Instead of hand-writing kzalloc(size+1) + copy_from_user(size), use
memdup_user_nul() that does the same with a few less lines of code.
This also saves a useless zeroing of the allocated memory.
Signed-off-by: Christophe JAILLET <christophe.jaillet@xxxxxxxxxx>
---
drivers/hwtracing/stm/core.c | 12 ++----------
1 file changed, 2 insertions(+), 10 deletions(-)
diff --git a/drivers/hwtracing/stm/core.c b/drivers/hwtracing/stm/core.c
index 534fbefc7f6a..3ee98208ea8f 100644
--- a/drivers/hwtracing/stm/core.c
+++ b/drivers/hwtracing/stm/core.c
@@ -739,19 +739,11 @@ static int stm_char_policy_set_ioctl(struct stm_file *stmf, void __user *arg)
if (size < sizeof(*id) || size >= PATH_MAX + sizeof(*id))
return -EINVAL;
- /*
- * size + 1 to make sure the .id string at the bottom is terminated,
- * which is also why memdup_user() is not useful here
- */
- id = kzalloc(size + 1, GFP_KERNEL);
+ /* Make sure the .id string at the bottom is nul terminated. */
+ id = memdup_user_nul(arg, size);
if (!id)
return -ENOMEM;
- if (copy_from_user(id, arg, size)) {
- ret = -EFAULT;
- goto err_free;
- }
-
if (id->__reserved_0 || id->__reserved_1)
goto err_free;
--
2.34.1
