Turns out the first kmemdup is only required for the .report_fixup() driver callback. There is no need to do two kmemdup() in a row in case .report_fixup() is not present.
Reviewed-by: Peter Hutterer peter.hutterer@who-t.net Signed-off-by: Benjamin Tissoires bentiss@kernel.org
---
no changes in v3
new in v2 --- drivers/hid/hid-core.c | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-)
diff --git a/drivers/hid/hid-core.c b/drivers/hid/hid-core.c index d6bf933623e8..6053e7cdc0c1 100644 --- a/drivers/hid/hid-core.c +++ b/drivers/hid/hid-core.c @@ -1214,7 +1214,7 @@ int hid_open_report(struct hid_device *device) struct hid_item item; unsigned int size; const __u8 *start; - __u8 *buf; + __u8 *buf = NULL; const __u8 *end; const __u8 *next; int ret; @@ -1235,14 +1235,18 @@ int hid_open_report(struct hid_device *device) return -ENODEV; size = device->bpf_rsize;
- buf = kmemdup(start, size, GFP_KERNEL); - if (buf == NULL) - return -ENOMEM; + if (device->driver->report_fixup) { + /* + * device->driver->report_fixup() needs to work + * on a copy of our report descriptor so it can + * change it. + */ + buf = kmemdup(start, size, GFP_KERNEL); + if (buf == NULL) + return -ENOMEM;
- if (device->driver->report_fixup) start = device->driver->report_fixup(device, buf, &size); - else - start = buf; + }
start = kmemdup(start, size, GFP_KERNEL); kfree(buf);