Commit 6dd0394f authored by Mauro Carvalho Chehab's avatar Mauro Carvalho Chehab

media: v4l2-compat-ioctl32: better name userspace pointers

In the past, "up" were an acronym for "user pointer" and "kp" for
"kernel pointer". However, since commit a1dfb4c4 ("media:
v4l2-compat-ioctl32.c: refactor compat ioctl32 logic"), both
are now __user pointers.

So, the usage of "kp" is really misleading there. So, rename
both to just "p32" and "p64" everywhere it occurs, in order to
make peace with this file's namespace.

There are two exceptions to "up/kp" nomenclature: at
alloc_userspace() and at do_video_ioctl().

There, a new userspace pointer were allocated, in order to store
the 64 bits version of the ioctl. Those were called as "up_native",
with is, IMHO, an even worse name, as "native" could mislead of
being the arguments that were filled from userspace. I almost
renamed it to just "p64", but, after thinking more about that,
it sounded better to call it as "new_p64", as this makes clearer
that this is the data structure that was allocated inside this
file in order to be used to pass/retrieve data when calling the
64-bit ready file->f_op->unlocked_ioctl() function.
Suggested-by: default avatarSakari Ailus <sakari.ailus@linux.intel.com>
Suggested-by: default avatarHans Verkuil <hverkuil@xs4all.nl>
Reviewed-by: default avatarHans Verkuil <hans.verkuil@cisco.com>
Acked-by: default avatarSakari Ailus <sakari.ailus@linux.intel.com>
Signed-off-by: default avatarMauro Carvalho Chehab <mchehab@s-opensource.com>
parent fef6cc6b
...@@ -56,8 +56,8 @@ struct v4l2_window32 { ...@@ -56,8 +56,8 @@ struct v4l2_window32 {
__u8 global_alpha; __u8 global_alpha;
}; };
static int get_v4l2_window32(struct v4l2_window __user *kp, static int get_v4l2_window32(struct v4l2_window __user *p64,
struct v4l2_window32 __user *up, struct v4l2_window32 __user *p32,
void __user *aux_buf, u32 aux_space) void __user *aux_buf, u32 aux_space)
{ {
struct v4l2_clip32 __user *uclips; struct v4l2_clip32 __user *uclips;
...@@ -65,26 +65,26 @@ static int get_v4l2_window32(struct v4l2_window __user *kp, ...@@ -65,26 +65,26 @@ static int get_v4l2_window32(struct v4l2_window __user *kp,
compat_caddr_t p; compat_caddr_t p;
u32 clipcount; u32 clipcount;
if (!access_ok(VERIFY_READ, up, sizeof(*up)) || if (!access_ok(VERIFY_READ, p32, sizeof(*p32)) ||
copy_in_user(&kp->w, &up->w, sizeof(up->w)) || copy_in_user(&p64->w, &p32->w, sizeof(p32->w)) ||
assign_in_user(&kp->field, &up->field) || assign_in_user(&p64->field, &p32->field) ||
assign_in_user(&kp->chromakey, &up->chromakey) || assign_in_user(&p64->chromakey, &p32->chromakey) ||
assign_in_user(&kp->global_alpha, &up->global_alpha) || assign_in_user(&p64->global_alpha, &p32->global_alpha) ||
get_user(clipcount, &up->clipcount) || get_user(clipcount, &p32->clipcount) ||
put_user(clipcount, &kp->clipcount)) put_user(clipcount, &p64->clipcount))
return -EFAULT; return -EFAULT;
if (clipcount > 2048) if (clipcount > 2048)
return -EINVAL; return -EINVAL;
if (!clipcount) if (!clipcount)
return put_user(NULL, &kp->clips); return put_user(NULL, &p64->clips);
if (get_user(p, &up->clips)) if (get_user(p, &p32->clips))
return -EFAULT; return -EFAULT;
uclips = compat_ptr(p); uclips = compat_ptr(p);
if (aux_space < clipcount * sizeof(*kclips)) if (aux_space < clipcount * sizeof(*kclips))
return -EFAULT; return -EFAULT;
kclips = aux_buf; kclips = aux_buf;
if (put_user(kclips, &kp->clips)) if (put_user(kclips, &p64->clips))
return -EFAULT; return -EFAULT;
while (clipcount--) { while (clipcount--) {
...@@ -98,27 +98,27 @@ static int get_v4l2_window32(struct v4l2_window __user *kp, ...@@ -98,27 +98,27 @@ static int get_v4l2_window32(struct v4l2_window __user *kp,
return 0; return 0;
} }
static int put_v4l2_window32(struct v4l2_window __user *kp, static int put_v4l2_window32(struct v4l2_window __user *p64,
struct v4l2_window32 __user *up) struct v4l2_window32 __user *p32)
{ {
struct v4l2_clip __user *kclips; struct v4l2_clip __user *kclips;
struct v4l2_clip32 __user *uclips; struct v4l2_clip32 __user *uclips;
compat_caddr_t p; compat_caddr_t p;
u32 clipcount; u32 clipcount;
if (copy_in_user(&up->w, &kp->w, sizeof(kp->w)) || if (copy_in_user(&p32->w, &p64->w, sizeof(p64->w)) ||
assign_in_user(&up->field, &kp->field) || assign_in_user(&p32->field, &p64->field) ||
assign_in_user(&up->chromakey, &kp->chromakey) || assign_in_user(&p32->chromakey, &p64->chromakey) ||
assign_in_user(&up->global_alpha, &kp->global_alpha) || assign_in_user(&p32->global_alpha, &p64->global_alpha) ||
get_user(clipcount, &kp->clipcount) || get_user(clipcount, &p64->clipcount) ||
put_user(clipcount, &up->clipcount)) put_user(clipcount, &p32->clipcount))
return -EFAULT; return -EFAULT;
if (!clipcount) if (!clipcount)
return 0; return 0;
if (get_user(kclips, &kp->clips)) if (get_user(kclips, &p64->clips))
return -EFAULT; return -EFAULT;
if (get_user(p, &up->clips)) if (get_user(p, &p32->clips))
return -EFAULT; return -EFAULT;
uclips = compat_ptr(p); uclips = compat_ptr(p);
while (clipcount--) { while (clipcount--) {
