From patchwork Wed Jul 6 06:55:38 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dan Carpenter X-Patchwork-Id: 588088 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 72D3AC433EF for ; Wed, 6 Jul 2022 06:56:34 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230309AbiGFG4d (ORCPT ); Wed, 6 Jul 2022 02:56:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49692 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229530AbiGFG4c (ORCPT ); Wed, 6 Jul 2022 02:56:32 -0400 Received: from mx0a-00069f02.pphosted.com (mx0a-00069f02.pphosted.com [205.220.165.32]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0AD5B1BE8A; Tue, 5 Jul 2022 23:56:32 -0700 (PDT) Received: from pps.filterd (m0246617.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 266641mY017821; Wed, 6 Jul 2022 06:55:53 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=date : from : to : cc : subject : message-id : content-type : mime-version; s=corp-2021-07-09; bh=4JaVe1IloRwpGT4ikJwSfLNPbCSJw1NZ3MZO9TgHlTs=; b=oXImPXy1rHHv8AZdbxSiIH1mIYKF8KchkkCzuVfnXBRuYL4ZuoKQUSqNJNfnAD1s3fGS ualnMgTpuahDZIIcXBJRFZJQ+yWEMDpHUb2j29YTRw6forGvurOZe5DKLW5QBY6UYNzk dH4Z8nTLKzyKmrIzY3msO+FWYLigwD4EBCO8SpSgKoq34vDtZc5oM+xR7R1V3AM0Ov/F 5tChEbYdj0+jXVyueOFoDDfwXC7tA1idJs/iSbJ25DLenRunV9b1PIvtIn1Ej7UoG5FZ Fwx+qvfuVTKcQIXcJKjpmMhcH1ldOu7mnePdbzkDKgv++ZQDdogjcecCggye0HcFxKab 3w== Received: from iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com (iadpaimrmta02.appoci.oracle.com [147.154.18.20]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 3h4ubyh2dw-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 06 Jul 2022 06:55:52 +0000 Received: from pps.filterd (iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com [127.0.0.1]) by iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com (8.16.1.2/8.16.1.2) with SMTP id 2666fBKI028419; Wed, 6 Jul 2022 06:55:51 GMT Received: from nam11-dm6-obe.outbound.protection.outlook.com (mail-dm6nam11lp2177.outbound.protection.outlook.com [104.47.57.177]) by iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com with ESMTP id 3h4ud0jjgh-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 06 Jul 2022 06:55:51 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Kxfai07+pt0CUO1luyNrpjc7kPOue4uIBwxumceOEONAVyB30ONqPKAOmJSLF2FMPsdykwwInXiHX5GM9s2Yht3CcjRn+w0TAPbTrjdxpbZ3pcCW0xm9cAKNSRdcgfTGxZykYIi5X8vMbVnJjVp+XGMSE2PTC4OwDiq761D+UYpy2UNyI+A3npIDr44c/qChTWE4icIMGm1iqa07Mhh6mqGdOL5zEi6+cItLdp4A4K2KszW4Jsq4VjaokKqbPBqqIUKcuheCty8vt0ht8Pi12yua+Q5RZN4AUN/Ojg99h9XaRxe6SLHo3b3SnJcDnKl0vwEyDCC3ys7EM1fQHkDR0g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=4JaVe1IloRwpGT4ikJwSfLNPbCSJw1NZ3MZO9TgHlTs=; b=B01vAYIjK2mYP3/fwi6cC2YGOtiaL5rmug4rsjdjvaR2wq2Y6FVJ7jRjtWBdw+EpY8oKtkRxzGsqhscIVNr/6Ol9t9jnPUH0csI5WL94NqKqfAWiRZf8cQah2WNdE9pS/o3YVPeeg2MXI0QuY4vPz+IMaz+kgSgXno5TSQEQx/zJgrgPM9YHcVdReJYfUu9ho5K+lZ8oli8otdLNoItpPSNUrZBog71kUmYhClxkdy49Chs5NmphHTRL9K5Dee5Nz1h2XrbV3hNLXFSQ2rM9knQNfLN7yEG0R6BGIL4hTozj0FpOMKGyl554q8Jkg0fD1tFCA1d2sytM/XSukXJDww== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oracle.com; dmarc=pass action=none header.from=oracle.com; dkim=pass header.d=oracle.