firmware: use 'kernel_read()' to read firmware into kernel buffer

Fengguang correctly points out that the firmware reading should not use
vfs_read(), since the buffer is in kernel space.

The vfs_read() just happened to work for kernel threads, but sparse
warns about the incorrect address spaces, and it's definitely incorrect
and could fail for other users of the firmware loading.

Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

diff --git a/drivers/base/firmware_class.c b/drivers/base/firmware_class.c
index e390fff..bb9e2db 100644 (file)
--- a/drivers/base/firmware_class.c
+++ b/drivers/base/firmware_class.c
@@ -60,7 +60,6 @@ static noinline long fw_file_size(struct file *file)
 
 static bool fw_read_file_contents(struct file *file, struct firmware *fw)
 {
-       loff_t pos;
        long size;
        char *buf;
 
@@ -70,8 +69,7 @@ static bool fw_read_file_contents(struct file *file, struct firmware *fw)
        buf = vmalloc(size);
        if (!buf)
                return false;
-       pos = 0;
-       if (vfs_read(file, buf, size, &pos) != size) {
+       if (kernel_read(file, 0, buf, size) != size) {
                vfree(buf);
                return false;
        }