...@@ -161,11 +161,11 @@ struct v4l2_create_buffers32 { ...@@ -161,11 +161,11 @@ struct v4l2_create_buffers32 {
__u32 reserved[8]; __u32 reserved[8];
}; };
static int __bufsize_v4l2_format(struct v4l2_format32 __user *up, u32 *size) static int __bufsize_v4l2_format(struct v4l2_format32 __user *p32, u32 *size)
{ {
u32 type; u32 type;
if (get_user(type, &up->type)) if (get_user(type, &p32->type))
return -EFAULT; return -EFAULT;
switch (type) { switch (type) {
...@@ -173,7 +173,7 @@ static int __bufsize_v4l2_format(struct v4l2_format32 __user *up, u32 *size) ...@@ -173,7 +173,7 @@ static int __bufsize_v4l2_format(struct v4l2_format32 __user *up, u32 *size)
case V4L2_BUF_TYPE_VIDEO_OUTPUT_OVERLAY: { case V4L2_BUF_TYPE_VIDEO_OUTPUT_OVERLAY: {
u32 clipcount; u32 clipcount;
if (get_user(clipcount, &up->fmt.win.clipcount)) if (get_user(clipcount, &p32->fmt.win.clipcount))
return -EFAULT; return -EFAULT;
if (clipcount > 2048) if (clipcount > 2048)
return -EINVAL; return -EINVAL;
...@@ -186,141 +186,141 @@ static int __bufsize_v4l2_format(struct v4l2_format32 __user *up, u32 *size) ...@@ -186,141 +186,141 @@ static int __bufsize_v4l2_format(struct v4l2_format32 __user *up, u32 *size)
} }
} }
static int bufsize_v4l2_format(struct v4l2_format32 __user *up, u32 *size) static int bufsize_v4l2_format(struct v4l2_format32 __user *p32, u32 *size)
{ {
if (!access_ok(VERIFY_READ, up, sizeof(*up))) if (!access_ok(VERIFY_READ, p32, sizeof(*p32)))
return -EFAULT; return -EFAULT;
return __bufsize_v4l2_format(up, size); return __bufsize_v4l2_format(p32, size);
} }
static int __get_v4l2_format32(struct v4l2_format __user *kp, static int __get_v4l2_format32(struct v4l2_format __user *p64,
struct v4l2_format32 __user *up, struct v4l2_format32 __user *p32,
void __user *aux_buf, u32 aux_space) void __user *aux_buf, u32 aux_space)
{ {
u32 type; u32 type;
if (get_user(type, &up->type) || put_user(type, &kp->type)) if (get_user(type, &p32->type) || put_user(type, &p64->type))
return -EFAULT; return -EFAULT;
switch (type) { switch (type) {
case V4L2_BUF_TYPE_VIDEO_CAPTURE: case V4L2_BUF_TYPE_VIDEO_CAPTURE:
case V4L2_BUF_TYPE_VIDEO_OUTPUT: case V4L2_BUF_TYPE_VIDEO_OUTPUT:
return copy_in_user(&kp->fmt.pix, &up->fmt.pix, return copy_in_user(&p64->fmt.pix, &p32->fmt.pix,
sizeof(kp->fmt.pix)) ? -EFAULT : 0; sizeof(p64->fmt.pix)) ? -EFAULT : 0;
case V4L2_BUF_TYPE_VIDEO_CAPTURE_MPLANE: case V4L2_BUF_TYPE_VIDEO_CAPTURE_MPLANE:
case V4L2_BUF_TYPE_VIDEO_OUTPUT_MPLANE: case V4L2_BUF_TYPE_VIDEO_OUTPUT_MPLANE:
return copy_in_user(&kp->fmt.pix_mp, &up->fmt.pix_mp, return copy_in_user(&p64->fmt.pix_mp, &p32->fmt.pix_mp,
sizeof(kp->fmt.pix_mp)) ? -EFAULT : 0; sizeof(p64->fmt.pix_mp)) ? -EFAULT : 0;
case V4L2_BUF_TYPE_VIDEO_OVERLAY: case V4L2_BUF_TYPE_VIDEO_OVERLAY:
case V4L2_BUF_TYPE_VIDEO_OUTPUT_OVERLAY: case V4L2_BUF_TYPE_VIDEO_OUTPUT_OVERLAY:
return get_v4l2_window32(&kp->fmt.win, &up->fmt.win, return get_v4l2_window32(&p64->fmt.win, &p32->fmt.win,
aux_buf, aux_space); aux_buf, aux_space);
case V4L2_BUF_TYPE_VBI_CAPTURE: case V4L2_BUF_TYPE_VBI_CAPTURE:
case V4L2_BUF_TYPE_VBI_OUTPUT: case V4L2_BUF_TYPE_VBI_OUTPUT:
return copy_in_user(&kp->fmt.vbi, &up->fmt.vbi, return copy_in_user(&p64->fmt.vbi, &p32->fmt.vbi,
sizeof(kp->fmt.vbi)) ? -EFAULT : 0; sizeof(p64->fmt.vbi)) ? -EFAULT : 0;
case V4L2_BUF_TYPE_SLICED_VBI_CAPTURE: case V4L2_BUF_TYPE_SLICED_VBI_CAPTURE:
case V4L2_BUF_TYPE_SLICED_VBI_OUTPUT: case V4L2_BUF_TYPE_SLICED_VBI_OUTPUT:
return copy_in_user(&kp->fmt.sliced, &up->fmt.sliced, return copy_in_user(&p64->fmt.sliced, &p32->fmt.sliced,
sizeof(kp->fmt.sliced)) ? -EFAULT : 0; sizeof(p64->fmt.sliced)) ? -EFAULT : 0;
case V4L2_BUF_TYPE_SDR_CAPTURE: case V4L2_BUF_TYPE_SDR_CAPTURE:
case V4L2_BUF_TYPE_SDR_OUTPUT: case V4L2_BUF_TYPE_SDR_OUTPUT:
return copy_in_user(&kp->fmt.sdr, &up->fmt.sdr, return copy_in_user(&p64->fmt.sdr, &p32->fmt.sdr,
sizeof(kp->fmt.sdr)) ? -EFAULT : 0; sizeof(p64->fmt.sdr)) ? -EFAULT : 0;
case V4L2_BUF_TYPE_META_CAPTURE: case V4L2_BUF_TYPE_META_CAPTURE:
return copy_in_user(&kp->fmt.meta, &up->fmt.meta, return copy_in_user(&p64->fmt.meta, &p32->fmt.meta,
sizeof(kp->fmt.meta)) ? -EFAULT : 0; sizeof(p64->fmt.meta)) ? -EFAULT : 0;
default: default:
return -EINVAL; return -EINVAL;
} }
} }
static int get_v4l2_format32(struct v4l2_format __user *kp, static int get_v4l2_format32(struct v4l2_format __user *p64,
struct v4l2_format32 __user *up, struct v4l2_format32 __user *p32,
void __user *aux_buf, u32 aux_space) void __user *aux_buf, u32 aux_space)
{ {
if (!access_ok(VERIFY_READ, up, sizeof(*up))) if (!access_ok(VERIFY_READ, p32, sizeof(*p32)))
return -EFAULT; return -EFAULT;
return __get_v4l2_format32(kp, up, aux_buf, aux_space); return __get_v4l2_format32(p64, p32, aux_buf, aux_space);
} }
static int bufsize_v4l2_create(struct v4l2_create_buffers32 __user *up, static int bufsize_v4l2_create(struct v4l2_create_buffers32 __user *p32,
u32 *size) u32 *size)
{ {
if (!access_ok(VERIFY_READ, up, sizeof(*up))) if (!access_ok(VERIFY_READ, p32, sizeof(*p32)))
return -EFAULT; return -EFAULT;
