On 5/11/22 3:30 AM, Andrew Morton wrote:
On Wed, 11 May 2022 03:10:31 +0700 Ammar Faizi <ammarfaizi2@xxxxxxxxxxx> wrote:
On 5/8/22 4:27 PM, cgel.zte@xxxxxxxxx wrote:
+static ssize_t ksm_force_write(struct file *file, const char __user *buf,
+ size_t count, loff_t *ppos)
+{
+ struct task_struct *task;
+ struct mm_struct *mm;
+ char buffer[PROC_NUMBUF];
+ int force;
+ int err = 0;
+
+ memset(buffer, 0, sizeof(buffer));
+ if (count > sizeof(buffer) - 1)
+ count = sizeof(buffer) - 1;
+ if (copy_from_user(buffer, buf, count)) {
+ err = -EFAULT;
+ goto out_return;
+ }
This one looks like over-zeroing to me. You don't need to zero
all elements in the array. You're going to overwrite it with
`copy_from_user()` anyway.
Just zero the last potentially useful element by using @count
as the index. It can be like this:
```
char buffer[PROC_NUMBUF];
if (count > sizeof(buffer) - 1)
count = sizeof(buffer) - 1;
if (copy_from_user(buffer, buf, count))
return -EFAULT;
buffer[count] = '\0';
```
Use strncpy_from_user()?
Sounds better.
Can this code use proc_dointvec_minmax() or similar?
Not familiar with that API at all. Leaving it to other participants...
--
Ammar Faizi