linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Dan Carpenter <dan.carpenter@oracle.com>
To: ishraq.i.ashraf@gmail.com
Cc: gregkh@linuxfoundation.org, devel@driverdev.osuosl.org,
	insafonov@gmail.com, goudapatilk@gmail.com,
	linux-kernel@vger.kernel.org, himanshujha199640@gmail.com,
	Johannes Berg <johannes.berg@intel.com>
Subject: Re: [PATCH] staging: rtl8188eu: Fix private WEXT IOCTL calls
Date: Thu, 23 Nov 2017 16:24:57 +0300	[thread overview]
Message-ID: <20171123132457.ttjnlqmi2j72nkac@mwanda> (raw)
In-Reply-To: <1511400546-10875-1-git-send-email-ishraq.i.ashraf@gmail.com>

On Thu, Nov 23, 2017 at 02:29:06AM +0100, ishraq.i.ashraf@gmail.com wrote:
> From: Ishraq Ibne Ashraf <ishraq.i.ashraf@gmail.com>
> 
> Commit 8bfb36766064 ("wireless: wext: remove ndo_do_ioctl fallback") breaks private WEXT
> IOCTL calls of this driver as these are not invoked through ndo_do_ioctl
> interface anymore. As a result hostapd stops working with this driver. In
> this patch this problem is solved by implementing equivalent private IOCTL
> functions of the existing ones which are accessed via iw_handler_def
> interface.
> 
> Signed-off-by: Ishraq Ibne Ashraf <ishraq.i.ashraf@gmail.com>


It's great to fix this, but new code should be at normal kernel quality.

> ---
>  drivers/staging/rtl8188eu/os_dep/ioctl_linux.c | 1042 ++++++++++++++++++++++++
>  1 file changed, 1042 insertions(+)
> 
> diff --git a/drivers/staging/rtl8188eu/os_dep/ioctl_linux.c b/drivers/staging/rtl8188eu/os_dep/ioctl_linux.c
> index c0664dc..7503751 100644
> --- a/drivers/staging/rtl8188eu/os_dep/ioctl_linux.c
> +++ b/drivers/staging/rtl8188eu/os_dep/ioctl_linux.c
> @@ -3061,6 +3061,1046 @@ static iw_handler rtw_handlers[] = {
>  	NULL,					/*---hole---*/
>  };
>  
> +static int get_private_handler_ieee_param(struct adapter *padapter,
> +	union iwreq_data *wrqu,
> +	void *param)

Indent these more.

> +{
> +	/*
> +	 * This function is expected to be called in master mode, which allows no
> +	 * power saving. So we just check hw_init_completed.
> +	 */
> +
> +	if (!padapter->hw_init_completed)
> +		return -EPERM;
> +
> +	if (!wrqu->data.pointer)
> +		return -EINVAL;

You could leave this out and it will return -EFAULT when copy_from_user()
fails.  That's probably the right error code.

> +
> +	/*
> +	 * Since we don't allocate memory for param in this function, we assume
> +	 * the caller of this function will properly allocate and deallocate memory
> +	 * for param.
> +	 */

This is an obvious comment.  Remove it.

> +	if (copy_from_user(param, wrqu->data.pointer, wrqu->data.length))
> +		return -EFAULT;
> +
> +	return 0;
> +}
> +
> +static int rtw_hostapd_sta_flush_pvt(struct net_device *dev,
> +	struct iw_request_info *info,
> +	union iwreq_data *wrqu,
> +	char *extra)
> +{
> +	struct adapter *padapter = (struct adapter *)rtw_netdev_priv(dev);
> +
> +	DBG_88E("%s\n", __func__);

Remove this line.

> +
> +	flush_all_cam_entry(padapter); // Clear CAM.

Comment style.

> +
> +	return rtw_sta_flush(padapter);
> +}
> +
> +static int rtw_add_sta_pvt(struct net_device *dev,
> +	struct iw_request_info *info,
> +	union iwreq_data *wrqu,
> +	char *extra)
> +{
> +	int ret = 0;
> +	struct sta_info *psta = NULL;
> +	struct ieee_param *param = NULL;

Don't initialize these to useless values.  It turns off the static
checker for finding uninitialized variables.

> +	struct adapter *padapter = (struct adapter *)rtw_netdev_priv(dev);
> +	struct mlme_priv *pmlmepriv = &(padapter->mlmepriv);
> +	struct sta_priv *pstapriv = &padapter->stapriv;
> +
> +	param = (struct ieee_param *)rtw_malloc(wrqu->data.length);

rtw_malloc() is buggy.  It ignores locking.  Let's not use it in new
code.

> +
> +	if (!param) {
> +		DBG_88E(" rtw_add_sta: ieee_param allocate fail !!!\n");

No need to print this debug message.

> +
> +		return -ENOMEM;
> +	}
> +
> +	ret = get_private_handler_ieee_param(padapter, wrqu, param);
> +
> +	if (ret != 0) {

if (ret).  "ret" isn't a number zero which can be used for math like
"ret + 2", it's an error code.  The != 0 is a double negative which
hurts readability.  != 0 is appropriate for numbers and strcmp()
functions.

> +		kfree(param);

Free this at the end of the function.

> +		DBG_88E(" rtw_add_sta: ieee_param get fail !!!\n");

These messages are so ugly !!!