return __bufsize_v4l2_format(&up->format, size); return __bufsize_v4l2_format(&p32->format, size);
} }
static int get_v4l2_create32(struct v4l2_create_buffers __user *kp, static int get_v4l2_create32(struct v4l2_create_buffers __user *p64,
struct v4l2_create_buffers32 __user *up, struct v4l2_create_buffers32 __user *p32,
void __user *aux_buf, u32 aux_space) void __user *aux_buf, u32 aux_space)
{ {
if (!access_ok(VERIFY_READ, up, sizeof(*up)) || if (!access_ok(VERIFY_READ, p32, sizeof(*p32)) ||
copy_in_user(kp, up, copy_in_user(p64, p32,
offsetof(struct v4l2_create_buffers32, format))) offsetof(struct v4l2_create_buffers32, format)))
return -EFAULT; return -EFAULT;
return __get_v4l2_format32(&kp->format, &up->format, return __get_v4l2_format32(&p64->format, &p32->format,
aux_buf, aux_space); aux_buf, aux_space);
} }
static int __put_v4l2_format32(struct v4l2_format __user *kp, static int __put_v4l2_format32(struct v4l2_format __user *p64,
struct v4l2_format32 __user *up) struct v4l2_format32 __user *p32)
{ {
u32 type; u32 type;
if (get_user(type, &kp->type)) if (get_user(type, &p64->type))
return -EFAULT; return -EFAULT;
switch (type) { switch (type) {
case V4L2_BUF_TYPE_VIDEO_CAPTURE: case V4L2_BUF_TYPE_VIDEO_CAPTURE:
case V4L2_BUF_TYPE_VIDEO_OUTPUT: case V4L2_BUF_TYPE_VIDEO_OUTPUT:
return copy_in_user(&up->fmt.pix, &kp->fmt.pix, return copy_in_user(&p32->fmt.pix, &p64->fmt.pix,
sizeof(kp->fmt.pix)) ? -EFAULT : 0; sizeof(p64->fmt.pix)) ? -EFAULT : 0;
case V4L2_BUF_TYPE_VIDEO_CAPTURE_MPLANE: case V4L2_BUF_TYPE_VIDEO_CAPTURE_MPLANE:
case V4L2_BUF_TYPE_VIDEO_OUTPUT_MPLANE: case V4L2_BUF_TYPE_VIDEO_OUTPUT_MPLANE:
return copy_in_user(&up->fmt.pix_mp, &kp->fmt.pix_mp, return copy_in_user(&p32->fmt.pix_mp, &p64->fmt.pix_mp,
sizeof(kp->fmt.pix_mp)) ? -EFAULT : 0; sizeof(p64->fmt.pix_mp)) ? -EFAULT : 0;
case V4L2_BUF_TYPE_VIDEO_OVERLAY: case V4L2_BUF_TYPE_VIDEO_OVERLAY:
case V4L2_BUF_TYPE_VIDEO_OUTPUT_OVERLAY: case V4L2_BUF_TYPE_VIDEO_OUTPUT_OVERLAY:
return put_v4l2_window32(&kp->fmt.win, &up->fmt.win); return put_v4l2_window32(&p64->fmt.win, &p32->fmt.win);
case V4L2_BUF_TYPE_VBI_CAPTURE: case V4L2_BUF_TYPE_VBI_CAPTURE:
case V4L2_BUF_TYPE_VBI_OUTPUT: case V4L2_BUF_TYPE_VBI_OUTPUT:
return copy_in_user(&up->fmt.vbi, &kp->fmt.vbi, return copy_in_user(&p32->fmt.vbi, &p64->fmt.vbi,
sizeof(kp->fmt.vbi)) ? -EFAULT : 0; sizeof(p64->fmt.vbi)) ? -EFAULT : 0;
case V4L2_BUF_TYPE_SLICED_VBI_CAPTURE: case V4L2_BUF_TYPE_SLICED_VBI_CAPTURE:
case V4L2_BUF_TYPE_SLICED_VBI_OUTPUT: case V4L2_BUF_TYPE_SLICED_VBI_OUTPUT:
return copy_in_user(&up->fmt.sliced, &kp->fmt.sliced, return copy_in_user(&p32->fmt.sliced, &p64->fmt.sliced,
sizeof(kp->fmt.sliced)) ? -EFAULT : 0; sizeof(p64->fmt.sliced)) ? -EFAULT : 0;
case V4L2_BUF_TYPE_SDR_CAPTURE: case V4L2_BUF_TYPE_SDR_CAPTURE:
case V4L2_BUF_TYPE_SDR_OUTPUT: case V4L2_BUF_TYPE_SDR_OUTPUT:
return copy_in_user(&up->fmt.sdr, &kp->fmt.sdr, return copy_in_user(&p32->fmt.sdr, &p64->fmt.sdr,
sizeof(kp->fmt.sdr)) ? -EFAULT : 0; sizeof(p64->fmt.sdr)) ? -EFAULT : 0;
case V4L2_BUF_TYPE_META_CAPTURE: case V4L2_BUF_TYPE_META_CAPTURE:
return copy_in_user(&up->fmt.meta, &kp->fmt.meta, return copy_in_user(&p32->fmt.meta, &p64->fmt.meta,
sizeof(kp->fmt.meta)) ? -EFAULT : 0; sizeof(p64->fmt.meta)) ? -EFAULT : 0;
default: default:
return -EINVAL; return -EINVAL;
} }
} }
static int put_v4l2_format32(struct v4l2_format __user *kp, static int put_v4l2_format32(struct v4l2_format __user *p64,
struct v4l2_format32 __user *up) struct v4l2_format32 __user *p32)
{ {
if (!access_ok(VERIFY_WRITE, up, sizeof(*up))) if (!access_ok(VERIFY_WRITE, p32, sizeof(*p32)))
return -EFAULT; return -EFAULT;
return __put_v4l2_format32(kp, up); return __put_v4l2_format32(p64, p32);
} }
static int put_v4l2_create32(struct v4l2_create_buffers __user *kp, static int put_v4l2_create32(struct v4l2_create_buffers __user *p64,
struct v4l2_create_buffers32 __user *up) struct v4l2_create_buffers32 __user *p32)
{ {
if (!access_ok(VERIFY_WRITE, up, sizeof(*up)) || if (!access_ok(VERIFY_WRITE, p32, sizeof(*p32)) ||
copy_in_user(up, kp, copy_in_user(p32, p64,
offsetof(struct v4l2_create_buffers32, format)) || offsetof(struct v4l2_create_buffers32, format)) ||
copy_in_user(up->reserved, kp->reserved, sizeof(kp->reserved))) copy_in_user(p32->reserved, p64->reserved, sizeof(p64->reserved)))
return -EFAULT; return -EFAULT;
return __put_v4l2_format32(&kp->format, &up->format); return __put_v4l2_format32(&p64->format, &p32->format);
} }
struct v4l2_standard32 { struct v4l2_standard32 {
...@@ -332,27 +332,27 @@ struct v4l2_standard32 { ...@@ -332,27 +332,27 @@ struct v4l2_standard32 {
__u32 reserved[4]; __u32 reserved[4];
}; };
static int get_v4l2_standard32(struct v4l2_standard __user *kp, static int get_v4l2_standard32(struct v4l2_standard __user *p64,
struct v4l2_standard32 __user *up) struct v4l2_standard32 __user *p32)
{ {
/* other fields are not set by the user, nor used by the driver */ /* other fields are not set by the user, nor used by the driver */
if (!access_ok(VERIFY_READ, up, sizeof(*up)) || if (!access_ok(VERIFY_READ, p32, sizeof(*p32)) ||
