From 8a0b09d90574aef3bf6269f03a5c7a9d005474de Mon Sep 17 00:00:00 2001 From: Sudip Mukherjee Date: Mon, 22 Aug 2016 22:04:58 +0530 Subject: [PATCH] staging: i4l: icn: fix incorrect type of arguments sparse was warning about incorrect type of argument: drivers/staging/i4l/icn/icn.c:1048:49: warning: incorrect type in argument 2 (different address spaces) drivers/staging/i4l/icn/icn.c:1048:49: expected void const [noderef] *from drivers/staging/i4l/icn/icn.c:1048:49: got unsigned char const [usertype] *buf drivers/staging/i4l/icn/icn.c:1476:38: warning: incorrect type in argument 1 (different address spaces) drivers/staging/i4l/icn/icn.c:1476:38: expected unsigned char const [usertype] *buf drivers/staging/i4l/icn/icn.c:1476:38: got unsigned char const [noderef] [usertype] *buf The function icn_writecmd() was used to copy from userspace and also from the kernelspace. Add another argument to the function to have two separate pointers, one for the userspace and one for the kernelspace. Based on the value of user as passed from the caller we use one of the two pointers. Signed-off-by: Sudip Mukherjee Signed-off-by: Greg Kroah-Hartman --- drivers/staging/i4l/icn/icn.c | 35 +++++++++++++++++++++-------------- 1 file changed, 21 insertions(+), 14 deletions(-) diff --git a/drivers/staging/i4l/icn/icn.c b/drivers/staging/i4l/icn/icn.c index 25c9de5..514bfc2 100644 --- a/drivers/staging/i4l/icn/icn.c +++ b/drivers/staging/i4l/icn/icn.c @@ -1015,7 +1015,8 @@ icn_readstatus(u_char __user *buf, int len, icn_card *card) /* Put command-strings into the command-queue of the Interface */ static int -icn_writecmd(const u_char *buf, int len, int user, icn_card *card) +icn_writecmd(const u_char __user *ubuf, const u_char *kbuf, int len, + int user, icn_card *card) { int mch = card->secondhalf ? 2 : 0; int pp; @@ -1038,10 +1039,10 @@ icn_writecmd(const u_char *buf, int len, int user, icn_card *card) if (count > len) count = len; if (user) { - if (copy_from_user(msg, buf, count)) + if (copy_from_user(msg, ubuf, count)) return -EFAULT; } else - memcpy(msg, buf, count); + memcpy(msg, kbuf, count); spin_lock_irqsave(&dev.devlock, flags); lastmap_card = dev.mcard; @@ -1267,7 +1268,9 @@ icn_command(isdn_ctrl *c, icn_card *card) msleep_interruptible(ICN_BOOT_TIMEOUT1); sprintf(cbuf, "00;FV2ON\n01;EAZ%c\n02;EAZ%c\n", (a & 1) ? '1' : 'C', (a & 2) ? '2' : 'C'); - i = icn_writecmd(cbuf, strlen(cbuf), 0, card); + i = icn_writecmd(NULL, cbuf, + strlen(cbuf), + 0, card); printk(KERN_INFO "icn: (%s) Leased-line mode enabled\n", CID); @@ -1280,7 +1283,9 @@ icn_command(isdn_ctrl *c, icn_card *card) if (card->leased) { card->leased = 0; sprintf(cbuf, "00;FV2OFF\n"); - i = icn_writecmd(cbuf, strlen(cbuf), 0, card); + i = icn_writecmd(NULL, cbuf, + strlen(cbuf), + 0, card); printk(KERN_INFO "icn: (%s) Leased-line mode disabled\n", CID); @@ -1317,7 +1322,7 @@ icn_command(isdn_ctrl *c, icn_card *card) "%02d;D%s_R%s,%02d,%02d,%s\n", (int)(a + 1), dcode, p, c->parm.setup.si1, c->parm.setup.si2, c->parm.setup.eazmsn); - i = icn_writecmd(cbuf, strlen(cbuf), 0, card); + i = icn_writecmd(NULL, cbuf, strlen(cbuf), 0, card); } break; case ISDN_CMD_ACCEPTD: @@ -1334,10 +1339,12 @@ icn_command(isdn_ctrl *c, icn_card *card) sprintf(cbuf, "%02d;BTRA\n", (int)a); break; } - i = icn_writecmd(cbuf, strlen(cbuf), 0, card); + i = icn_writecmd(NULL, cbuf, + strlen(cbuf), 0, + card); } sprintf(cbuf, "%02d;DCON_R\n", (int)a); - i = icn_writecmd(cbuf, strlen(cbuf), 0, card); + i = icn_writecmd(NULL, cbuf, strlen(cbuf), 0, card); } break; case ISDN_CMD_ACCEPTB: @@ -1355,7 +1362,7 @@ icn_command(isdn_ctrl *c, icn_card *card) break; } else sprintf(cbuf, "%02d;BCON_R\n", (int)a); - i = icn_writecmd(cbuf, strlen(cbuf), 0, card); + i = icn_writecmd(NULL, cbuf, strlen(cbuf), 0, card); } break; case ISDN_CMD_HANGUP: @@ -1364,7 +1371,7 @@ icn_command(isdn_ctrl *c, icn_card *card) if (c->arg < ICN_BCH) { a = c->arg + 1; sprintf(cbuf, "%02d;BDIS_R\n%02d;DDIS_R\n", (int)a, (int)a); - i = icn_writecmd(cbuf, strlen(cbuf), 0, card); + i = icn_writecmd(NULL, cbuf, strlen(cbuf), 0, card); } break; case ISDN_CMD_SETEAZ: @@ -1380,7 +1387,7 @@ icn_command(isdn_ctrl *c, icn_card *card) } else sprintf(cbuf, "%02d;EAZ%s\n", (int)a, c->parm.num[0] ? (char *)(c->parm.num) : "0123456789"); - i = icn_writecmd(cbuf, strlen(cbuf), 0, card); + i = icn_writecmd(NULL, cbuf, strlen(cbuf), 0, card); } break; case ISDN_CMD_CLREAZ: @@ -1394,7 +1401,7 @@ icn_command(isdn_ctrl *c, icn_card *card) sprintf(cbuf, "%02d;MSNC\n", (int)a); else sprintf(cbuf, "%02d;EAZC\n", (int)a); - i = icn_writecmd(cbuf, strlen(cbuf), 0, card); + i = icn_writecmd(NULL, cbuf, strlen(cbuf), 0, card); } break; case ISDN_CMD_SETL2: @@ -1412,7 +1419,7 @@ icn_command(isdn_ctrl *c, icn_card *card) default: return -EINVAL; } - i = icn_writecmd(cbuf, strlen(cbuf), 0, card); + i = icn_writecmd(NULL, cbuf, strlen(cbuf), 0, card); card->l2_proto[a & 255] = (a >> 8); } break; @@ -1466,7 +1473,7 @@ if_writecmd(const u_char __user *buf, int len, int id, int channel) if (card) { if (!(card->flags & ICN_FLAGS_RUNNING)) return -ENODEV; - return icn_writecmd(buf, len, 1, card); + return icn_writecmd(buf, NULL, len, 1, card); } printk(KERN_ERR "icn: if_writecmd called with invalid driverId!\n"); -- 2.7.4