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.onmicrosoft.com; s=selector2-oracle-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4JaVe1IloRwpGT4ikJwSfLNPbCSJw1NZ3MZO9TgHlTs=; b=ZbHswLCDrohCi2AOkZG6nh9xoW53Y0F/KdVdtpaZjBU+cgmtqG9SB/XeQpn+aSozhkxlAOHP2TChwPB2XGeO6px4cjjs8DEMJ3SEWopMr6R8DCn5sHjozxD6PsK76M29jtfbX72WKq4KJSEc4bi53q3bexjsBseitO9722rl+t4= Received: from MWHPR1001MB2365.namprd10.prod.outlook.com (2603:10b6:301:2d::28) by CO1PR10MB4642.namprd10.prod.outlook.com (2603:10b6:303:6f::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5395.15; Wed, 6 Jul 2022 06:55:49 +0000 Received: from MWHPR1001MB2365.namprd10.prod.outlook.com ([fe80::5020:9b82:5917:40b]) by MWHPR1001MB2365.namprd10.prod.outlook.com ([fe80::5020:9b82:5917:40b%6]) with mapi id 15.20.5395.021; Wed, 6 Jul 2022 06:55:49 +0000 Date: Wed, 6 Jul 2022 09:55:38 +0300 From: Dan Carpenter To: Kalle Valo , Jiri Slaby Cc: Paolo Abeni , Johannes Berg , Vladimir Kondratiev , "John W. Linville" , linux-wireless@vger.kernel.org, kernel-janitors@vger.kernel.org Subject: [PATCH 1/2] wil6210: debugfs: fix info leak in wil_write_file_wmi() Message-ID: Content-Disposition: inline X-Mailer: git-send-email haha only kidding X-ClientProxiedBy: ZR0P278CA0174.CHEP278.PROD.OUTLOOK.COM (2603:10a6:910:45::20) To MWHPR1001MB2365.namprd10.prod.outlook.com (2603:10b6:301:2d::28) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 7c99d74e-89fc-4500-7253-08da5f1c8ee7 X-MS-TrafficTypeDiagnostic: CO1PR10MB4642:EE_ X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: fz3+DYDphidgct4FFabBIYyKnQt11sNPOs0xnTB+k9lmOk+EhIo4sLkTXtYPpb2lcUrkYXNgriLIkGXNko1cvIYkYn5nBV/UYSNX1L52IINRIsQDktlE623O+PyLQgLKWHW0DmDVYfq1unkQledqEN2UHf/TjsDLTnwGIyLjWDUp+aGg+RdFTDegnJRc89SQtmO6ilYc/sMhR++0EMzenW2KIJJ64VhY1rdgPX4VG4+ycHgkq8a76ZqYggsVWVlzYZtK0gW0jizhtY/3R/lEVHpnkzaVWShTX2Yz8P0iqgCVsclXSVuJnOc5wrNeboHiR3EadNvLmhORi6FuMScCyyWk6gsjIJ2zChDYgeRGMQXbIFlNKk/K34uZziKxG4GA8EHyEwtKgkpckhe4CDmhwHRPWJvgB7nlstImCk3VrQs5SVndRL2VcGWIbBJ5vCUXCfA/df0vcUBL2mxqcatfyWpxF41yiml9jbVl0P59MDEp6cYfvvOJ7YLep1+0XokK8AwZ9nkT2vC8ahYuejI7K/uM+GnhPtKJ+Xc1UJdT0rNdj4WBtU3+J6hytoLJGpfXeUTao+R7lZAa5FebYGl/2RyM4b4WEROeUpf7QG9/h2XYrsIT4aMbPd70xOfPyXjlasHzgvo1oxQFuAjqBOq6PmfWBBWNDejLfS6aXmM17wsJNeX0vtaN0L1zKSGzhhCvaHBSxMzp6cDoSg06tcaIsnWFzYcrRF8ksgh4dFvSH4XTicO4DlVZzyYB0MywLD7KI5WZhndmFougx8xUY3DniV0HO6oh1EFh84YosEyER75WWtrdhd7YskEAsCNMpwYN X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MWHPR1001MB2365.namprd10.