Message ID | 20210614103409.3154127-5-arnd@kernel.org (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | media: v4l2: compat ioctl fixes | expand |
Hi Arnd, Thank you for the patch. On Mon, Jun 14, 2021 at 12:34:05PM +0200, Arnd Bergmann wrote: > From: Arnd Bergmann <arnd@arndb.de> > > Converting the VIDIOC_DQEVENT_TIME32/VIDIOC_DQEVENT32/ > VIDIOC_DQEVENT32_TIME32 arguments to the canonical form is done in common > code, but for some reason I ended up adding another conversion helper to > subdev_do_ioctl() as well. I must have concluded that this does not go > through the common conversion, but it has done that since the ioctl > handler was first added. > > I assume this one is harmless as there should be no way to arrive here > from user space, but since it is dead code, it should just get removed. If I'm not mistaken, this could be reached when !CONFIG_COMPAT_32BIT_TIME, can't it ? Still, there's no need for this code in that case, so it seems fine to me. > Fixes: 1a6c0b36dd19 ("media: v4l2-core: fix VIDIOC_DQEVENT for time64 ABI") > Signed-off-by: Arnd Bergmann <arnd@arndb.de> With an updated commit message if the above is correct, Reviewed-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com> > --- > drivers/media/v4l2-core/v4l2-subdev.c | 24 ------------------------ > 1 file changed, 24 deletions(-) > > diff --git a/drivers/media/v4l2-core/v4l2-subdev.c b/drivers/media/v4l2-core/v4l2-subdev.c > index 956dafab43d4..bf3aa9252458 100644 > --- a/drivers/media/v4l2-core/v4l2-subdev.c > +++ b/drivers/media/v4l2-core/v4l2-subdev.c > @@ -428,30 +428,6 @@ static long subdev_do_ioctl(struct file *file, unsigned int cmd, void *arg) > > return v4l2_event_dequeue(vfh, arg, file->f_flags & O_NONBLOCK); > > - case VIDIOC_DQEVENT_TIME32: { > - struct v4l2_event_time32 *ev32 = arg; > - struct v4l2_event ev = { }; > - > - if (!(sd->flags & V4L2_SUBDEV_FL_HAS_EVENTS)) > - return -ENOIOCTLCMD; > - > - rval = v4l2_event_dequeue(vfh, &ev, file->f_flags & O_NONBLOCK); > - > - *ev32 = (struct v4l2_event_time32) { > - .type = ev.type, > - .pending = ev.pending, > - .sequence = ev.sequence, > - .timestamp.tv_sec = ev.timestamp.tv_sec, > - .timestamp.tv_nsec = ev.timestamp.tv_nsec, > - .id = ev.id, > - }; > - > - memcpy(&ev32->u, &ev.u, sizeof(ev.u)); > - memcpy(&ev32->reserved, &ev.reserved, sizeof(ev.reserved)); > - > - return rval; > - } > - > case VIDIOC_SUBSCRIBE_EVENT: > return v4l2_subdev_call(sd, core, subscribe_event, vfh, arg); >
On Mon, Jun 14, 2021 at 7:02 PM Laurent Pinchart <laurent.pinchart@ideasonboard.com> wrote: > > On Mon, Jun 14, 2021 at 12:34:05PM +0200, Arnd Bergmann wrote: > > From: Arnd Bergmann <arnd@arndb.de> > > > > Converting the VIDIOC_DQEVENT_TIME32/VIDIOC_DQEVENT32/ > > VIDIOC_DQEVENT32_TIME32 arguments to the canonical form is done in common > > code, but for some reason I ended up adding another conversion helper to > > subdev_do_ioctl() as well. I must have concluded that this does not go > > through the common conversion, but it has done that since the ioctl > > handler was first added. > > > > I assume this one is harmless as there should be no way to arrive here > > from user space, but since it is dead code, it should just get removed. > > If I'm not mistaken, this could be reached when > !CONFIG_COMPAT_32BIT_TIME, can't it ? Still, there's no need for this > code in that case, so it seems fine to me. Yes, that is correct, I missed that condition. We definitely should not handle the command in that case. Hans, since you mentioned you would pick up this patch, I assume you are going to reword the patch as you see fit. If you prefer me to resend it, let me know. Arnd
