Staging: ced1401: fix copy_from/to_user warning messages

Properly check the return value of copy_from/to_user() and handle any
errors that might happen.

This removes a bunch of compiler warnings.

Cc: Alois Schlögl <alois.schloegl@ist.ac.at>
Cc: Greg P. Smith <greg@ced.co.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/drivers/staging/ced1401/ced_ioc.c b/drivers/staging/ced1401/ced_ioc.c
index bb29c7f6217f23143ccc71c63d879bc90f319247..693c4544c29d410d0e4c68feb749e93e33e693d4 100644 (file)
--- a/drivers/staging/ced1401/ced_ioc.c
+++ b/drivers/staging/ced1401/ced_ioc.c
@@ -112,7 +112,7 @@ int SendString(DEVICE_EXTENSION * pdx, const char __user * pData,
        if (n > OUTBUF_SZ)      // check space in local buffer...
                return U14ERR_NOOUT;    // ...too many characters
        if (copy_from_user(buffer, pData, n))
-               return -ENOMEM; // could not copy
+               return -EFAULT;
        buffer[n] = 0;          // terminate for debug purposes
 
        mutex_lock(&pdx->io_mutex);     // Protect disconnect from new i/o
@@ -511,9 +511,10 @@ int GetString(DEVICE_EXTENSION * pdx, char __user * pUser, int n)
 
                dev_dbg(&pdx->interface->dev,
                        "GetString read %d characters >%s<", nGot, buffer);
-               copy_to_user(pUser, buffer, nCopyToUser);
-
-               iReturn = nGot; // report characters read
+               if (copy_to_user(pUser, buffer, nCopyToUser))
+                       iReturn = -EFAULT;
+               else
+                       iReturn = nGot;         // report characters read
        } else
                spin_unlock_irq(&pdx->charInLock);
 
@@ -758,7 +759,10 @@ int SetTransfer(DEVICE_EXTENSION * pdx, TRANSFERDESC __user * pTD)
 {
        int iReturn;
        TRANSFERDESC td;
-       copy_from_user(&td, pTD, sizeof(td));
+
+       if (copy_from_user(&td, pTD, sizeof(td)))
+               return -EFAULT;
+
        mutex_lock(&pdx->io_mutex);
        dev_dbg(&pdx->interface->dev, "%s area:%d, size:%08x", __func__,
                td.wAreaNum, td.dwLength);
@@ -798,7 +802,11 @@ int SetEvent(DEVICE_EXTENSION * pdx, TRANSFEREVENT __user * pTE)
 {
        int iReturn = U14ERR_NOERROR;
        TRANSFEREVENT te;
-       copy_from_user(&te, pTE, sizeof(te));   // get a local copy of the data
+
+       // get a local copy of the data
+       if (copy_from_user(&te, pTE, sizeof(te)))
+               return -EFAULT;
+
        if (te.wAreaNum >= MAX_TRANSAREAS)      // the area must exist
                return U14ERR_BADAREA;
        else {
@@ -914,7 +922,9 @@ int GetTransfer(DEVICE_EXTENSION * pdx, TGET_TX_BLOCK __user * pTX)
                tx.entries[0].physical =
                    (long long)(tx.linear + pdx->StagedOffset);
                tx.entries[0].size = tx.size;
-               copy_to_user(pTX, &tx, sizeof(tx));
+
+               if (copy_to_user(pTX, &tx, sizeof(tx)))
+                       iReturn = -EFAULT;
        }
        mutex_unlock(&pdx->io_mutex);
        return iReturn;
@@ -1065,7 +1075,9 @@ int CheckSelfTest(DEVICE_EXTENSION * pdx, TGET_SELFTEST __user * pGST)
        }
        mutex_unlock(&pdx->io_mutex);
 
-       copy_to_user(pGST, &gst, sizeof(gst));  // copy result to user space
+       if (copy_to_user(pGST, &gst, sizeof(gst)))
+               return -EFAULT;
+
        return iReturn;
 }
 
@@ -1147,7 +1159,9 @@ int DbgPeek(DEVICE_EXTENSION * pdx, TDBGBLOCK __user * pDB)
 {
        int iReturn;
        TDBGBLOCK db;
-       copy_from_user(&db, pDB, sizeof(db));   // get the data
+
+       if (copy_from_user(&db, pDB, sizeof(db)))
+               return -EFAULT;
 
        mutex_lock(&pdx->io_mutex);
        dev_dbg(&pdx->interface->dev, "%s @ %08x", __func__, db.iAddr);
@@ -1174,7 +1188,9 @@ int DbgPoke(DEVICE_EXTENSION * pdx, TDBGBLOCK __user * pDB)
 {
        int iReturn;
        TDBGBLOCK db;
-       copy_from_user(&db, pDB, sizeof(db));   // get the data
+
+       if (copy_from_user(&db, pDB, sizeof(db)))
+               return -EFAULT;
 
        mutex_lock(&pdx->io_mutex);
        dev_dbg(&pdx->interface->dev, "%s @ %08x", __func__, db.iAddr);
@@ -1201,7 +1217,9 @@ int DbgRampData(DEVICE_EXTENSION * pdx, TDBGBLOCK __user * pDB)
 {
        int iReturn;
        TDBGBLOCK db;
-       copy_from_user(&db, pDB, sizeof(db));   // get the data
+
+       if (copy_from_user(&db, pDB, sizeof(db)))
+               return -EFAULT;
 
        mutex_lock(&pdx->io_mutex);
        dev_dbg(&pdx->interface->dev, "%s @ %08x", __func__, db.iAddr);
@@ -1231,7 +1249,9 @@ int DbgRampAddr(DEVICE_EXTENSION * pdx, TDBGBLOCK __user * pDB)
 {
        int iReturn;
        TDBGBLOCK db;
-       copy_from_user(&db, pDB, sizeof(db));   // get the data
+
+       if (copy_from_user(&db, pDB, sizeof(db)))
+               return -EFAULT;
 
        mutex_lock(&pdx->io_mutex);
        dev_dbg(&pdx->interface->dev, "%s", __func__);
@@ -1269,8 +1289,10 @@ int DbgGetData(DEVICE_EXTENSION * pdx, TDBGBLOCK __user * pDB)
                                  DB_DATA, (D_TO_H | VENDOR | DEVREQ), 0, 0,
                                  &db.iData, sizeof(db.iData), HZ);
        if (iReturn == sizeof(db.iData)) {
-               copy_to_user(pDB, &db, sizeof(db));
-               iReturn = U14ERR_NOERROR;
+               if (copy_to_user(pDB, &db, sizeof(db)))
+                       iReturn = -EFAULT;
+               else
+                       iReturn = U14ERR_NOERROR;
        } else
                dev_err(&pdx->interface->dev, "%s failed, code %d", __func__,
                        iReturn);
@@ -1312,7 +1334,10 @@ int SetCircular(DEVICE_EXTENSION * pdx, TRANSFERDESC __user * pTD)
        int iReturn;
        bool bToHost;
        TRANSFERDESC td;
-       copy_from_user(&td, pTD, sizeof(td));
+
+       if (copy_from_user(&td, pTD, sizeof(td)))
+               return -EFAULT;
+
        mutex_lock(&pdx->io_mutex);
        dev_dbg(&pdx->interface->dev, "%s area:%d, size:%08x", __func__,
                td.wAreaNum, td.dwLength);
@@ -1339,8 +1364,12 @@ int GetCircBlock(DEVICE_EXTENSION * pdx, TCIRCBLOCK __user * pCB)
        int iReturn = U14ERR_NOERROR;
        unsigned int nArea;
        TCIRCBLOCK cb;
+
        dev_dbg(&pdx->interface->dev, "%s", __func__);
-       copy_from_user(&cb, pCB, sizeof(cb));
+
+       if (copy_from_user(&cb, pCB, sizeof(cb)))
+               return -EFAULT;
+
        mutex_lock(&pdx->io_mutex);
 
        nArea = cb.nArea;       // Retrieve parameters first
@@ -1370,7 +1399,9 @@ int GetCircBlock(DEVICE_EXTENSION * pdx, TCIRCBLOCK __user * pCB)
        } else
                iReturn = U14ERR_BADAREA;
 
-       copy_to_user(pCB, &cb, sizeof(cb));
+       if (copy_to_user(pCB, &cb, sizeof(cb)))
+               iReturn = -EFAULT;
+
        mutex_unlock(&pdx->io_mutex);
        return iReturn;
 }
@@ -1385,8 +1416,12 @@ int FreeCircBlock(DEVICE_EXTENSION * pdx, TCIRCBLOCK __user * pCB)
        int iReturn = U14ERR_NOERROR;
        unsigned int nArea, uStart, uSize;
        TCIRCBLOCK cb;
+
        dev_dbg(&pdx->interface->dev, "%s", __func__);
-       copy_from_user(&cb, pCB, sizeof(cb));
+
+       if (copy_from_user(&cb, pCB, sizeof(cb)))
+               return -EFAULT;
+
        mutex_lock(&pdx->io_mutex);
 
        nArea = cb.nArea;       // Retrieve parameters first
@@ -1472,7 +1507,9 @@ int FreeCircBlock(DEVICE_EXTENSION * pdx, TCIRCBLOCK __user * pCB)
        } else
                iReturn = U14ERR_BADAREA;
 
-       copy_to_user(pCB, &cb, sizeof(cb));
+       if (copy_to_user(pCB, &cb, sizeof(cb)))
+               return -EFAULT;
+
        mutex_unlock(&pdx->io_mutex);
        return iReturn;
 }