assign_in_user(&kp->index, &up->index)) assign_in_user(&p64->index, &p32->index))
return -EFAULT; return -EFAULT;
return 0; return 0;
} }
static int put_v4l2_standard32(struct v4l2_standard __user *kp, static int put_v4l2_standard32(struct v4l2_standard __user *p64,
struct v4l2_standard32 __user *up) struct v4l2_standard32 __user *p32)
{ {
if (!access_ok(VERIFY_WRITE, up, sizeof(*up)) || if (!access_ok(VERIFY_WRITE, p32, sizeof(*p32)) ||
assign_in_user(&up->index, &kp->index) || assign_in_user(&p32->index, &p64->index) ||
assign_in_user(&up->id, &kp->id) || assign_in_user(&p32->id, &p64->id) ||
copy_in_user(up->name, kp->name, sizeof(up->name)) || copy_in_user(p32->name, p64->name, sizeof(p32->name)) ||
copy_in_user(&up->frameperiod, &kp->frameperiod, copy_in_user(&p32->frameperiod, &p64->frameperiod,
sizeof(up->frameperiod)) || sizeof(p32->frameperiod)) ||
assign_in_user(&up->framelines, &kp->framelines) || assign_in_user(&p32->framelines, &p64->framelines) ||
copy_in_user(up->reserved, kp->reserved, sizeof(up->reserved))) copy_in_user(p32->reserved, p64->reserved, sizeof(p32->reserved)))
return -EFAULT; return -EFAULT;
return 0; return 0;
} }
...@@ -392,31 +392,31 @@ struct v4l2_buffer32 { ...@@ -392,31 +392,31 @@ struct v4l2_buffer32 {
__u32 reserved; __u32 reserved;
}; };
static int get_v4l2_plane32(struct v4l2_plane __user *up, static int get_v4l2_plane32(struct v4l2_plane __user *p64,
struct v4l2_plane32 __user *up32, struct v4l2_plane32 __user *p32,
enum v4l2_memory memory) enum v4l2_memory memory)
{ {
compat_ulong_t p; compat_ulong_t p;
if (copy_in_user(up, up32, 2 * sizeof(__u32)) || if (copy_in_user(p64, p32, 2 * sizeof(__u32)) ||
copy_in_user(&up->data_offset, &up32->data_offset, copy_in_user(&p64->data_offset, &p32->data_offset,
sizeof(up->data_offset))) sizeof(p64->data_offset)))
return -EFAULT; return -EFAULT;
switch (memory) { switch (memory) {
case V4L2_MEMORY_MMAP: case V4L2_MEMORY_MMAP:
case V4L2_MEMORY_OVERLAY: case V4L2_MEMORY_OVERLAY:
if (copy_in_user(&up->m.mem_offset, &up32->m.mem_offset, if (copy_in_user(&p64->m.mem_offset, &p32->m.mem_offset,
sizeof(up32->m.mem_offset))) sizeof(p32->m.mem_offset)))
return -EFAULT; return -EFAULT;
break; break;
case V4L2_MEMORY_USERPTR: case V4L2_MEMORY_USERPTR:
if (get_user(p, &up32->m.userptr) || if (get_user(p, &p32->m.userptr) ||
put_user((unsigned long)compat_ptr(p), &up->m.userptr)) put_user((unsigned long)compat_ptr(p), &p64->m.userptr))
return -EFAULT; return -EFAULT;
break; break;
case V4L2_MEMORY_DMABUF: case V4L2_MEMORY_DMABUF:
if (copy_in_user(&up->m.fd, &up32->m.fd, sizeof(up32->m.fd))) if (copy_in_user(&p64->m.fd, &p32->m.fd, sizeof(p32->m.fd)))
return -EFAULT; return -EFAULT;
break; break;
} }
...@@ -424,32 +424,32 @@ static int get_v4l2_plane32(struct v4l2_plane __user *up, ...@@ -424,32 +424,32 @@ static int get_v4l2_plane32(struct v4l2_plane __user *up,
return 0; return 0;
} }
static int put_v4l2_plane32(struct v4l2_plane __user *up, static int put_v4l2_plane32(struct v4l2_plane __user *p64,
struct v4l2_plane32 __user *up32, struct v4l2_plane32 __user *p32,
enum v4l2_memory memory) enum v4l2_memory memory)
{ {
unsigned long p; unsigned long p;
if (copy_in_user(up32, up, 2 * sizeof(__u32)) || if (copy_in_user(p32, p64, 2 * sizeof(__u32)) ||
copy_in_user(&up32->data_offset, &up->data_offset, copy_in_user(&p32->data_offset, &p64->data_offset,
sizeof(up->data_offset))) sizeof(p64->data_offset)))
return -EFAULT; return -EFAULT;
switch (memory) { switch (memory) {
case V4L2_MEMORY_MMAP: case V4L2_MEMORY_MMAP:
case V4L2_MEMORY_OVERLAY: case V4L2_MEMORY_OVERLAY:
if (copy_in_user(&up32->m.mem_offset, &up->m.mem_offset, if (copy_in_user(&p32->m.mem_offset, &p64->m.mem_offset,
sizeof(up->m.mem_offset))) sizeof(p64->m.mem_offset)))
return -EFAULT; return -EFAULT;
break; break;
case V4L2_MEMORY_USERPTR: case V4L2_MEMORY_USERPTR:
if (get_user(p, &up->m.userptr) || if (get_user(p, &p64->m.userptr) ||
put_user((compat_ulong_t)ptr_to_compat((void __user *)p), put_user((compat_ulong_t)ptr_to_compat((void __user *)p),
&up32->m.userptr)) &p32->m.userptr))
return -EFAULT; return -EFAULT;
break; break;
case V4L2_MEMORY_DMABUF: case V4L2_MEMORY_DMABUF:
if (copy_in_user(&up32->m.fd, &up->m.fd, sizeof(up->m.fd))) if (copy_in_user(&p32->m.fd, &p64->m.fd, sizeof(p64->m.fd)))
return -EFAULT; return -EFAULT;
break; break;
} }
...@@ -457,14 +457,14 @@ static int put_v4l2_plane32(struct v4l2_plane __user *up, ...@@ -457,14 +457,14 @@ static int put_v4l2_plane32(struct v4l2_plane __user *up,
return 0; return 0;
} }
static int bufsize_v4l2_buffer(struct v4l2_buffer32 __user *up, u32 *size) static int bufsize_v4l2_buffer(struct v4l2_buffer32 __user *p32, u32 *size)
{ {
u32 type; u32 type;
u32 length; u32 length;
if (!access_ok(VERIFY_READ, up, sizeof(*up)) || if (!access_ok(VERIFY_READ, p32, sizeof(*p32)) ||
get_user(type, &up->type) || get_user(type, &p32->type) ||
get_user(length, &up->length)) get_user(length, &p32->length))
return -EFAULT; return -EFAULT;
if (V4L2_TYPE_IS_MULTIPLANAR(type)) { if (V4L2_TYPE_IS_MULTIPLANAR(type)) {
