diff options
| author | Tomas Winkler | 2013-09-02 02:11:04 +0200 |
|---|---|---|
| committer | Greg Kroah-Hartman | 2013-09-26 17:23:01 +0200 |
| commit | dd5de1f165ade430357960459491a067c7e3d21c (patch) | |
| tree | 456a28f27a8945b1025325cc2cf76a59b257c616 | |
| parent | mei: fix format compilation warrning on 32 bit architecture (diff) | |
| download | kernel-qcow2-linux-dd5de1f165ade430357960459491a067c7e3d21c.tar.gz kernel-qcow2-linux-dd5de1f165ade430357960459491a067c7e3d21c.tar.xz kernel-qcow2-linux-dd5de1f165ade430357960459491a067c7e3d21c.zip | |
mei: revamp read and write length checks
1. Return zero on zero length read and writes
2. For a too large write return -EFBIG as defined in man write(2)
EFBIG An attempt was made to write a file that
exceeds the implementation-defined maximum
file size or the process's file size limit,
or to write at a position past the maximum
allowed offset.
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
| -rw-r--r-- | drivers/misc/mei/main.c | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/drivers/misc/mei/main.c b/drivers/misc/mei/main.c index 5ff810b1e8b3..7404584e65e1 100644 --- a/drivers/misc/mei/main.c +++ b/drivers/misc/mei/main.c @@ -203,12 +203,18 @@ static ssize_t mei_read(struct file *file, char __user *ubuf, dev = cl->dev; + mutex_lock(&dev->device_lock); if (dev->dev_state != MEI_DEV_ENABLED) { rets = -ENODEV; goto out; } + if (length == 0) { + rets = 0; + goto out; + } + if (cl == &dev->iamthif_cl) { rets = mei_amthif_read(dev, file, ubuf, length, offset); goto out; @@ -350,8 +356,14 @@ static ssize_t mei_write(struct file *file, const char __user *ubuf, rets = -ENODEV; goto out; } - if (length > dev->me_clients[id].props.max_msg_length || length <= 0) { - rets = -EMSGSIZE; + + if (length == 0) { + rets = 0; + goto out; + } + + if (length > dev->me_clients[id].props.max_msg_length) { + rets = -EFBIG; goto out; } |