Commit 16e0c7be authored by Jaroslav Kysela's avatar Jaroslav Kysela

[ALSA] Update user-space access from sscape driver

Sound Scape driver
I see that the copy_to/from_user() functions have been updated across
Linux 2.4 and 2.6, and that verify_read/write() has been replaced by
 access_ok(). I have patched the SoundScape driver accordingly.
Signed-off-by: default avatarChris Rankin <rankincj@yahoo.com>
Signed-off-by: default avatarTakashi Iwai <tiwai@suse.de>
parent c8992923
...@@ -487,7 +487,7 @@ static int upload_dma_data(struct soundscape *s, ...@@ -487,7 +487,7 @@ static int upload_dma_data(struct soundscape *s,
* the userspace pointer ... * the userspace pointer ...
*/ */
len = min(size, dma.bytes); len = min(size, dma.bytes);
__copy_from_user(dma.area, data, len); len -= __copy_from_user(dma.area, data, len);
data += len; data += len;
size -= len; size -= len;
...@@ -571,8 +571,8 @@ static int sscape_upload_bootblock(struct soundscape *sscape, struct sscape_boot ...@@ -571,8 +571,8 @@ static int sscape_upload_bootblock(struct soundscape *sscape, struct sscape_boot
if (data < 0) { if (data < 0) {
snd_printk(KERN_ERR "sscape: timeout reading firmware version\n"); snd_printk(KERN_ERR "sscape: timeout reading firmware version\n");
ret = -EAGAIN; ret = -EAGAIN;
} else { }
if (__copy_to_user(&bb->version, &data, sizeof(bb->version))) else if (__copy_to_user(&bb->version, &data, sizeof(bb->version))) {
ret = -EFAULT; ret = -EFAULT;
} }
} }
...@@ -592,7 +592,7 @@ static int sscape_upload_microcode(struct soundscape *sscape, ...@@ -592,7 +592,7 @@ static int sscape_upload_microcode(struct soundscape *sscape,
{ {
unsigned long flags; unsigned long flags;
char __user *code; char __user *code;
int err, ret; int err;
/* /*
* We are going to have to copy this data into a special * We are going to have to copy this data into a special
...@@ -602,12 +602,11 @@ static int sscape_upload_microcode(struct soundscape *sscape, ...@@ -602,12 +602,11 @@ static int sscape_upload_microcode(struct soundscape *sscape,
* NOTE: This buffer is 64K long! That's WAY too big to * NOTE: This buffer is 64K long! That's WAY too big to
* copy into a stack-temporary anyway. * copy into a stack-temporary anyway.
*/ */
if (get_user(code, &mc->code)) if ( get_user(code, &mc->code) ||
!access_ok(VERIFY_READ, code, SSCAPE_MICROCODE_SIZE) )
return -EFAULT; return -EFAULT;
if ((err = verify_area(VERIFY_READ, code, SSCAPE_MICROCODE_SIZE)) != 0)
return err;
if ((ret = upload_dma_data(sscape, code, SSCAPE_MICROCODE_SIZE)) == 0) { if ((err = upload_dma_data(sscape, code, SSCAPE_MICROCODE_SIZE)) == 0) {
snd_printk(KERN_INFO "sscape: MIDI firmware loaded\n"); snd_printk(KERN_INFO "sscape: MIDI firmware loaded\n");
} }
...@@ -617,7 +616,7 @@ static int sscape_upload_microcode(struct soundscape *sscape, ...@@ -617,7 +616,7 @@ static int sscape_upload_microcode(struct soundscape *sscape,
initialise_mpu401(sscape->mpu); initialise_mpu401(sscape->mpu);
return ret; return err;
} }
/* /*
...@@ -674,14 +673,14 @@ static int sscape_hw_ioctl(snd_hwdep_t * hw, struct file *file, ...@@ -674,14 +673,14 @@ static int sscape_hw_ioctl(snd_hwdep_t * hw, struct file *file,
* DMA-able buffer before we can upload it. We shall therefore * DMA-able buffer before we can upload it. We shall therefore
* just check that the data pointer is valid for now ... * just check that the data pointer is valid for now ...
*/ */
if ((err = verify_area(VERIFY_READ, bb->code, sizeof(bb->code))) != 0) if ( !access_ok(VERIFY_READ, bb->code, sizeof(bb->code)) )
return err; return -EFAULT;
/* /*
* Now check that we can write the firmware version number too... * Now check that we can write the firmware version number too...
*/ */
if ((err = verify_area(VERIFY_WRITE, &bb->version, sizeof(bb->version))) != 0) if ( !access_ok(VERIFY_WRITE, &bb->version, sizeof(bb->version)) )
return err; return -EFAULT;
err = sscape_upload_bootblock(sscape, bb); err = sscape_upload_bootblock(sscape, bb);
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment