From 7bf0aba3c220104baf837bb707ae77a4cccff3ae Mon Sep 17 00:00:00 2001
From: Shaoen-Lin <shaoen.lin92@gmail.com>
Date: Mon, 1 Jun 2026 16:15:37 +0800
Subject: [PATCH] Fix control_read length handling

The read callback may copy more bytes than the static string contains
when the requested read length exceeds strlen(str). It also never
updates *offset, so readers such as cat do not observe EOF.

Use simple_read_from_buffer() to cap the read length and advance the
file offset correctly.

Signed-off-by: Shaoen-Lin <shaoen.lin92@gmail.com>
---
 control.c | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/control.c b/control.c
index 5d3ba3d..4f24369 100644
--- a/control.c
+++ b/control.c
@@ -42,15 +42,9 @@ static ssize_t control_read(struct file *file,
                             size_t length,
                             loff_t *offset)
 {
-    int len;
     static const char *str = "Virtual V4L2 compatible camera device\n";
     pr_debug("read %p %dB\n", buffer, (int) length);
-    len = strlen(str);
-    if (len < length)
-        len = length;
-    if (copy_to_user(buffer, str, len) != 0)
-        pr_warn("Failed to copy_to_user!");
-    return len;
+    return simple_read_from_buffer(buffer, length, offset, str, strlen(str));
 }
 
 static ssize_t control_write(struct file *file,