| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 19 May 2021 11:20:04 +0200
From: Johan Hovold <johan@...nel.org>
To: Johan Hovold <johan@...nel.org>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Jiri Slaby <jirislaby@...nel.org>, linux-usb@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: [PATCH 4/6] USB: serial: mos7720: drop buffer-callback sanity checks
The driver write_room and chars_in_buffer callbacks used to incorrectly
return a negative errno in case they were ever called with a NULL port
driver-data pointer. The return value was later changed to zero by
commit 23198fda7182 ("tty: fix chars_in_buffers") but the bogus sanity
checks were left in place as were the outdated function-header comments.
The port driver data isn't cleared until after the port has been
deregistered and all open ttys have been hung up so drop the unnecessary
sanity checks and the outdated comments.
Signed-off-by: Johan Hovold <johan@...nel.org>
---
drivers/usb/serial/mos7720.c | 17 ++---------------
1 file changed, 2 insertions(+), 15 deletions(-)
diff --git a/drivers/usb/serial/mos7720.c b/drivers/usb/serial/mos7720.c
index ce41009756f3..227f43d2bd56 100644
--- a/drivers/usb/serial/mos7720.c
+++ b/drivers/usb/serial/mos7720.c
@@ -945,20 +945,13 @@ static int mos7720_open(struct tty_struct *tty, struct usb_serial_port *port)
* this function is called by the tty driver when it wants to know how many
* bytes of data we currently have outstanding in the port (data that has
* been written, but hasn't made it out the port yet)
- * If successful, we return the number of bytes left to be written in the
- * system,
- * Otherwise we return a negative error number.
*/
static unsigned int mos7720_chars_in_buffer(struct tty_struct *tty)
{
struct usb_serial_port *port = tty->driver_data;
+ struct moschip_port *mos7720_port = usb_get_serial_port_data(port);
int i;
unsigned int chars = 0;
- struct moschip_port *mos7720_port;
-
- mos7720_port = usb_get_serial_port_data(port);
- if (mos7720_port == NULL)
- return 0;
for (i = 0; i < NUM_URBS; ++i) {
if (mos7720_port->write_urb_pool[i] &&
@@ -1030,20 +1023,14 @@ static void mos7720_break(struct tty_struct *tty, int break_state)
* mos7720_write_room
* this function is called by the tty driver when it wants to know how many
* bytes of data we can accept for a specific port.
- * If successful, we return the amount of room that we have for this port
- * Otherwise we return a negative error number.
*/
static unsigned int mos7720_write_room(struct tty_struct *tty)
{
struct usb_serial_port *port = tty->driver_data;
- struct moschip_port *mos7720_port;
+ struct moschip_port *mos7720_port = usb_get_serial_port_data(port);
unsigned int room = 0;
int i;
- mos7720_port = usb_get_serial_port_data(port);
- if (mos7720_port == NULL)
- return 0;
-
/* FIXME: Locking */
for (i = 0; i < NUM_URBS; ++i) {
if (mos7720_port->write_urb_pool[i] &&
--
2.26.3
Powered by blists - more mailing lists