...@@ -482,8 +482,8 @@ static int bufsize_v4l2_buffer(struct v4l2_buffer32 __user *up, u32 *size) ...@@ -482,8 +482,8 @@ static int bufsize_v4l2_buffer(struct v4l2_buffer32 __user *up, u32 *size)
return 0; return 0;
} }
static int get_v4l2_buffer32(struct v4l2_buffer __user *kp, static int get_v4l2_buffer32(struct v4l2_buffer __user *p64,
struct v4l2_buffer32 __user *up, struct v4l2_buffer32 __user *p32,
void __user *aux_buf, u32 aux_space) void __user *aux_buf, u32 aux_space)
{ {
u32 type; u32 type;
...@@ -494,24 +494,24 @@ static int get_v4l2_buffer32(struct v4l2_buffer __user *kp, ...@@ -494,24 +494,24 @@ static int get_v4l2_buffer32(struct v4l2_buffer __user *kp,
compat_caddr_t p; compat_caddr_t p;
int ret; int ret;
if (!access_ok(VERIFY_READ, up, sizeof(*up)) || if (!access_ok(VERIFY_READ, p32, sizeof(*p32)) ||
assign_in_user(&kp->index, &up->index) || assign_in_user(&p64->index, &p32->index) ||
get_user(type, &up->type) || get_user(type, &p32->type) ||
put_user(type, &kp->type) || put_user(type, &p64->type) ||
assign_in_user(&kp->flags, &up->flags) || assign_in_user(&p64->flags, &p32->flags) ||
get_user(memory, &up->memory) || get_user(memory, &p32->memory) ||
put_user(memory, &kp->memory) || put_user(memory, &p64->memory) ||
get_user(length, &up->length) || get_user(length, &p32->length) ||
put_user(length, &kp->length)) put_user(length, &p64->length))
return -EFAULT; return -EFAULT;
if (V4L2_TYPE_IS_OUTPUT(type)) if (V4L2_TYPE_IS_OUTPUT(type))
if (assign_in_user(&kp->bytesused, &up->bytesused) || if (assign_in_user(&p64->bytesused, &p32->bytesused) ||
assign_in_user(&kp->field, &up->field) || assign_in_user(&p64->field, &p32->field) ||
assign_in_user(&kp->timestamp.tv_sec, assign_in_user(&p64->timestamp.tv_sec,
&up->timestamp.tv_sec) || &p32->timestamp.tv_sec) ||
assign_in_user(&kp->timestamp.tv_usec, assign_in_user(&p64->timestamp.tv_usec,
&up->timestamp.tv_usec)) &p32->timestamp.tv_usec))
return -EFAULT; return -EFAULT;
if (V4L2_TYPE_IS_MULTIPLANAR(type)) { if (V4L2_TYPE_IS_MULTIPLANAR(type)) {
...@@ -522,12 +522,12 @@ static int get_v4l2_buffer32(struct v4l2_buffer __user *kp, ...@@ -522,12 +522,12 @@ static int get_v4l2_buffer32(struct v4l2_buffer __user *kp,
* num_planes == 0 is legal, e.g. when userspace doesn't * num_planes == 0 is legal, e.g. when userspace doesn't
* need planes array on DQBUF * need planes array on DQBUF
*/ */
return put_user(NULL, &kp->m.planes); return put_user(NULL, &p64->m.planes);
} }
if (num_planes > VIDEO_MAX_PLANES) if (num_planes > VIDEO_MAX_PLANES)
return -EINVAL; return -EINVAL;
if (get_user(p, &up->m.planes)) if (get_user(p, &p32->m.planes))
return -EFAULT; return -EFAULT;
uplane32 = compat_ptr(p); uplane32 = compat_ptr(p);
...@@ -544,7 +544,7 @@ static int get_v4l2_buffer32(struct v4l2_buffer __user *kp, ...@@ -544,7 +544,7 @@ static int get_v4l2_buffer32(struct v4l2_buffer __user *kp,
uplane = aux_buf; uplane = aux_buf;
if (put_user((__force struct v4l2_plane *)uplane, if (put_user((__force struct v4l2_plane *)uplane,
&kp->m.planes)) &p64->m.planes))
return -EFAULT; return -EFAULT;
while (num_planes--) { while (num_planes--) {
...@@ -558,20 +558,20 @@ static int get_v4l2_buffer32(struct v4l2_buffer __user *kp, ...@@ -558,20 +558,20 @@ static int get_v4l2_buffer32(struct v4l2_buffer __user *kp,
switch (memory) { switch (memory) {
case V4L2_MEMORY_MMAP: case V4L2_MEMORY_MMAP:
case V4L2_MEMORY_OVERLAY: case V4L2_MEMORY_OVERLAY:
if (assign_in_user(&kp->m.offset, &up->m.offset)) if (assign_in_user(&p64->m.offset, &p32->m.offset))
return -EFAULT; return -EFAULT;
break; break;
case V4L2_MEMORY_USERPTR: { case V4L2_MEMORY_USERPTR: {
compat_ulong_t userptr; compat_ulong_t userptr;
if (get_user(userptr, &up->m.userptr) || if (get_user(userptr, &p32->m.userptr) ||
put_user((unsigned long)compat_ptr(userptr), put_user((unsigned long)compat_ptr(userptr),
&kp->m.userptr)) &p64->m.userptr))
return -EFAULT; return -EFAULT;
break; break;
} }
case V4L2_MEMORY_DMABUF: case V4L2_MEMORY_DMABUF:
if (assign_in_user(&kp->m.fd, &up->m.fd)) if (assign_in_user(&p64->m.fd, &p32->m.fd))
return -EFAULT; return -EFAULT;
break; break;
} }
...@@ -580,8 +580,8 @@ static int get_v4l2_buffer32(struct v4l2_buffer __user *kp, ...@@ -580,8 +580,8 @@ static int get_v4l2_buffer32(struct v4l2_buffer __user *kp,
return 0; return 0;
} }
static int put_v4l2_buffer32(struct v4l2_buffer __user *kp, static int put_v4l2_buffer32(struct v4l2_buffer __user *p64,
struct v4l2_buffer32 __user *up) struct v4l2_buffer32 __user *p32)
{ {
u32 type; u32 type;
u32 length; u32 length;
...@@ -591,25 +591,25 @@ static int put_v4l2_buffer32(struct v4l2_buffer __user *kp, ...@@ -591,25 +591,25 @@ static int put_v4l2_buffer32(struct v4l2_buffer __user *kp,
compat_caddr_t p; compat_caddr_t p;
int ret; int ret;
if (!access_ok(VERIFY_WRITE, up, sizeof(*up)) || if (!access_ok(VERIFY_WRITE, p32, sizeof(*p32)) ||
assign_in_user(&up->index, &kp->index) || assign_in_user(&p32->index, &p64->index) ||
get_user(type, &kp->type) || get_user(type, &p64->type) ||
