 | ||
| 1985 | Status = copy_from_user(&sCopySectStrut,IoBuffer.InputBuffer, sizeof(FLASH2X_COPY_SECTION)); | 1995 | Status = copy_from_user(&sCopySectStrut,IoBuffer.InputBuffer, sizeof(FLASH2X_COPY_SECTION)); |
| 1986 | if(Status) | 1996 | if(Status) |
| 1987 | { | 1997 | { |
| 1988 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of Copy_Section_Struct failed with Status :%d", Status); | 1998 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of Copy_Section_Struct failed with Status :%d", Status); |
| 1989 | return Status; | 1999 | return -EFAULT; |
| 1990 | } | 2000 | } |
| 1991 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Source SEction :%x", sCopySectStrut.SrcSection); | 2001 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Source SEction :%x", sCopySectStrut.SrcSection); |
| 1992 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Destination SEction :%x", sCopySectStrut.DstSection); | 2002 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL, "Destination SEction :%x", sCopySectStrut.DstSection); |
| @@ -2057,6 +2067,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 2057 | if(Status) | 2067 | if(Status) |
| 2058 | { | 2068 | { |
| 2059 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed"); | 2069 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed"); |
| 2070 | Status = -EFAULT; | ||
| 2060 | break; | 2071 | break; |
| 2061 | } | 2072 | } |
| 2062 | if(Adapter->eNVMType != NVM_FLASH) | 2073 | if(Adapter->eNVMType != NVM_FLASH) |
| @@ -2079,6 +2090,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 2079 | if(Status) | 2090 | if(Status) |
| 2080 | { | 2091 | { |
| 2081 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "copying Flash2x cs info failed"); | 2092 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "copying Flash2x cs info failed"); |
| 2093 | Status = -EFAULT; | ||
| 2082 | break; | 2094 | break; |
| 2083 | } | 2095 | } |
| 2084 | } | 2096 | } |
| @@ -2094,6 +2106,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 2094 | if(Status) | 2106 | if(Status) |
| 2095 | { | 2107 | { |
| 2096 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "copying Flash CS info failed"); | 2108 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "copying Flash CS info failed"); |
| 2109 | Status = -EFAULT; | ||
| 2097 | break; | 2110 | break; |
| 2098 | } | 2111 | } |
| 2099 | 2112 | ||
| @@ -2117,13 +2130,13 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 2117 | if(Status) | 2130 | if(Status) |
| 2118 | { | 2131 | { |
| 2119 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed"); | 2132 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed"); |
| 2120 | return Status; | 2133 | return -EFAULT; |
| 2121 | } | 2134 | } |
| 2122 | Status = copy_from_user(&eFlash2xSectionVal,IoBuffer.InputBuffer, sizeof(INT)); | 2135 | Status = copy_from_user(&eFlash2xSectionVal,IoBuffer.InputBuffer, sizeof(INT)); |
| 2123 | if(Status) | 2136 | if(Status) |
| 2124 | { | 2137 | { |
| 2125 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of flash section val failed"); | 2138 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of flash section val failed"); |
| 2126 | return Status; | 2139 | return -EFAULT; |
| 2127 | } | 2140 | } |
| 2128 | 2141 | ||
| 2129 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,"Read Section :%d", eFlash2xSectionVal); | 2142 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,"Read Section :%d", eFlash2xSectionVal); |
| @@ -2234,6 +2247,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 2234 | if(Status) | 2247 | if(Status) |
| 2235 | { | 2248 | { |
| 2236 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Copy to use failed with status :%d", Status); | 2249 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"Copy to use failed with status :%d", Status); |
| 2250 | Status = -EFAULT; | ||
| 2237 | break; | 2251 | break; |
| 2238 | } | 2252 | } |
| 2239 | NOB = NOB - ReadBytes; | 2253 | NOB = NOB - ReadBytes; |
| @@ -2259,6 +2273,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 2259 | if(Status) | 2273 | if(Status) |
| 2260 | { | 2274 | { |
| 2261 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,"copy of Ioctl buffer is failed from user space"); | 2275 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,"copy of Ioctl buffer is failed from user space"); |
| 2276 | Status = -EFAULT; | ||
| 2262 | break; | 2277 | break; |
| 2263 | } | 2278 | } |
| 2264 | 2279 | ||
| @@ -2266,6 +2281,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 2266 | if(Status) | 2281 | if(Status) |
| 2267 | { | 2282 | { |
| 2268 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,"copy of control bit mask failed from user space"); | 2283 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,"copy of control bit mask failed from user space"); |
| 2284 | Status = -EFAULT; | ||
| 2269 | break; | 2285 | break; |
| 2270 | } | 2286 | } |
| 2271 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,"\n Got user defined cntrl msg bit mask :%lx", RxCntrlMsgBitMask); | 2287 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_OTHERS, OSAL_DBG, DBG_LVL_ALL,"\n Got user defined cntrl msg bit mask :%lx", RxCntrlMsgBitMask); |
| @@ -2288,6 +2304,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 2288 | if(Status) | 2304 | if(Status) |
| 2289 | { | 2305 | { |
| 2290 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed"); | 2306 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed"); |
| 2307 | Status = -EFAULT; | ||
| 2291 | break; | 2308 | break; |
| 2292 | } | 2309 | } |
| 2293 | if(IoBuffer.OutputLength < sizeof(DevInfo)) | 2310 | if(IoBuffer.OutputLength < sizeof(DevInfo)) |
| @@ -2301,6 +2318,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 2301 | if(Status) | 2318 | if(Status) |
| 2302 | { | 2319 | { |
| 2303 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"copying Dev info structure to user space buffer failed"); | 2320 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"copying Dev info structure to user space buffer failed"); |
| 2321 | Status = -EFAULT; | ||
| 2304 | break; | 2322 | break; |
| 2305 | } | 2323 | } |
| 2306 | } | 2324 | } |
| @@ -2317,6 +2335,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 2317 | if(Status) | 2335 | if(Status) |
| 2318 | { | 2336 | { |
| 2319 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed"); | 2337 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0, "Copy of IOCTL BUFFER failed"); |
| 2338 | Status = -EFAULT; | ||
| 2320 | break; | 2339 | break; |
| 2321 | } | 2340 | } |
| 2322 | if(IoBuffer.OutputLength < sizeof(ST_TIME_ELAPSED)) | 2341 | if(IoBuffer.OutputLength < sizeof(ST_TIME_ELAPSED)) |
| @@ -2334,6 +2353,7 @@ static long bcm_char_ioctl(struct file *filp, UINT cmd, ULONG arg) | |||
| 2334 | if(Status) | 2353 | if(Status) |
| 2335 | { | 2354 | { |
| 2336 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"copying ST_TIME_ELAPSED structure to user space buffer failed"); | 2355 | BCM_DEBUG_PRINT(Adapter,DBG_TYPE_PRINTK, 0, 0,"copying ST_TIME_ELAPSED structure to user space buffer failed"); |
| 2356 | Status = -EFAULT; | ||
| 2337 | break; | 2357 | break; |
| 2338 | } | 2358 | } |
| 2339 | 2359 | ||