crypto: fips - replace simple_strtol with kstrtoint to improve fips_enable

[PATCH] crypto: fips - replace simple_strtol with kstrtoint to improve fips_enable

Thorsten Blum posted 1 patch 2 weeks, 2 days ago

Download mbox

crypto/fips.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)

Expand all Fold all

[PATCH] crypto: fips - replace simple_strtol with kstrtoint to improve fips_enable

Posted by Thorsten Blum 2 weeks, 2 days ago

Replace simple_strtol() with the recommended kstrtoint() for parsing the
'fips=' boot parameter. Unlike simple_strtol(), which returns a long,
kstrtoint() converts the string directly to an integer and avoids
implicit casting.

Check the return value of kstrtoint() and reject invalid values. This
adds error handling while preserving existing behavior for valid values,
and removes use of the deprecated simple_strtol() helper.

Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
---
 crypto/fips.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/crypto/fips.c b/crypto/fips.c
index e88a604cb42b..65d2bc070a26 100644
--- a/crypto/fips.c
+++ b/crypto/fips.c
@@ -24,7 +24,10 @@ EXPORT_SYMBOL_GPL(fips_fail_notif_chain);
 /* Process kernel command-line parameter at boot time. fips=0 or fips=1 */
 static int fips_enable(char *str)
 {
-	fips_enabled = !!simple_strtol(str, NULL, 0);
+	if (kstrtoint(str, 0, &fips_enabled))
+		return 0;
+
+	fips_enabled = !!fips_enabled;
 	pr_info("fips mode: %s\n", str_enabled_disabled(fips_enabled));
 	return 1;
 }
-- 
2.51.0