On 15/06/2021 10:43, Arnd Bergmann wrote: > On Mon, Jun 14, 2021 at 7:02 PM Laurent Pinchart > <laurent.pinchart@ideasonboard.com> wrote: >> >> On Mon, Jun 14, 2021 at 12:34:05PM +0200, Arnd Bergmann wrote: >>> From: Arnd Bergmann <arnd@arndb.de> >>> >>> Converting the VIDIOC_DQEVENT_TIME32/VIDIOC_DQEVENT32/ >>> VIDIOC_DQEVENT32_TIME32 arguments to the canonical form is done in common >>> code, but for some reason I ended up adding another conversion helper to >>> subdev_do_ioctl() as well. I must have concluded that this does not go >>> through the common conversion, but it has done that since the ioctl >>> handler was first added. >>> >>> I assume this one is harmless as there should be no way to arrive here >>> from user space, but since it is dead code, it should just get removed. I changed this to: "I assume this one is harmless as there should be no way to arrive here from user space if CONFIG_COMPAT_32BIT_TIME is set," If it is not set, then this will just fall into the default case and is handled as if it is a potential custom ioctl, as you would expect. Let me know if you have a better text, I can still update it. Regards, Hans >> >> If I'm not mistaken, this could be reached when >> !CONFIG_COMPAT_32BIT_TIME, can't it ? Still, there's no need for this >> code in that case, so it seems fine to me. > > Yes, that is correct, I missed that condition. We definitely should not handle > the command in that case. > > Hans, since you mentioned you would pick up this patch, I assume you > are going to reword the patch as you see fit. If you prefer me to resend it, > let me know. > > Arnd >
On Tue, Jun 15, 2021 at 10:48 AM Hans Verkuil <hverkuil-cisco@xs4all.nl> wrote: > > On 15/06/2021 10:43, Arnd Bergmann wrote: > > On Mon, Jun 14, 2021 at 7:02 PM Laurent Pinchart > > <laurent.pinchart@ideasonboard.com> wrote: > >> > >> On Mon, Jun 14, 2021 at 12:34:05PM +0200, Arnd Bergmann wrote: > >>> From: Arnd Bergmann <arnd@arndb.de> > >>> > >>> Converting the VIDIOC_DQEVENT_TIME32/VIDIOC_DQEVENT32/ > >>> VIDIOC_DQEVENT32_TIME32 arguments to the canonical form is done in common > >>> code, but for some reason I ended up adding another conversion helper to > >>> subdev_do_ioctl() as well. I must have concluded that this does not go > >>> through the common conversion, but it has done that since the ioctl > >>> handler was first added. > >>> > >>> I assume this one is harmless as there should be no way to arrive here > >>> from user space, but since it is dead code, it should just get removed. > > I changed this to: > > "I assume this one is harmless as there should be no way to arrive here > from user space if CONFIG_COMPAT_32BIT_TIME is set," > > If it is not set, then this will just fall into the default case and is > handled as if it is a potential custom ioctl, as you would expect. > > Let me know if you have a better text, I can still update it. Looks good. One more sentence I would add: "On a 64-bit architecture, as well as a 32-bit architecture without CONFIG_COMPAT_32BIT_TIME, handling this command is a mistake, and the kernel should return an error". Arnd
diff --git a/drivers/media/v4l2-core/v4l2-subdev.c b/drivers/media/v4l2-core/v4l2-subdev.c index 956dafab43d4..bf3aa9252458 100644 --- a/drivers/media/v4l2-core/v4l2-subdev.c +++ b/drivers/media/v4l2-core/v4l2-subdev.c @@ -428,30 +428,6 @@ static long subdev_do_ioctl(struct file *file, unsigned int cmd, void *arg) return v4l2_event_dequeue(vfh, arg, file->f_flags & O_NONBLOCK); - case VIDIOC_DQEVENT_TIME32: { - struct v4l2_event_time32 *ev32 = arg; - struct v4l2_event ev = { }; - - if (!(sd->flags & V4L2_SUBDEV_FL_HAS_EVENTS)) - return -ENOIOCTLCMD; - - rval = v4l2_event_dequeue(vfh, &ev, file->f_flags & O_NONBLOCK); - - *ev32 = (struct v4l2_event_time32) { - .type = ev.type, - .pending = ev.pending, - .sequence = ev.sequence, - .timestamp.tv_sec = ev.timestamp.tv_sec, - .timestamp.tv_nsec = ev.timestamp.tv_nsec, - .id = ev.id, - }; - - memcpy(&ev32->u, &ev.u, sizeof(ev.u)); - memcpy(&ev32->reserved, &ev.reserved, sizeof(ev.reserved)); - - return rval; - } - case VIDIOC_SUBSCRIBE_EVENT: return v4l2_subdev_call(sd, core, subscribe_event, vfh, arg);