tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Bluetooth: ath3k: use usb_control_msg_send() and usb_control_msg_recv()
The usb_control_msg_send() and usb_control_msg_recv() calls can return
an error if a "short" write/read happens, and they can handle data off
of the stack, so move the driver over to using those calls instead,
saving some logic when dynamically allocating memory.
v2: changed API of use usb_control_msg_send() and usb_control_msg_recv()
Cc: Marcel Holtmann <marcel@holtmann.org>
Cc: Johan Hedberg <johan.hedberg@gmail.com>
Link: https://lore.kernel.org/r/20200914153756.3412156-11-gregkh@linuxfoundation.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Link: https://lore.kernel.org/r/20200923134348.23862-15-oneukum@suse.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+29
-64
+29
-64
drivers/bluetooth/ath3k.c
+29
-64
drivers/bluetooth/ath3k.c
···
212
212
213
213
BT_DBG("udev %p", udev);
214
214
215
-
pipe = usb_sndctrlpipe(udev, 0);
216
-
217
215
send_buf = kmalloc(BULK_SIZE, GFP_KERNEL);
218
216
if (!send_buf) {
219
217
BT_ERR("Can't allocate memory chunk for firmware");
220
218
return -ENOMEM;
221
219
}
222
220
223
-
memcpy(send_buf, firmware->data, FW_HDR_SIZE);
224
-
err = usb_control_msg(udev, pipe, USB_REQ_DFU_DNLOAD, USB_TYPE_VENDOR,
225
-
0, 0, send_buf, FW_HDR_SIZE,
226
-
USB_CTRL_SET_TIMEOUT);
227
-
if (err < 0) {
221
+
err = usb_control_msg_send(udev, 0, USB_REQ_DFU_DNLOAD, USB_TYPE_VENDOR,
222
+
0, 0, firmware->data, FW_HDR_SIZE,
223
+
USB_CTRL_SET_TIMEOUT, GFP_KERNEL);
224
+
if (err) {
228
225
BT_ERR("Can't change to loading configuration err");
229
226
goto error;
230
227
}
···
256
259
257
260
static int ath3k_get_state(struct usb_device *udev, unsigned char *state)
258
261
{
259
-
int ret, pipe = 0;
260
-
char *buf;
261
-
262
-
buf = kmalloc(sizeof(*buf), GFP_KERNEL);
263
-
if (!buf)
264
-
return -ENOMEM;
265
-
266
-
pipe = usb_rcvctrlpipe(udev, 0);
267
-
ret = usb_control_msg(udev, pipe, ATH3K_GETSTATE,
268
-
USB_TYPE_VENDOR | USB_DIR_IN, 0, 0,
269
-
buf, sizeof(*buf), USB_CTRL_SET_TIMEOUT);
270
-
271
-
*state = *buf;
272
-
kfree(buf);
273
-
274
-
return ret;
262
+
return usb_control_msg_recv(udev, 0, ATH3K_GETSTATE,
263
+
USB_TYPE_VENDOR | USB_DIR_IN, 0, 0,
264
+
state, 1, USB_CTRL_SET_TIMEOUT,
265
+
GFP_KERNEL);
275
266
}
276
267
277
268
static int ath3k_get_version(struct usb_device *udev,
278
269
struct ath3k_version *version)
279
270
{
280
-
int ret, pipe = 0;
281
-
struct ath3k_version *buf;
282
-
const int size = sizeof(*buf);
283
-
284
-
buf = kmalloc(size, GFP_KERNEL);
285
-
if (!buf)
286
-
return -ENOMEM;
287
-
288
-
pipe = usb_rcvctrlpipe(udev, 0);
289
-
ret = usb_control_msg(udev, pipe, ATH3K_GETVERSION,
290
-
USB_TYPE_VENDOR | USB_DIR_IN, 0, 0,
291
-
buf, size, USB_CTRL_SET_TIMEOUT);
292
-
293
-
memcpy(version, buf, size);
294
-
kfree(buf);
295
-
296
-
return ret;
271
+
return usb_control_msg_recv(udev, 0, ATH3K_GETVERSION,
272
+
USB_TYPE_VENDOR | USB_DIR_IN, 0, 0,
273
+
version, sizeof(*version), USB_CTRL_SET_TIMEOUT,
