diff options
author | Geert Uytterhoeven <geert@linux-m68k.org> | 2014-05-01 14:40:54 -0400 |
---|---|---|
committer | Brian Norris <computersforpeace@gmail.com> | 2014-05-20 19:35:29 -0400 |
commit | f62cde49f9f02d6c205ab310b8fd4a29ddc49329 (patch) | |
tree | 0f0e1efecfba18539eb0490d21d48bb746ace83c /drivers/mtd | |
parent | f306e8c3b667632952f1a4a74ffb910bbc06255f (diff) |
mtd: Fix warning in access_ok() parameter passing
On m68k, where access_ok() doesn't cast the address parameter:
drivers/mtd/mtdchar.c: In function 'mtdchar_write_ioctl':
drivers/mtd/mtdchar.c:575:4: warning: passing argument 2 of 'access_ok' makes pointer from integer without a cast [enabled by default]
arch/m68k/include/asm/uaccess_mm.h:17:90: note: expected 'const void *' but argument is of type '__u64'
drivers/mtd/mtdchar.c:576:4: warning: passing argument 2 of 'access_ok' makes pointer from integer without a cast [enabled by default]
arch/m68k/include/asm/uaccess_mm.h:17:90: note: expected 'const void *' but argument is of type '__u64'
The address parameter of access_ok() is really a userspace pointer.
On most architectures, access_ok() is a macro that casts the address
parameter, hiding issues in its users.
Move around and use the existing usr_data and usr_oob temporary variables
to kill the warnings. Add a few "consts", and make more use of the
temporaries while we're at it.
Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: Brian Norris <computersforpeace@gmail.com>
Diffstat (limited to 'drivers/mtd')
-rw-r--r-- | drivers/mtd/mtdchar.c | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/drivers/mtd/mtdchar.c b/drivers/mtd/mtdchar.c index 7d4e7b9da3a1..a0f54e80670c 100644 --- a/drivers/mtd/mtdchar.c +++ b/drivers/mtd/mtdchar.c | |||
@@ -568,13 +568,18 @@ static int mtdchar_write_ioctl(struct mtd_info *mtd, | |||
568 | { | 568 | { |
569 | struct mtd_write_req req; | 569 | struct mtd_write_req req; |
570 | struct mtd_oob_ops ops; | 570 | struct mtd_oob_ops ops; |
571 | void __user *usr_data, *usr_oob; | 571 | const void __user *usr_data, *usr_oob; |
572 | int ret; | 572 | int ret; |
573 | 573 | ||
574 | if (copy_from_user(&req, argp, sizeof(req)) || | 574 | if (copy_from_user(&req, argp, sizeof(req))) |
575 | !access_ok(VERIFY_READ, req.usr_data, req.len) || | ||
576 | !access_ok(VERIFY_READ, req.usr_oob, req.ooblen)) | ||
577 | return -EFAULT; | 575 | return -EFAULT; |
576 | |||
577 | usr_data = (const void __user *)(uintptr_t)req.usr_data; | ||
578 | usr_oob = (const void __user *)(uintptr_t)req.usr_oob; | ||
579 | if (!access_ok(VERIFY_READ, usr_data, req.len) || | ||
580 | !access_ok(VERIFY_READ, usr_oob, req.ooblen)) | ||
581 | return -EFAULT; | ||
582 | |||
578 | if (!mtd->_write_oob) | 583 | if (!mtd->_write_oob) |
579 | return -EOPNOTSUPP; | 584 | return -EOPNOTSUPP; |
580 | 585 | ||
@@ -583,10 +588,7 @@ static int mtdchar_write_ioctl(struct mtd_info *mtd, | |||
583 | ops.ooblen = (size_t)req.ooblen; | 588 | ops.ooblen = (size_t)req.ooblen; |
584 | ops.ooboffs = 0; | 589 | ops.ooboffs = 0; |
585 | 590 | ||
586 | usr_data = (void __user *)(uintptr_t)req.usr_data; | 591 | if (usr_data) { |
587 | usr_oob = (void __user *)(uintptr_t)req.usr_oob; | ||
588 | |||
589 | if (req.usr_data) { | ||
590 | ops.datbuf = memdup_user(usr_data, ops.len); | 592 | ops.datbuf = memdup_user(usr_data, ops.len); |
591 | if (IS_ERR(ops.datbuf)) | 593 | if (IS_ERR(ops.datbuf)) |
592 | return PTR_ERR(ops.datbuf); | 594 | return PTR_ERR(ops.datbuf); |
@@ -594,7 +596,7 @@ static int mtdchar_write_ioctl(struct mtd_info *mtd, | |||
594 | ops.datbuf = NULL; | 596 | ops.datbuf = NULL; |
595 | } | 597 | } |
596 | 598 | ||
597 | if (req.usr_oob) { | 599 | if (usr_oob) { |
598 | ops.oobbuf = memdup_user(usr_oob, ops.ooblen); | 600 | ops.oobbuf = memdup_user(usr_oob, ops.ooblen); |
599 | if (IS_ERR(ops.oobbuf)) { | 601 | if (IS_ERR(ops.oobbuf)) { |
600 | kfree(ops.datbuf); | 602 | kfree(ops.datbuf); |