Re: [PATCH v2 05/15] usb: misc: emi26: update to use usb_control_msg_send()

From: Johan Hovold
Date: Fri Dec 04 2020 - 09:41:47 EST


On Mon, Nov 30, 2020 at 06:58:47AM +0530, Anant Thazhemadam wrote:
> The newer usb_control_msg_{send|recv}() API are an improvement on the
> existing usb_control_msg() as it ensures that a short read/write is treated
> as an error,

Short writes have always been treated as an error. The new send helper
only changes the return value from the transfer size to 0.

And this driver never reads.

Try to describe the motivation for changing this driver which is to
avoid the explicit kmemdup().

> data can be used off the stack, and raw usb pipes need not be
> created in the calling functions.
> For this reason, the instance of usb_control_msg() has been replaced with
> usb_control_msg_send() appropriately.
>
> Signed-off-by: Anant Thazhemadam <anant.thazhemadam@xxxxxxxxx>
> ---
> drivers/usb/misc/emi26.c | 31 ++++++++-----------------------
> 1 file changed, 8 insertions(+), 23 deletions(-)
>
> diff --git a/drivers/usb/misc/emi26.c b/drivers/usb/misc/emi26.c
> index 24d841850e05..1dd024507f40 100644
> --- a/drivers/usb/misc/emi26.c
> +++ b/drivers/usb/misc/emi26.c
> @@ -27,7 +27,7 @@
> #define INTERNAL_RAM(address) (address <= MAX_INTERNAL_ADDRESS)
>
> static int emi26_writememory( struct usb_device *dev, int address,
> - const unsigned char *data, int length,
> + const void *data, int length,

Why is this needed?

> __u8 bRequest);
> static int emi26_set_reset(struct usb_device *dev, unsigned char reset_bit);
> static int emi26_load_firmware (struct usb_device *dev);
> @@ -35,22 +35,12 @@ static int emi26_probe(struct usb_interface *intf, const struct usb_device_id *i
> static void emi26_disconnect(struct usb_interface *intf);
>
> /* thanks to drivers/usb/serial/keyspan_pda.c code */
> -static int emi26_writememory (struct usb_device *dev, int address,
> - const unsigned char *data, int length,
> +static int emi26_writememory(struct usb_device *dev, int address,
> + const void *data, int length,
> __u8 request)
> {
> - int result;
> - unsigned char *buffer = kmemdup(data, length, GFP_KERNEL);
> -
> - if (!buffer) {
> - dev_err(&dev->dev, "kmalloc(%d) failed.\n", length);
> - return -ENOMEM;
> - }
> - /* Note: usb_control_msg returns negative value on error or length of the
> - * data that was written! */
> - result = usb_control_msg (dev, usb_sndctrlpipe(dev, 0), request, 0x40, address, 0, buffer, length, 300);
> - kfree (buffer);
> - return result;
> + return usb_control_msg_send(dev, 0, request, 0x40, address, 0,
> + data, length, 300, GFP_KERNEL);

So you're changing the return value on success from length to 0 here.
Did you make sure that all callers can handle that?

> }
>
> /* thanks to drivers/usb/serial/keyspan_pda.c code */
> @@ -77,11 +67,7 @@ static int emi26_load_firmware (struct usb_device *dev)
> int err = -ENOMEM;
> int i;
> __u32 addr; /* Address to write */
> - __u8 *buf;
> -
> - buf = kmalloc(FW_LOAD_SIZE, GFP_KERNEL);
> - if (!buf)
> - goto wraperr;
> + __u8 buf[FW_LOAD_SIZE];

As the build bots reported, you must not put large structures like this
on the stack.

>
> err = request_ihex_firmware(&loader_fw, "emi26/loader.fw", &dev->dev);
> if (err)
> @@ -133,11 +119,11 @@ static int emi26_load_firmware (struct usb_device *dev)
>
> /* intel hex records are terminated with type 0 element */
> while (rec && (i + be16_to_cpu(rec->len) < FW_LOAD_SIZE)) {
> - memcpy(buf + i, rec->data, be16_to_cpu(rec->len));
> + memcpy(&buf[i], rec->data, be16_to_cpu(rec->len));
> i += be16_to_cpu(rec->len);
> rec = ihex_next_binrec(rec);
> }
> - err = emi26_writememory(dev, addr, buf, i, ANCHOR_LOAD_FPGA);
> + err = emi26_writememory(dev, addr, &buf, i, ANCHOR_LOAD_FPGA);
> if (err < 0)
> goto wraperr;
> } while (rec);
> @@ -211,7 +197,6 @@ static int emi26_load_firmware (struct usb_device *dev)
> release_firmware(bitstream_fw);
> release_firmware(firmware_fw);
>
> - kfree(buf);
> return err;
> }

Looks good otherwise.

Johan