> +
> +		return ret;
> +	}
> +
> +	DBG_88E("rtw_add_sta(aid =%d) =%pM\n", param->u.add_sta.aid, (param->sta_addr));
> +
> +	if (!check_fwstate(pmlmepriv, (_FW_LINKED|WIFI_AP_STATE)))
> +		return -EINVAL;

		ret = -EINVAL;
		goto err_free_param;

> +
> +	if (param->sta_addr[0] == 0xff && param->sta_addr[1] == 0xff &&
> +	    param->sta_addr[2] == 0xff && param->sta_addr[3] == 0xff &&
> +	    param->sta_addr[4] == 0xff && param->sta_addr[5] == 0xff)
> +	      return -EINVAL;

		ret = -EINVAL;
		goto err_free_param;


> +
> +	psta = rtw_get_stainfo(pstapriv, param->sta_addr);
> +	if (psta) {

Always do failure handling.  Never do success handling.  So this becomes:

	if (!psta)
		goto err_free_param;



> +		int flags = param->u.add_sta.flags;
> +		psta->aid = param->u.add_sta.aid; // aid = 1~2007.
> +
> +		memcpy(psta->bssrateset, param->u.add_sta.tx_supp_rates, 16);
> +
> +		// Check WMM cap.

Comment style

> +		if (WLAN_STA_WME&flags)
> +			psta->qos_option = 1;
> +		else
> +			psta->qos_option = 0;
> +
> +		if (pmlmepriv->qospriv.qos_option == 0)
> +			psta->qos_option = 0;
> +
> +		// Check 802.11n HT cap.
> +		if (WLAN_STA_HT&flags) {
> +			psta->htpriv.ht_option = true;
> +			psta->qos_option = 1;
> +			memcpy(&psta->htpriv.ht_cap,
> +			       &param->u.add_sta.ht_cap,
> +			       sizeof(struct ieee80211_ht_cap));
> +		} else {
> +			psta->htpriv.ht_option = false;
> +		}
> +
> +		if (pmlmepriv->htpriv.ht_option == false)
> +			psta->htpriv.ht_option = false;
> +
> +		update_sta_info_apmode(padapter, psta);
> +	} else {
> +		ret = -ENOMEM;
> +	}
> +
> +	if (ret == 0 && (copy_to_user(wrqu->data.pointer, param, wrqu->data.length)))
> +		ret = -EFAULT;

We need to free param.

> +
> +	return ret;


The end of the function could look like this:

	update_sta_info_apmode(padapter, psta);

	if (copy_to_user(wrqu->data.pointer, param, wrqu->data.length))
		ret = -EFAULT;

err_free_param:
	kfree(param);

	return ret;


> +}
> +
> +static int rtw_del_sta_pvt(struct net_device *dev,
> +	struct iw_request_info *info,
> +	union iwreq_data *wrqu,
> +	char *extra)
> +{
> +	int ret = 0;
> +	struct sta_info *psta = NULL;
> +	struct ieee_param *param = NULL;

Remove initialization.

> +	struct adapter *padapter = (struct adapter *)rtw_netdev_priv(dev);
> +	struct mlme_priv *pmlmepriv = &(padapter->mlmepriv);
> +	struct sta_priv *pstapriv = &padapter->stapriv;
> +	int updated = 0;
> +
> +	param = (struct ieee_param *)rtw_malloc(wrqu->data.length);

Use kmalloc();  Basically all the same stuff as the previous function.

regards,
dan carpenter

  reply	other threads:[~2017-11-23 13:25 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-11-23  1:29 [PATCH] staging: rtl8188eu: Fix private WEXT IOCTL calls ishraq.i.ashraf
2017-11-23 13:24 ` Dan Carpenter [this message]
2017-11-25  0:52 ` [PATCH 2/2] " ishraq.i.ashraf
2017-11-25  4:40   ` Dan Carpenter
2017-11-25 18:12     ` Ishraq Ibne Ashraf
2017-11-26  0:45     ` Ishraq Ibne Ashraf
2017-11-27 11:33       ` Johannes Berg
2017-11-25  1:29 ` [PATCH v2] " ishraq.i.ashraf
2017-11-25  4:55   ` Dan Carpenter
2017-11-25 18:29 ` [PATCH v3] " ishraq.i.ashraf
2017-11-25 21:25   ` Dan Carpenter
2017-11-27 11:24   ` Johannes Berg
2017-11-28  8:00   ` [PATCH] staging: rtl8188eu: fix kzalloc-simple.cocci warnings kbuild test robot
2017-11-28  8:00   ` [PATCH v3] staging: rtl8188eu: Fix private WEXT IOCTL calls kbuild test robot
2017-12-04 15:20   ` kbuild test robot
2017-11-26 20:45 ` [PATCH] " kbuild test robot
2017-11-26 23:20 ` kbuild test robot

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20171123132457.ttjnlqmi2j72nkac@mwanda \
    --to=dan.carpenter@oracle.com \
    --cc=devel@driverdev.osuosl.org \
    --cc=goudapatilk@gmail.com \
    --cc=gregkh@linuxfoundation.org \
    --cc=himanshujha199640@gmail.com \
    --cc=insafonov@gmail.com \
    --cc=ishraq.i.ashraf@gmail.com \
    --cc=johannes.berg@intel.com \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).