From: Arnd Bergmann <arnd@arndb.de>
To: Mauro Carvalho Chehab <mchehab@kernel.org>, linux-media@vger.kernel.org
Cc: Hans Verkuil <hverkuil@xs4all.nl>,
linux-kernel@vger.kernel.org, y2038@lists.linaro.org,
Arnd Bergmann <arnd@arndb.de>
Subject: [PATCH v4 4/8] media: v4l2-core: split out data copy from video_usercopy
Date: Mon, 11 Nov 2019 21:38:31 +0100 [thread overview]
Message-ID: <20191111203835.2260382-5-arnd@arndb.de> (raw)
In-Reply-To: <20191111203835.2260382-1-arnd@arndb.de>
The copy-in/out portions of video_usercopy() are about to
get more complex, so turn then into separate functions as
a cleanup first.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
---
drivers/media/v4l2-core/v4l2-ioctl.c | 107 +++++++++++++++++----------
1 file changed, 68 insertions(+), 39 deletions(-)
diff --git a/drivers/media/v4l2-core/v4l2-ioctl.c b/drivers/media/v4l2-core/v4l2-ioctl.c
index 51b912743f0f..693f9eb8e01b 100644
--- a/drivers/media/v4l2-core/v4l2-ioctl.c
+++ b/drivers/media/v4l2-core/v4l2-ioctl.c
@@ -3008,8 +3008,69 @@ static int check_array_args(unsigned int cmd, void *parg, size_t *array_size,
return ret;
}
+static unsigned int video_translate_cmd(unsigned int cmd)
+{
+ return cmd;
+}
+
+static int video_get_user(void __user *arg, void *parg, unsigned int cmd,
+ bool *always_copy)
+{
+ unsigned int n = _IOC_SIZE(cmd);
+
+ if (!(_IOC_DIR(cmd) & _IOC_WRITE)) {
+ /* read-only ioctl */
+ memset(parg, 0, n);
+ return 0;
+ }
+
+ switch (cmd) {
+ default:
+ /*
+ * In some cases, only a few fields are used as input,
+ * i.e. when the app sets "index" and then the driver
+ * fills in the rest of the structure for the thing
+ * with that index. We only need to copy up the first
+ * non-input field.
+ */
+ if (v4l2_is_known_ioctl(cmd)) {
+ u32 flags = v4l2_ioctls[_IOC_NR(cmd)].flags;
+
+ if (flags & INFO_FL_CLEAR_MASK)
+ n = (flags & INFO_FL_CLEAR_MASK) >> 16;
+ *always_copy = flags & INFO_FL_ALWAYS_COPY;
+ }
+
+ if (copy_from_user(parg, (void __user *)arg, n))
+ return -EFAULT;
+
+ /* zero out anything we don't copy from userspace */
+ if (n < _IOC_SIZE(cmd))
+ memset((u8 *)parg + n, 0, _IOC_SIZE(cmd) - n);
+ break;
+ }
+
+ return 0;
+}
+
+static int video_put_user(void __user *arg, void *parg, unsigned int cmd)
+{
+ if (!(_IOC_DIR(cmd) & _IOC_READ))
+ return 0;
+
+ switch (cmd) {
+ default:
+ /* Copy results into user buffer */
+ if (copy_to_user(arg, parg, _IOC_SIZE(cmd)))
+ return -EFAULT;
+ break;
+ }
+
+ return 0;
+}
+
long
-video_usercopy(struct file *file, unsigned int cmd, unsigned long arg,
+video_usercopy(struct file *file, unsigned int orig_cmd, unsigned long arg,
v4l2_kioctl func)
{
char sbuf[128];
@@ -3021,6 +3082,7 @@ video_usercopy(struct file *file, unsigned int cmd, unsigned long arg,
size_t array_size = 0;
void __user *user_ptr = NULL;
void **kernel_ptr = NULL;
+ unsigned int cmd = video_translate_cmd(orig_cmd);
const size_t ioc_size = _IOC_SIZE(cmd);
/* Copy arguments into temp kernel buffer */
@@ -3035,37 +3097,12 @@ video_usercopy(struct file *file, unsigned int cmd, unsigned long arg,
parg = mbuf;
}
- err = -EFAULT;
- if (_IOC_DIR(cmd) & _IOC_WRITE) {
- unsigned int n = ioc_size;
-
- /*
- * In some cases, only a few fields are used as input,
- * i.e. when the app sets "index" and then the driver
- * fills in the rest of the structure for the thing
- * with that index. We only need to copy up the first
- * non-input field.