put_user(type, &up->type) || put_user(type, &p32->type) ||
assign_in_user(&up->flags, &kp->flags) || assign_in_user(&p32->flags, &p64->flags) ||
get_user(memory, &kp->memory) || get_user(memory, &p64->memory) ||
put_user(memory, &up->memory)) put_user(memory, &p32->memory))
return -EFAULT; return -EFAULT;
if (assign_in_user(&up->bytesused, &kp->bytesused) || if (assign_in_user(&p32->bytesused, &p64->bytesused) ||
assign_in_user(&up->field, &kp->field) || assign_in_user(&p32->field, &p64->field) ||
assign_in_user(&up->timestamp.tv_sec, &kp->timestamp.tv_sec) || assign_in_user(&p32->timestamp.tv_sec, &p64->timestamp.tv_sec) ||
assign_in_user(&up->timestamp.tv_usec, &kp->timestamp.tv_usec) || assign_in_user(&p32->timestamp.tv_usec, &p64->timestamp.tv_usec) ||
copy_in_user(&up->timecode, &kp->timecode, sizeof(kp->timecode)) || copy_in_user(&p32->timecode, &p64->timecode, sizeof(p64->timecode)) ||
assign_in_user(&up->sequence, &kp->sequence) || assign_in_user(&p32->sequence, &p64->sequence) ||
assign_in_user(&up->reserved2, &kp->reserved2) || assign_in_user(&p32->reserved2, &p64->reserved2) ||
assign_in_user(&up->reserved, &kp->reserved) || assign_in_user(&p32->reserved, &p64->reserved) ||
get_user(length, &kp->length) || get_user(length, &p64->length) ||
put_user(length, &up->length)) put_user(length, &p32->length))
return -EFAULT; return -EFAULT;
if (V4L2_TYPE_IS_MULTIPLANAR(type)) { if (V4L2_TYPE_IS_MULTIPLANAR(type)) {
...@@ -625,9 +625,9 @@ static int put_v4l2_buffer32(struct v4l2_buffer __user *kp, ...@@ -625,9 +625,9 @@ static int put_v4l2_buffer32(struct v4l2_buffer __user *kp,
* smatch warnings, so instead declare it without __user * smatch warnings, so instead declare it without __user
* and cast it as a userspace pointer to put_v4l2_plane32(). * and cast it as a userspace pointer to put_v4l2_plane32().
*/ */
if (get_user(uplane, &kp->m.planes)) if (get_user(uplane, &p64->m.planes))
return -EFAULT; return -EFAULT;
if (get_user(p, &up->m.planes)) if (get_user(p, &p32->m.planes))
return -EFAULT; return -EFAULT;
uplane32 = compat_ptr(p); uplane32 = compat_ptr(p);
...@@ -643,15 +643,15 @@ static int put_v4l2_buffer32(struct v4l2_buffer __user *kp, ...@@ -643,15 +643,15 @@ static int put_v4l2_buffer32(struct v4l2_buffer __user *kp,
switch (memory) { switch (memory) {
case V4L2_MEMORY_MMAP: case V4L2_MEMORY_MMAP:
case V4L2_MEMORY_OVERLAY: case V4L2_MEMORY_OVERLAY:
if (assign_in_user(&up->m.offset, &kp->m.offset)) if (assign_in_user(&p32->m.offset, &p64->m.offset))
return -EFAULT; return -EFAULT;
break; break;
case V4L2_MEMORY_USERPTR: case V4L2_MEMORY_USERPTR:
if (assign_in_user(&up->m.userptr, &kp->m.userptr)) if (assign_in_user(&p32->m.userptr, &p64->m.userptr))
return -EFAULT; return -EFAULT;
break; break;
case V4L2_MEMORY_DMABUF: case V4L2_MEMORY_DMABUF:
if (assign_in_user(&up->m.fd, &kp->m.fd)) if (assign_in_user(&p32->m.fd, &p64->m.fd))
return -EFAULT; return -EFAULT;
break; break;
} }
...@@ -676,32 +676,32 @@ struct v4l2_framebuffer32 { ...@@ -676,32 +676,32 @@ struct v4l2_framebuffer32 {
} fmt; } fmt;
}; };
static int get_v4l2_framebuffer32(struct v4l2_framebuffer __user *kp, static int get_v4l2_framebuffer32(struct v4l2_framebuffer __user *p64,
struct v4l2_framebuffer32 __user *up) struct v4l2_framebuffer32 __user *p32)
{ {
compat_caddr_t tmp; compat_caddr_t tmp;
if (!access_ok(VERIFY_READ, up, sizeof(*up)) || if (!access_ok(VERIFY_READ, p32, sizeof(*p32)) ||
get_user(tmp, &up->base) || get_user(tmp, &p32->base) ||
put_user((void __force *)compat_ptr(tmp), &kp->base) || put_user((void __force *)compat_ptr(tmp), &p64->base) ||
assign_in_user(&kp->capability, &up->capability) || assign_in_user(&p64->capability, &p32->capability) ||
assign_in_user(&kp->flags, &up->flags) || assign_in_user(&p64->flags, &p32->flags) ||
copy_in_user(&kp->fmt, &up->fmt, sizeof(kp->fmt))) copy_in_user(&p64->fmt, &p32->fmt, sizeof(p64->fmt)))
return -EFAULT; return -EFAULT;
return 0; return 0;
} }
static int put_v4l2_framebuffer32(struct v4l2_framebuffer __user *kp, static int put_v4l2_framebuffer32(struct v4l2_framebuffer __user *p64,
struct v4l2_framebuffer32 __user *up) struct v4l2_framebuffer32 __user *p32)
{ {
void *base; void *base;
if (!access_ok(VERIFY_WRITE, up, sizeof(*up)) || if (!access_ok(VERIFY_WRITE, p32, sizeof(*p32)) ||
get_user(base, &kp->base) || get_user(base, &p64->base) ||
put_user(ptr_to_compat((void __user *)base), &up->base) || put_user(ptr_to_compat((void __user *)base), &p32->base) ||
assign_in_user(&up->capability, &kp->capability) || assign_in_user(&p32->capability, &p64->capability) ||
assign_in_user(&up->flags, &kp->flags) || assign_in_user(&p32->flags, &p64->flags) ||
copy_in_user(&up->fmt, &kp->fmt, sizeof(kp->fmt))) copy_in_user(&p32->fmt, &p64->fmt, sizeof(p64->fmt)))
return -EFAULT; return -EFAULT;
return 0; return 0;
} }
...@@ -722,18 +722,18 @@ struct v4l2_input32 { ...@@ -722,18 +722,18 @@ struct v4l2_input32 {
* The 64-bit v4l2_input struct has extra padding at the end of the struct. * The 64-bit v4l2_input struct has extra padding at the end of the struct.