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(7916004)(136003)(346002)(376002)(396003)(366004)(39860400002)(478600001)(38100700002)(38350700002)(6486002)(186003)(6506007)(41300700001)(6666004)(52116002)(110136005)(2906002)(66556008)(316002)(54906003)(8936002)(5660300002)(44832011)(86362001)(6512007)(26005)(9686003)(83380400001)(66946007)(66476007)(33716001)(4326008)(8676002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: o6j7nc5AJdB0MLJ0YPCDOTAKVmpmKDoMkUWlBYlQo3U5N2nkrxvURmz2X4zxwrNenjHn3vIH4TMD0yi/MJQMsW/iFuwcoLqKo2CXUmf79X7Y5yoh+NZlON+S+UEdYUvC4aMrtKP6GJL15akvXTx8qNdxMoJd+MTnLZMI8TeSibLlOO/egKAOhEOgI1n3Mb/L7GXc59slm3tktH+ifjCtRlfit89tcxE4YUShVura5luxVNDOKvw/n2I3H15ZoeTbidFHjQBOYQVJnCiDBmb8vtshdB8o4i6qP9ANc/15Kjw3tA99aljhWkGDY6hC9uyoC4LT1EfqRhDCbcSHIMhMQ1Cy/dVRmKGrJkNJJqSC45UaIlP98mmdqdzBbHH1cjAn2H7P6PTXiimi2NBMj4uawmN9hzNtsXEwPgs4XmGyMaJKAV7CEjaQxJrBPA9JZoUufyhFMlJqA6DUKoN0/B4jyjrekMiARU4YOnMzfnJbmf7p7RwfxoQzO2s0tVqyLBVDRHyX1rM7TU6+xtaa7zWGy94yF1LAxsVktTgW13q2OwsH1SBKUUqsuscfbMZ7Jb7AcvvCSiVRboJpr814znvqk7IXTQSOzxjmE8T7Sv8STTM0ECPVJPSuEm40HLwHpKCrHg0jRgyAiDqsE40CEtwkKr7YZFvRQQX94xDsjbGmRRcrKiw4xf1zNlkRC12lIxKhxdS52QIXGVenHeqfrKTtpeI3fbflEZ/QOW7oRMYpAk2JAPtzqFUzFTTEp9gOOAfqdIEmw12WY+KYiuxV68Tv3zPTSSJ5JhSLsovZtzgp3Kt+BAstjD3Hu8DIIbQogHTIExxrmFGGqW9eYBhwYrQRA7NoXWRcZPP1zM5FTjuO5PfEAQr6w+HGF1qcOBfOODCqqp3/8pyblrCX+0lsGmQxW8oA8Nsm0hGRAUiXF7Y5kh/mYdQHTrP4NK45qFzoJeqfb1F1M2q8JVizvVdK4ZttHW9nEW0UGjU5uBvcQvBy/qy0ZNwd5Dc2Cgtb1Hq1PgJQjHJQNT1Tj8xbya7N0xy94Qfsru6fEurO28pxiuZUfuZmEg85V2oeXRuR859gTcfOdSlQU9nsNtihQlp0zFAW0Sm7m9uzCkch3DrWpCY2NC6Q3vvyFG180fbmK0cNVyrdLdywznxqOZ12YNG19DxnYbMIAC4bqMWh2sircP+PIaVNXYcP1QgRKahyKYDRC1NG/2iHEl5wBP1uJGb76laSAVYaRlEFFpOZaYQsjB414J/sSddVDgqWZ0a9wG8UBYFdZ786Um7EluFfpKIMyTI0fr5yXxaJk07XfJbahuHYItWHmAcGJGlfxHUZ/AEwzKN9XgkTZ5bND+J+25/Dan8KjzqGGs+ExZMwBmFsEZ8XzWqL8k/wDKyc1mhPFryPtEX8rRS+0bgXe3RoZrgUDFbdBl+knah3/ggwfoEizk6xlcv/s3/DA2xG7/Us04b2F5SdX7ctLArv/P/pml65FqlvHcQUFQMJ+gG7T3Jp2cJyp/utbY40MPXt+hDAEImlUHW0wplHBmbMxFnsw/IU9Zt/omtAydcAXbUz4n1HPL8Ksmm/H9oTAC/2rUUPhFEGd5TUobaL+sN7oq/L4QWe9Vcpuw== X-OriginatorOrg: oracle.com X-MS-Exchange-CrossTenant-Network-Message-Id: 7c99d74e-89fc-4500-7253-08da5f1c8ee7 X-MS-Exchange-CrossTenant-AuthSource: MWHPR1001MB2365.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Jul 2022 06:55:49.0570 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: iH9+1EH+C9cedEEySR4tpvjIosPC9iehd2R2G7xTSh3CFf8BOoV9BE7aPcW/u78iYsDFw8lP/vkT2Rq6vnX+SdabAheRwnEtzTiGpyTT+c4= X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO1PR10MB4642 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.517, 18.0.883 definitions=2022-07-06_03:2022-06-28, 2022-07-06 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 adultscore=0 spamscore=0 phishscore=0 malwarescore=0 mlxscore=0 mlxlogscore=999 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2206140000 definitions=main-2207060025 X-Proofpoint-GUID: syK9cHyjw6R_9moI7nzZTzfdz0ufT8wP X-Proofpoint-ORIG-GUID: syK9cHyjw6R_9moI7nzZTzfdz0ufT8wP Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org The simple_write_to_buffer() function will succeed if even a single byte is initialized. However we need to initialize the whole buffer to prevent information leaks. Just use memdup_user(). Fixes: ff974e408334 ("wil6210: debugfs interface to send raw WMI command") Signed-off-by: Dan Carpenter --- drivers/net/wireless/ath/wil6210/debugfs.c | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/drivers/net/wireless/ath/wil6210/debugfs.c b/drivers/net/wireless/ath/wil6210/debugfs.c index 64d6c98174c8..fe84362718de 100644 --- a/drivers/net/wireless/ath/wil6210/debugfs.c +++ b/drivers/net/wireless/ath/wil6210/debugfs.c @@ -1012,18 +1012,12 @@ static ssize_t wil_write_file_wmi(struct file *file, const char __user *buf, u16 cmdid; int rc, rc1; - if (cmdlen < 0) + if (cmdlen < 0 || *ppos != 0) return -EINVAL; - wmi = kmalloc(len, GFP_KERNEL); - if (!wmi) - return -ENOMEM; - - rc = simple_write_to_buffer(wmi, len, ppos, buf, len); - if (rc < 0) { - kfree(wmi); - return rc; - } + wmi = memdup_user(buf, len); + if (IS_ERR(wmi)) + return PTR_ERR(wmi); cmd = (cmdlen > 0) ? &wmi[1] : NULL; cmdid = le16_to_cpu(wmi->command_id); From patchwork Wed Jul 6 06:57:57 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dan Carpenter X-Patchwork-Id: 588501 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5949EC433EF for ; Wed, 6 Jul 2022 06:58:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230324AbiGFG6S (ORCPT ); Wed, 6 Jul 2022 02:58:18 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51770 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229477AbiGFG6R (ORCPT ); Wed, 6 Jul 2022 02:58:17 -0400 Received: from mx0a-00069f02.pphosted.com (mx0a-00069f02.pphosted.com [205.220.165.32]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 636371EEE8; Tue, 5 Jul 2022 23:58:16 -0700 (PDT) Received: from pps.filterd (m0246617.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 26663xAd017792; Wed, 6 Jul 2022 06:58:11 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=date : from : to : cc : subject : message-id : content-type : in-reply-to : mime-version; s=corp-2021-07-09; bh=tR3jzeOMJt9anu1IGdXT541N5aQ1c8Mpot8gUs2hobg=; b=rI+v0cCtTKXhIXDd+jxuVYk13E3PyM1lFZRW0b71V6lipDBI4hLzeZGtitiasHkuRzox TROKO8s70DAbPPByAQ0cG6bNB67bG2Yd+49/aBAtGkAqqOZhKWmxXOTOd5Y5V30Wz9O8 feKIEWNYtbgJVLVLKM5oIA/5xxxRpQK0tbliM0P1ioOjnhtR5xA8G95nLu1OICtNsT6v TmrfmZGimq57fgFzCvKq6dgg0SCzkxrKVWSmSBHyFk8bFM3jzP8/UhMKhUEtp5b5+svq opQcLGCYSEviWhy1KpD+RZNCoq4leExvrwjJyhXn1cOvYr2FJCvz/Vdsxt3lSpARE3li Kw== Received: from phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (phxpaimrmta03.appoci.oracle.com [138.1.37.129]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 3h4ubyh2hh-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 06 Jul 2022 06:58:10 +0000 Received: from pps.filterd (phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com [127.0.0.1]) by phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (8.16.1.2/8.16.1.2) with SMTP id 2666g5QH025481; Wed, 6 Jul 2022 06:58:10 GMT Received: from nam11-dm6-obe.outbound.protection.outlook.com (mail-dm6nam11lp2177.outbound.protection.outlook.com [104.47.57.177]) by phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com with ESMTP id 3h4udeah2h-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 06 Jul 2022 06:58:10 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=bgCBen1X+NsBd3BACt17/CXTldZOBU1dbPL41VoZzx5El/7gMfA1YSPEJQPf4/U1vXnK9CdhCy27sxleKDiKcIWHU8p6oe8eGxk4eGb/MfFrrtfTEHE3mPRJHSR9CFV9BXcwl/nwcdCXwG+CSYDnDVChgPh+CQ7HAlRJJcu/+g76G00U994dgctQAqmg9YsjJYWnbTOvy9Vh5c6cO9x3qugmD+JNCMXINrbY98Oti0dJM3f3+YSmkbnsNJs4fgRyLv5qsspl5/waR6VPorROlUdI7REmkZM5BELr/el9rVTMH/EYiDEBJpF9LobbTlMJoK9o7rAQL8oiV6CTGYQq5Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=tR3jzeOMJt9anu1IGdXT541N5aQ1c8Mpot8gUs2hobg=; b=C+7G61ZZjtI2yScrkex1/zq25BBUzni+XFiplbA3moGDKOLOC9lufMTFmLzLZhIPEdzhTZXHLUum0eHE6tq98uSCgc2fMwP9qf1u6ES22dndci5TgEjcKrJY5SzvIRcEydH7bZzXXsn+VevT2bfCptxUxSie0IHM6ga5RUeSCHZ+bK3cUNrnz06Ecq1lHnRToSbnyLtFu31sTHWapN9+aKjwlV75Ejbyna2xqvzmzQLckKcgd5bVt2elcyDuXyqu/K2DMg6kVs34XlewSPcdE6GJNa6Z16LkDI+WtNle+2PmpvD58SrKEewooF0Np/6bdan0OxzfuSc87eGbxVHTiA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oracle.com; dmarc=pass action=none header.from=oracle.com; dkim=pass header.d=oracle.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.onmicrosoft.com; s=selector2-oracle-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tR3jzeOMJt9anu1IGdXT541N5aQ1c8Mpot8gUs2hobg=; b=MVDEnwIApGxndSdSHZWO/8EBE7Ukoqjsab98Rf4eRR4M+V5LNiGMXvrZpZGZd1QEpJLbxw5kwjOZYIlAXspyCnLfE2RB0RMTmkMLCNiHiD+YGffWNUd6thEapuUoYFjwcdcguFhV31SXwGRIZQzBD9cE8bjWypMBOb3CxRyM8cc= Received: from MWHPR1001MB2365.namprd10.prod.outlook.com (2603:10b6:301:2d::28) by CO1PR10MB4642.namprd10.prod.outlook.com (2603:10b6:303:6f::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5395.15; Wed, 6 Jul 2022 06:58:08 +0000 Received: from MWHPR1001MB2365.namprd10.prod.outlook.com ([fe80::5020:9b82:5917:40b]) by MWHPR1001MB2365.namprd10.prod.outlook.com ([fe80::5020:9b82:5917:40b%6]) with mapi id 15.20.5395.021; Wed, 6 Jul 2022 06:58:08 +0000 Date: Wed, 6 Jul 2022 09:57:57 +0300 From: Dan Carpenter To: Kalle Valo , Jiri Slaby Cc: Paolo Abeni , Johannes Berg , linux-wireless@vger.kernel.org, kernel-janitors@vger.kernel.org Subject: [PATCH 2/2] wil6210: debugfs: replace in wil_link_stats_write() in wil_link_stats_write() Message-ID: Content-Disposition: inline In-Reply-To: X-Mailer: git-send-email haha only kidding X-ClientProxiedBy: ZR0P278CA0147.CHEP278.PROD.OUTLOOK.COM (2603:10a6:910:41::21) To MWHPR1001MB2365.namprd10.prod.outlook.com (2603:10b6:301:2d::28) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: bcbe0844-3f7d-4380-5ff2-08da5f1ce1fe X-MS-TrafficTypeDiagnostic: CO1PR10MB4642:EE_ X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: S27EbYr6LiV6GNd8XovPuY5JKltVG3FPTfHdoRjcD2ifDH6yWFGi4nIh+Vnf0F476rfxS15IjUVKUPrkRJYt7FBuW4s709P/2lLLOxmpIt3Gdg/LLmQ138vUHQJwbyJHazpkmovVNB1Mhdgs1wpDAcsyfajyx01DPPeaipdyxYDY32si9XbRts7TaLOxBRr7zzVxbrRo+T3ZsNE4k20mMEp+ZU2ekW9t9iRo85Www6wvdm+GOV5RWRjqzYXsI+b8WQMTReZ2SEBhyYH3pgLxSlbwqP2wmIKGs3nq/ZnGPUKzJMqoNRsU7tuJBkaFeWvgFw4lBgk81OpGPUrg/Rsm3Tzh/qq4FnyOp3djhsYHY69hwNj7yqo4xL4cZLTxNPSBe6/oHEvvJd9iL3+pb3KO0QVYQ1LmM9RmKutzDU54ny4ZtPVsS2s2p2Gr0SuyHieHnbZHlZSj9/pNSIRdValr2zoQqubCgqbXyzXGG7A5ad4KjrcK1t0vFGU/KJbqiTtDiv71pCf5RlQHbvj5O41JUfBF9sWrlS/Y/JOYzKd1FD37BxILMvZBjms61z0t36kq3gIsZZjfRUrJArryyGgLv3upsEHGVNQnDvkH93qQvNfdRAlLJLsaWQMrxMc7F8sEWYa7tvFOq18eGXicx7KYenjN8w8TZ0JN490+jOkj7JG/+xEYpssPYhF5hNWp4yls826ZKxBWgLYa3QJaLPIH7dO3+yxvfXR/fVot5HgUoocTvU5wvVAH1Rg2Lbfmy/7CucB26bPR6kPthZyXTswdOBQl0LHfi3Mq6CbwcnvZKbbxT4U+TDr9uFYn3dJ1YgpQ X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MWHPR1001MB2365.namprd10.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(7916004)(136003)(346002)(376002)(396003)(366004)(39860400002)(478600001)(38100700002)(38350700002)(6486002)(186003)(6506007)(41300700001)(6666004)(52116002)(110136005)(2906002)(66556008)(316002)(54906003)(8936002)(5660300002)(44832011)(86362001)(6512007)(26005)(9686003)(83380400001)(66946007)(66476007)(33716001)(4326008)(8676002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: 3Y20s1pD3HRollCNhG9V/2gEtnKI+X7j/bOM1r67+HurkX1POGJvzdD2D/kQUSLJV8w8maC2VIr7wOpJEzmC7ZPy/idnJV6X/vPmQoiP4c1K0Zpb1WyJyZH03tXilMu6+J6rKeuH46Lh0MaWskWdrgWqlS0WRXUjP/cBSAevwoI25Q1gk1GHM3HH4ygPZJVBdaAVZh+qpyBTLCWkUKSSyRd4MGYIxPb6WKwMYLEa6vraIajxi4D9ukyiPoCQ4ts809AIbU7NK8mr+fvduL+q2DbU6yyvBv3qihCnoMc8vBbVij5YZg9kUm9RvC/iz5hG0Sib2rc85YvCXJ6eBOkBV49lxp0aHpwnf6U475tjJienoMol6brCoLKn1VQ7FQ8Nr3LuEzqPZWeL8dd1yb1GfmAgRS5YaQAB2jKRSkY/ZzUXkIPDqrx6CVFiZCuA1Zxhtdcmlol5AOI+ooJj+6LJFT/cIz2A0GudJwUzf9S0KofTZlsHRB8HKmlYFtbWoD28SUXNJwGS4r6KvmT2nCyQYHmjtrqEfpXkQcP92VB1B9hsI51cWrmh7uiG1bZtoGAFztcLdJ2WT4Y/AIbvWfSbCLJrdXbsCjBIwQv0CV72P4j3ee8QDK6a4LMNVVnW75GGF7hwLXXsMMytmxh0Uc8FiuqUXhWnKK9L3B3CAKZGCQ9LSIYNCwLslajAE9XVj5063wtqA/32FR0fvFbGCd8Za6HpkAbteLQh4/2XYQftSGNdHfNWuA2wPxVvgXTXss1g9lYw5zI5OrlrU0vOkwnsvV94/5Sz7M/GEet3yeMlFASl26vJRjMfa788NdlnbYUjB+aaZIdKMApwkngiZIvjQhoMhfqtLpeRoKrhQefXwuMd73pS5DE0ERPTxWkVK8BfHET+9SledW+LVVB35az6ZAA+IPKp/41+bWbdwLI0nKhw57RZ4do6qmWXuuI6Y2Ojk7cpI9Xn5d9QatrfJXxgMOLnrucjMuyGcSvaZJZA/vWnnhLFhlkgX0V+liJHbTZCGnpfoePSSCl4L61yUz9GMms+7ExT8KmIOu4RZU021EjJZuNHcKRkiEFsTd6f3rMkJbaofBDuBl5nVkUexj5jhFKdU+FauIuHqSEJj8K6jB+4U3jlKbBso51GTfvHqn3nlTfMW86FH35YctfHU/m3m4Y/K37rmAhrHTGIr914oaGZQgpWNIkNRKsqj0g2UNPCIOD77eI2eTPsl28fxy1AuKxQ/+fP9EOM9+vDXaQkL57mI6GGJ9ckjZ8JRcmeuJSkGwAonZCqmrfxIR3ZKbgvKLvIMdMla98Vs+oJC8PUpttXDxzt3Bj2QWpTwytJLFvdgkugwlEVxPowwQ3Nof0fqicVhzSUH47URADqLItkVbM3YQCTk/qMkOpJWwagyQt3rQ39/p1tmv5+9vfCXet6gbkk/WuSz/bLkW99mhj9yMn0L+ABSkbYIQltT2VqcndBr20z66pHz1RGrKsI2OtDBePXJkm0+sxLs9Xv59CwOFn8NicM1WaAzUbFciYZkEPM6AiO7l8UEfUgUBM+2WWhffm6rsa4zB5W6jy9JBEzOBP5SxSP7Kq4dAXDe+sSkwbcx8YRfKf8ifdLUNuzmrymXg== X-OriginatorOrg: oracle.com X-MS-Exchange-CrossTenant-Network-Message-Id: bcbe0844-3f7d-4380-5ff2-08da5f1ce1fe X-MS-Exchange-CrossTenant-AuthSource: MWHPR1001MB2365.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Jul 2022 06:58:08.3176 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: rIORvfkbc0qyuLdEPT/n/m8POMIwCwYFmPGUCIdNHpEOsijyZdPlZPCjUWPx1hOdqCNf7VvQrRsRZ8i8RnQlzpvSNtKMQHazGC1CyiGcwFE= X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO1PR10MB4642 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.517, 18.0.883 definitions=2022-07-06_03:2022-06-28, 2022-07-06 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxscore=0 suspectscore=0 spamscore=0 malwarescore=0 mlxlogscore=999 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2206140000 definitions=main-2207060025 X-Proofpoint-GUID: fjgPrhgI3g-SXbHHNOFJj2AVIR1t702i X-Proofpoint-ORIG-GUID: fjgPrhgI3g-SXbHHNOFJj2AVIR1t702i Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org This code has a check for "if (rc != len) {" so it will fail if the simple_write_to_buffer() does not completely fill the buffer. In particular it will fail if "*ppos != 0". Although this code works, it is more complicated than necessary. Just use strndup_user() instead. Signed-off-by: Dan Carpenter --- drivers/net/wireless/ath/wil6210/debugfs.c | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/drivers/net/wireless/ath/wil6210/debugfs.c b/drivers/net/wireless/ath/wil6210/debugfs.c index fe84362718de..591ba7f61c64 100644 --- a/drivers/net/wireless/ath/wil6210/debugfs.c +++ b/drivers/net/wireless/ath/wil6210/debugfs.c @@ -1937,18 +1937,15 @@ static ssize_t wil_link_stats_write(struct file *file, const char __user *buf, struct wil6210_priv *wil = s->private; int cid, interval, rc, i; struct wil6210_vif *vif; - char *kbuf = kmalloc(len + 1, GFP_KERNEL); + char *kbuf; - if (!kbuf) - return -ENOMEM; + if (*ppos != 0) + return -EINVAL; - rc = simple_write_to_buffer(kbuf, len, ppos, buf, len); - if (rc != len) { - kfree(kbuf); - return rc >= 0 ? -EIO : rc; - } + kbuf = strndup_user(buf, len + 1); + if (IS_ERR(kbuf)) + return -ENOMEM; - kbuf[len] = '\0'; /* specify cid (use -1 for all cids) and snapshot interval in ms */ rc = sscanf(kbuf, "%d %d", &cid, &interval); kfree(kbuf);