- */
- if (v4l2_is_known_ioctl(cmd)) {
- u32 flags = v4l2_ioctls[_IOC_NR(cmd)].flags;
-
- if (flags & INFO_FL_CLEAR_MASK)
- n = (flags & INFO_FL_CLEAR_MASK) >> 16;
- always_copy = flags & INFO_FL_ALWAYS_COPY;
- }
-
- if (copy_from_user(parg, (void __user *)arg, n))
- goto out;
-
- /* zero out anything we don't copy from userspace */
- if (n < ioc_size)
- memset((u8 *)parg + n, 0, ioc_size - n);
- } else {
- /* read-only ioctl */
- memset(parg, 0, ioc_size);
- }
}
+ err = video_get_user((void __user *)arg, parg, orig_cmd, &always_copy);
+ if (err)
+ goto out;
+
err = check_array_args(cmd, parg, &array_size, &user_ptr, &kernel_ptr);
if (err < 0)
goto out;
@@ -3116,15 +3153,7 @@ video_usercopy(struct file *file, unsigned int cmd, unsigned long arg,
goto out;
out_array_args:
- /* Copy results into user buffer */
- switch (_IOC_DIR(cmd)) {
- case _IOC_READ:
- case (_IOC_WRITE | _IOC_READ):
- if (copy_to_user((void __user *)arg, parg, ioc_size))
- err = -EFAULT;
- break;
- }
-
+ err = video_put_user((void __user *)arg, parg, orig_cmd);
out:
kvfree(mbuf);
return err;
--
2.20.0
next prev parent reply other threads:[~2019-11-11 20:39 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-11 20:38 [PATCH v4 0/8] y2038 safety in v4l2 Arnd Bergmann
2019-11-11 20:38 ` [PATCH v4 1/8] media: documentation: fix video_event description Arnd Bergmann
2019-11-11 20:38 ` [PATCH v4 2/8] media: v4l2: abstract timeval handling in v4l2_buffer Arnd Bergmann
2019-11-25 15:52 ` Hans Verkuil
2019-11-26 11:34 ` Arnd Bergmann
2019-11-26 11:43 ` Hans Verkuil
2019-11-26 12:42 ` Arnd Bergmann
2019-11-11 20:38 ` [PATCH v4 3/8] media: v4l2-core: compat: ignore native command codes Arnd Bergmann
[not found] ` <20191122070015.D5A702068E@mail.kernel.org>
2019-11-22 12:29 ` Arnd Bergmann
2019-11-11 20:38 ` Arnd Bergmann [this message]
2019-11-11 20:38 ` [PATCH v4 5/8] media: v4l2-core: fix VIDIOC_DQEVENT for time64 ABI Arnd Bergmann
2019-11-25 14:40 ` Hans Verkuil
2019-11-26 14:43 ` Arnd Bergmann
2019-11-26 15:10 ` Hans Verkuil
2019-11-26 15:19 ` Arnd Bergmann
2019-11-11 20:38 ` [PATCH v4 6/8] media: v4l2-core: fix v4l2_buffer handling " Arnd Bergmann
2019-11-25 14:57 ` Hans Verkuil
2019-11-26 13:50 ` Arnd Bergmann
2019-11-26 14:15 ` Hans Verkuil
2019-11-26 15:17 ` Arnd Bergmann
2019-11-26 15:24 ` Hans Verkuil
2019-11-11 20:38 ` [PATCH v4 7/8] media: v4l2-core: fix compat VIDIOC_DQEVENT " Arnd Bergmann
2019-11-11 20:38 ` [PATCH v4 8/8] media: v4l2-core: fix compat v4l2_buffer handling " Arnd Bergmann
2019-11-25 16:02 ` [PATCH v4 0/8] y2038 safety in v4l2 Hans Verkuil
2019-11-26 11:13 ` Arnd Bergmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191111203835.2260382-5-arnd@arndb.de \
--to=arnd@arndb.de \
--cc=hverkuil@xs4all.nl \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-media@vger.kernel.org \
--cc=mchehab@kernel.org \
--cc=y2038@lists.linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).