From: Kees Cook <keescook@chromium.org>
Subject: module: report -EFAULT on bytes remaining
Date: Wed, 12 Sep 2012 08:06:16 -0700

Caught by smatch:
kernel/module.c:2450 copy_module_from_user() warn: maybe return -EFAULT instead of the bytes remaining?

Clean up the copy_from_user() call to not report a positive value.
With this patch, init_module() will report errors from copy_from_user
(before it would always only report -EFAULT when err != 0).

Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> (simplified)
---
 kernel/module.c |    5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/kernel/module.c b/kernel/module.c
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -2415,9 +2415,10 @@ int copy_module_from_user(const void __u
 	if (!info->hdr)
 		return -ENOMEM;
 
-	err = copy_from_user(info->hdr, umod, info->len);
-	if (err)
+	if (copy_from_user(info->hdr, umod, info->len)) {
+		err = -EFAULT;
 		goto free_hdr;
+	}
 
 	err = check_info(info);
 	if (err)