Hi Martin,
Thanks for your review and reply.
You are right, it is not equivalent. I will keep the original goto
cleanup. But the return value is changed to use of PTR_ERR
(user_srbcmd), and assign it to rcode.
I will send the v2 soon later
On 2020/4/25 6:23, Martin K. Petersen wrote:
Zou,
diff --git a/drivers/scsi/aacraid/commctrl.c b/drivers/scsi/aacraid/commctrl.c
index ffe41bc..1ce1620 100644
--- a/drivers/scsi/aacraid/commctrl.c
+++ b/drivers/scsi/aacraid/commctrl.c
@@ -513,17 +513,9 @@ static int aac_send_raw_srb(struct aac_dev* dev, void __user * arg)
goto cleanup;
}
- user_srbcmd = kmalloc(fibsize, GFP_KERNEL);
- if (!user_srbcmd) {
- dprintk((KERN_DEBUG"aacraid: Could not make a copy of the srb\n"));
- rcode = -ENOMEM;
- goto cleanup;
- }
- if(copy_from_user(user_srbcmd, user_srb,fibsize)){
- dprintk((KERN_DEBUG"aacraid: Could not copy srb from user\n"));
- rcode = -EFAULT;
- goto cleanup;
- }
+ user_srbcmd = memdup_user(user_srb, fibsize);
+ if (IS_ERR(user_srbcmd))
+ return PTR_ERR(user_srbcmd);
flags = user_srbcmd->flags; /* from user in cpu order */
switch (flags & (SRB_DataIn | SRB_DataOut)) {
This is not equivalent, is it? The original code does a goto cleanup;
whereas your patch returns on error.