* Otherwise it is identical to the 32-bit version. * Otherwise it is identical to the 32-bit version.
*/ */
static inline int get_v4l2_input32(struct v4l2_input __user *kp, static inline int get_v4l2_input32(struct v4l2_input __user *p64,
struct v4l2_input32 __user *up) struct v4l2_input32 __user *p32)
{ {
if (copy_in_user(kp, up, sizeof(*up))) if (copy_in_user(p64, p32, sizeof(*p32)))
return -EFAULT; return -EFAULT;
return 0; return 0;
} }
static inline int put_v4l2_input32(struct v4l2_input __user *kp, static inline int put_v4l2_input32(struct v4l2_input __user *p64,
struct v4l2_input32 __user *up) struct v4l2_input32 __user *p32)
{ {
if (copy_in_user(up, kp, sizeof(*up))) if (copy_in_user(p32, p64, sizeof(*p32)))
return -EFAULT; return -EFAULT;
return 0; return 0;
} }
...@@ -787,13 +787,13 @@ static inline bool ctrl_is_pointer(struct file *file, u32 id) ...@@ -787,13 +787,13 @@ static inline bool ctrl_is_pointer(struct file *file, u32 id)
(qec.flags & V4L2_CTRL_FLAG_HAS_PAYLOAD); (qec.flags & V4L2_CTRL_FLAG_HAS_PAYLOAD);
} }
static int bufsize_v4l2_ext_controls(struct v4l2_ext_controls32 __user *up, static int bufsize_v4l2_ext_controls(struct v4l2_ext_controls32 __user *p32,
u32 *size) u32 *size)
{ {
u32 count; u32 count;
if (!access_ok(VERIFY_READ, up, sizeof(*up)) || if (!access_ok(VERIFY_READ, p32, sizeof(*p32)) ||
get_user(count, &up->count)) get_user(count, &p32->count))
return -EFAULT; return -EFAULT;
if (count > V4L2_CID_MAX_CTRLS) if (count > V4L2_CID_MAX_CTRLS)
return -EINVAL; return -EINVAL;
...@@ -802,8 +802,8 @@ static int bufsize_v4l2_ext_controls(struct v4l2_ext_controls32 __user *up, ...@@ -802,8 +802,8 @@ static int bufsize_v4l2_ext_controls(struct v4l2_ext_controls32 __user *up,
} }
static int get_v4l2_ext_controls32(struct file *file, static int get_v4l2_ext_controls32(struct file *file,
struct v4l2_ext_controls __user *kp, struct v4l2_ext_controls __user *p64,
struct v4l2_ext_controls32 __user *up, struct v4l2_ext_controls32 __user *p32,
void __user *aux_buf, u32 aux_space) void __user *aux_buf, u32 aux_space)
{ {
struct v4l2_ext_control32 __user *ucontrols; struct v4l2_ext_control32 __user *ucontrols;
...@@ -812,19 +812,19 @@ static int get_v4l2_ext_controls32(struct file *file, ...@@ -812,19 +812,19 @@ static int get_v4l2_ext_controls32(struct file *file,
u32 n; u32 n;
compat_caddr_t p; compat_caddr_t p;
if (!access_ok(VERIFY_READ, up, sizeof(*up)) || if (!access_ok(VERIFY_READ, p32, sizeof(*p32)) ||
assign_in_user(&kp->which, &up->which) || assign_in_user(&p64->which, &p32->which) ||
get_user(count, &up->count) || get_user(count, &p32->count) ||
put_user(count, &kp->count) || put_user(count, &p64->count) ||
assign_in_user(&kp->error_idx, &up->error_idx) || assign_in_user(&p64->error_idx, &p32->error_idx) ||
copy_in_user(kp->reserved, up->reserved, sizeof(kp->reserved))) copy_in_user(p64->reserved, p32->reserved, sizeof(p64->reserved)))
return -EFAULT; return -EFAULT;
if (count == 0) if (count == 0)
return put_user(NULL, &kp->controls); return put_user(NULL, &p64->controls);
if (count > V4L2_CID_MAX_CTRLS) if (count > V4L2_CID_MAX_CTRLS)
return -EINVAL; return -EINVAL;
if (get_user(p, &up->controls)) if (get_user(p, &p32->controls))
return -EFAULT; return -EFAULT;
ucontrols = compat_ptr(p); ucontrols = compat_ptr(p);
if (!access_ok(VERIFY_READ, ucontrols, count * sizeof(*ucontrols))) if (!access_ok(VERIFY_READ, ucontrols, count * sizeof(*ucontrols)))
...@@ -833,7 +833,7 @@ static int get_v4l2_ext_controls32(struct file *file, ...@@ -833,7 +833,7 @@ static int get_v4l2_ext_controls32(struct file *file,
return -EFAULT; return -EFAULT;
kcontrols = aux_buf; kcontrols = aux_buf;
if (put_user((__force struct v4l2_ext_control *)kcontrols, if (put_user((__force struct v4l2_ext_control *)kcontrols,
&kp->controls)) &p64->controls))
return -EFAULT; return -EFAULT;
for (n = 0; n < count; n++) { for (n = 0; n < count; n++) {
...@@ -861,8 +861,8 @@ static int get_v4l2_ext_controls32(struct file *file, ...@@ -861,8 +861,8 @@ static int get_v4l2_ext_controls32(struct file *file,
} }
static int put_v4l2_ext_controls32(struct file *file, static int put_v4l2_ext_controls32(struct file *file,
struct v4l2_ext_controls __user *kp, struct v4l2_ext_controls __user *p64,
struct v4l2_ext_controls32 __user *up) struct v4l2_ext_controls32 __user *p32)
{ {
struct v4l2_ext_control32 __user *ucontrols; struct v4l2_ext_control32 __user *ucontrols;
struct v4l2_ext_control *kcontrols; struct v4l2_ext_control *kcontrols;
...@@ -878,18 +878,18 @@ static int put_v4l2_ext_controls32(struct file *file, ...@@ -878,18 +878,18 @@ static int put_v4l2_ext_controls32(struct file *file,
* with __user causes smatch warnings, so instead declare it * with __user causes smatch warnings, so instead declare it
* without __user and cast it as a userspace pointer where needed. * without __user and cast it as a userspace pointer where needed.
