git: 5668c22a13c6 - main - LinuxKPI/lindebugfs: stop panicing in lindebugfs, fix simple_read_from_buffer

From: Bjoern A. Zeeb <bz_at_FreeBSD.org>
Date: Fri, 26 Jul 2024 10:56:36 UTC
The branch main has been updated by bz:

URL: https://cgit.FreeBSD.org/src/commit/?id=5668c22a13c6befa9b8486387d38457c40ce7af4

commit 5668c22a13c6befa9b8486387d38457c40ce7af4
Author:     Bjoern A. Zeeb <bz@FreeBSD.org>
AuthorDate: 2024-06-27 12:19:38 +0000
Commit:     Bjoern A. Zeeb <bz@FreeBSD.org>
CommitDate: 2024-07-26 10:53:55 +0000

    LinuxKPI/lindebugfs: stop panicing in lindebugfs, fix simple_read_from_buffer
    
    Trying to use lindebugfs for debugging wirless drivers two issues
    became apparent:
    (a) a panic in lindebugfs calling a hard coded release function if the
        caller had not provided one.  This seems to be based on assumptions
        that no longer hold up.  Remove the hard coded release function to
        prevent panics.
    (b) In LinuxKPI simple_read_from_buffer() would call copy_to_user() but
        buffers weren't setup for this (lindebugfs copies data from its
        own buffer) and then pseudofs will do another copyout to the user
        on this;  remove the copy_to_user() and simply copy the data over
        to the provided buffer; this works for as long as the only consumers
        remain debugfs callers (which currently seems to be the case).
        [the only out-of-tree consumers I am aware off are two drm-kmod
        drivers/gpu/drm/amd/pm/* debugfs functions I cannot test].
    
    Sponsored by:   The FreeBSD Foundation
    MFC after:      2 weeks
    Tested by:      jfree
    Differential Revision: https://reviews.freebsd.org/D45755
---
 sys/compat/lindebugfs/lindebugfs.c            |  2 --
 sys/compat/linuxkpi/common/include/linux/fs.h | 22 +++++++++++++---------
 2 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/sys/compat/lindebugfs/lindebugfs.c b/sys/compat/lindebugfs/lindebugfs.c
index 2cede0ef213f..d32de5d0657e 100644
--- a/sys/compat/lindebugfs/lindebugfs.c
+++ b/sys/compat/lindebugfs/lindebugfs.c
@@ -162,8 +162,6 @@ debugfs_fill(PFS_FILL_ARGS)
 
 	if (d->dm_fops->release)
 		d->dm_fops->release(&vn, &lf);
-	else
-		single_release(&vn, &lf);
 
 	if (rc < 0) {
 #ifdef INVARIANTS
diff --git a/sys/compat/linuxkpi/common/include/linux/fs.h b/sys/compat/linuxkpi/common/include/linux/fs.h
index 9c763168b0f4..d277b717423f 100644
--- a/sys/compat/linuxkpi/common/include/linux/fs.h
+++ b/sys/compat/linuxkpi/common/include/linux/fs.h
@@ -353,9 +353,8 @@ static inline ssize_t
 simple_read_from_buffer(void __user *dest, size_t read_size, loff_t *ppos,
     void *orig, size_t buf_size)
 {
-	void *read_pos = ((char *) orig) + *ppos;
+	void *p, *read_pos = ((char *) orig) + *ppos;
 	size_t buf_remain = buf_size - *ppos;
-	ssize_t num_read;
 
 	if (buf_remain < 0 || buf_remain > buf_size)
 		return -EINVAL;
@@ -363,13 +362,18 @@ simple_read_from_buffer(void __user *dest, size_t read_size, loff_t *ppos,
 	if (read_size > buf_remain)
 		read_size = buf_remain;
 
-	/* copy_to_user returns number of bytes NOT read */
-	num_read = read_size - copy_to_user(dest, read_pos, read_size);
-	if (num_read == 0)
-		return -EFAULT;
-	*ppos += num_read;
-
-	return (num_read);
+	/*
+	 * XXX At time of commit only debugfs consumers could be
+	 * identified.  If others will use this function we may
+	 * have to revise this: normally we would call copy_to_user()
+	 * here but lindebugfs will return the result and the
+	 * copyout is done elsewhere for us.
+	 */
+	p = memcpy(dest, read_pos, read_size);
+	if (p != NULL)
+		*ppos += read_size;
+
+	return (read_size);
 }
 
 MALLOC_DECLARE(M_LSATTR);