274
+
GFP_KERNEL);
297
275
}
298
276
299
277
static int ath3k_load_fwfile(struct usb_device *udev,
···
288
316
}
289
317
290
318
size = min_t(uint, count, FW_HDR_SIZE);
291
-
memcpy(send_buf, firmware->data, size);
292
319
293
-
pipe = usb_sndctrlpipe(udev, 0);
294
-
ret = usb_control_msg(udev, pipe, ATH3K_DNLOAD,
295
-
USB_TYPE_VENDOR, 0, 0, send_buf,
296
-
size, USB_CTRL_SET_TIMEOUT);
297
-
if (ret < 0) {
320
+
ret = usb_control_msg_send(udev, 0, ATH3K_DNLOAD, USB_TYPE_VENDOR, 0, 0,
321
+
firmware->data, size, USB_CTRL_SET_TIMEOUT,
322
+
GFP_KERNEL);
323
+
if (ret) {
298
324
BT_ERR("Can't change to loading configuration err");
299
325
kfree(send_buf);
300
326
return ret;
···
325
355
return 0;
326
356
}
327
357
328
-
static int ath3k_switch_pid(struct usb_device *udev)
358
+
static void ath3k_switch_pid(struct usb_device *udev)
329
359
{
330
-
int pipe = 0;
331
-
332
-
pipe = usb_sndctrlpipe(udev, 0);
333
-
return usb_control_msg(udev, pipe, USB_REG_SWITCH_VID_PID,
334
-
USB_TYPE_VENDOR, 0, 0,
335
-
NULL, 0, USB_CTRL_SET_TIMEOUT);
360
+
usb_control_msg_send(udev, 0, USB_REG_SWITCH_VID_PID, USB_TYPE_VENDOR,
361
+
0, 0, NULL, 0, USB_CTRL_SET_TIMEOUT, GFP_KERNEL);
336
362
}
337
363
338
364
static int ath3k_set_normal_mode(struct usb_device *udev)
339
365
{
340
366
unsigned char fw_state;
341
-
int pipe = 0, ret;
367
+
int ret;
342
368
343
369
ret = ath3k_get_state(udev, &fw_state);
344
-
if (ret < 0) {
370
+
if (ret) {
345
371
BT_ERR("Can't get state to change to normal mode err");
346
372
return ret;
347
373
}
···
347
381
return 0;
348
382
}
349
383
350
-
pipe = usb_sndctrlpipe(udev, 0);
351
-
return usb_control_msg(udev, pipe, ATH3K_SET_NORMAL_MODE,
352
-
USB_TYPE_VENDOR, 0, 0,
353
-
NULL, 0, USB_CTRL_SET_TIMEOUT);
384
+
return usb_control_msg_send(udev, 0, ATH3K_SET_NORMAL_MODE,
385
+
USB_TYPE_VENDOR, 0, 0, NULL, 0,
386
+
USB_CTRL_SET_TIMEOUT, GFP_KERNEL);
354
387
}
355
388
356
389
static int ath3k_load_patch(struct usb_device *udev)
···
362
397
int ret;
363
398
364
399
ret = ath3k_get_state(udev, &fw_state);
365
-
if (ret < 0) {
400
+
if (ret) {
366
401
BT_ERR("Can't get state to change to load ram patch err");
367
402
return ret;
368
403
}
···
373
408
}
374
409
375
410
ret = ath3k_get_version(udev, &fw_version);
376
-
if (ret < 0) {
411
+
if (ret) {
377
412
BT_ERR("Can't get version to change to load ram patch err");
378
413
return ret;
379
414
}
···
414
449
int clk_value, ret;
415
450
416
451
ret = ath3k_get_state(udev, &fw_state);
417
-
if (ret < 0) {
452
+
if (ret) {
418
453
BT_ERR("Can't get state to change to load configuration err");
419
454
return -EBUSY;
420
455
}
421
456
422
457
ret = ath3k_get_version(udev, &fw_version);
423
-
if (ret < 0) {
458
+
if (ret) {
424
459
BT_ERR("Can't get version to change to load ram patch err");
425
460
return ret;
426
461
}
···
494
529
return ret;
495
530
}
496
531
ret = ath3k_set_normal_mode(udev);
497
-
if (ret < 0) {
532
+
if (ret) {
498
533
BT_ERR("Set normal mode failed");
499
534
return ret;
500
535
}