amdgpu_ras_debugfs_ctrl_parse_data is reachable from a debug fs write.
A write is supposed to return EFAULT when the user buffer is outside
the address space. Right now it returns EINVAL.
Change the EINVAL to EFAULT.
Fixes: 96ebb3073275 ("drm/amdgpu: add human readable debugfs control support (v2)")
Signed-off-by: Niels Dossche <dossche.niels@xxxxxxxxx>
---
I found this issue using static analysis to find inconsistent error
handling regarding kernel APIs. Found on v5.17.4.
As I do not have the necessary hardware, I only managed to compile test
this on x86_64. I put this as an RFC as I'm a bit worried about possible
userspace API breakage that might rely on the EINVAL behaviour.
drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c
index 424c22a841f4..9bbdf0519c31 100644
--- a/drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c
+++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c
@@ -253,7 +253,7 @@ static int amdgpu_ras_debugfs_ctrl_parse_data(struct file *f,
memset(data, 0, sizeof(*data));
if (copy_from_user(str, buf, s))
- return -EINVAL;
+ return -EFAULT;
if (sscanf(str, "disable %32s", block_name) == 1)
op = 0;
@@ -308,7 +308,7 @@ static int amdgpu_ras_debugfs_ctrl_parse_data(struct file *f,
return -EINVAL;
if (copy_from_user(data, buf, sizeof(*data)))
- return -EINVAL;
+ return -EFAULT;
}
return 0;
--
2.35.2