*/ */
if (!access_ok(VERIFY_WRITE, up, sizeof(*up)) || if (!access_ok(VERIFY_WRITE, p32, sizeof(*p32)) ||
assign_in_user(&up->which, &kp->which) || assign_in_user(&p32->which, &p64->which) ||
get_user(count, &kp->count) || get_user(count, &p64->count) ||
put_user(count, &up->count) || put_user(count, &p32->count) ||
assign_in_user(&up->error_idx, &kp->error_idx) || assign_in_user(&p32->error_idx, &p64->error_idx) ||
copy_in_user(up->reserved, kp->reserved, sizeof(up->reserved)) || copy_in_user(p32->reserved, p64->reserved, sizeof(p32->reserved)) ||
get_user(kcontrols, &kp->controls)) get_user(kcontrols, &p64->controls))
return -EFAULT; return -EFAULT;
if (!count || count > (U32_MAX/sizeof(*ucontrols))) if (!count || count > (U32_MAX/sizeof(*ucontrols)))
return 0; return 0;
if (get_user(p, &up->controls)) if (get_user(p, &p32->controls))
return -EFAULT; return -EFAULT;
ucontrols = compat_ptr(p); ucontrols = compat_ptr(p);
if (!access_ok(VERIFY_WRITE, ucontrols, count * sizeof(*ucontrols))) if (!access_ok(VERIFY_WRITE, ucontrols, count * sizeof(*ucontrols)))
...@@ -939,18 +939,18 @@ struct v4l2_event32 { ...@@ -939,18 +939,18 @@ struct v4l2_event32 {
__u32 reserved[8]; __u32 reserved[8];
}; };
static int put_v4l2_event32(struct v4l2_event __user *kp, static int put_v4l2_event32(struct v4l2_event __user *p64,
struct v4l2_event32 __user *up) struct v4l2_event32 __user *p32)
{ {
if (!access_ok(VERIFY_WRITE, up, sizeof(*up)) || if (!access_ok(VERIFY_WRITE, p32, sizeof(*p32)) ||
assign_in_user(&up->type, &kp->type) || assign_in_user(&p32->type, &p64->type) ||
copy_in_user(&up->u, &kp->u, sizeof(kp->u)) || copy_in_user(&p32->u, &p64->u, sizeof(p64->u)) ||
assign_in_user(&up->pending, &kp->pending) || assign_in_user(&p32->pending, &p64->pending) ||
assign_in_user(&up->sequence, &kp->sequence) || assign_in_user(&p32->sequence, &p64->sequence) ||
assign_in_user(&up->timestamp.tv_sec, &kp->timestamp.tv_sec) || assign_in_user(&p32->timestamp.tv_sec, &p64->timestamp.tv_sec) ||
assign_in_user(&up->timestamp.tv_nsec, &kp->timestamp.tv_nsec) || assign_in_user(&p32->timestamp.tv_nsec, &p64->timestamp.tv_nsec) ||
assign_in_user(&up->id, &kp->id) || assign_in_user(&p32->id, &p64->id) ||
copy_in_user(up->reserved, kp->reserved, sizeof(up->reserved))) copy_in_user(p32->reserved, p64->reserved, sizeof(p32->reserved)))
return -EFAULT; return -EFAULT;
return 0; return 0;
} }
...@@ -963,35 +963,35 @@ struct v4l2_edid32 { ...@@ -963,35 +963,35 @@ struct v4l2_edid32 {
compat_caddr_t edid; compat_caddr_t edid;
}; };
static int get_v4l2_edid32(struct v4l2_edid __user *kp, static int get_v4l2_edid32(struct v4l2_edid __user *p64,
struct v4l2_edid32 __user *up) struct v4l2_edid32 __user *p32)
{ {
compat_uptr_t tmp; compat_uptr_t tmp;
if (!access_ok(VERIFY_READ, up, sizeof(*up)) || if (!access_ok(VERIFY_READ, p32, sizeof(*p32)) ||
assign_in_user(&kp->pad, &up->pad) || assign_in_user(&p64->pad, &p32->pad) ||
assign_in_user(&kp->start_block, &up->start_block) || assign_in_user(&p64->start_block, &p32->start_block) ||
assign_in_user(&kp->blocks, assign_in_user(&p64->blocks,
(u32 __user *)&up->blocks) || (u32 __user *)&p32->blocks) ||
get_user(tmp, &up->edid) || get_user(tmp, &p32->edid) ||
put_user((void __force *)compat_ptr(tmp), &kp->edid) || put_user((void __force *)compat_ptr(tmp), &p64->edid) ||
copy_in_user(kp->reserved, up->reserved, sizeof(kp->reserved))) copy_in_user(p64->reserved, p32->reserved, sizeof(p64->reserved)))
return -EFAULT; return -EFAULT;
return 0; return 0;
} }
static int put_v4l2_edid32(struct v4l2_edid __user *kp, static int put_v4l2_edid32(struct v4l2_edid __user *p64,
struct v4l2_edid32 __user *up) struct v4l2_edid32 __user *p32)
{ {
void *edid; void *edid;
if (!access_ok(VERIFY_WRITE, up, sizeof(*up)) || if (!access_ok(VERIFY_WRITE, p32, sizeof(*p32)) ||
assign_in_user(&up->pad, &kp->pad) || assign_in_user(&p32->pad, &p64->pad) ||
assign_in_user(&up->start_block, &kp->start_block) || assign_in_user(&p32->start_block, &p64->start_block) ||
assign_in_user(&up->blocks, &kp->blocks) || assign_in_user(&p32->blocks, &p64->blocks) ||
get_user(edid, &kp->edid) || get_user(edid, &p64->edid) ||
put_user(ptr_to_compat((void __user *)edid), &up->edid) || put_user(ptr_to_compat((void __user *)edid), &p32->edid) ||
copy_in_user(up->reserved, kp->reserved, sizeof(up->reserved))) copy_in_user(p32->reserved, p64->reserved, sizeof(p32->reserved)))
return -EFAULT; return -EFAULT;
return 0; return 0;
} }
...@@ -1025,20 +1025,20 @@ static int put_v4l2_edid32(struct v4l2_edid __user *kp, ...@@ -1025,20 +1025,20 @@ static int put_v4l2_edid32(struct v4l2_edid __user *kp,
#define VIDIOC_S_OUTPUT32 _IOWR('V', 47, s32) #define VIDIOC_S_OUTPUT32 _IOWR('V', 47, s32)
static int alloc_userspace(unsigned int size, u32 aux_space, static int alloc_userspace(unsigned int size, u32 aux_space,
void __user **up_native) void __user **new_p64)
{ {
*up_native = compat_alloc_user_space(size + aux_space); *new_p64 = compat_alloc_user_space(size + aux_space);
if (!*up_native) if (!*new_p64)
return -ENOMEM; return -ENOMEM;
if (clear_user(*up_native, size)) if (clear_user(*new_p64, size))
return -EFAULT; return -EFAULT;
return 0; return 0;
} }
static long do_video_ioctl(struct file *file, unsigned int cmd, unsigned long arg) static long do_video_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
{ {
void __user *up = compat_ptr(arg); void __user *p32 = compat_ptr(arg);
void __user *up_native = NULL; void __user *new_p64 = NULL;
void __user *aux_buf; void __user *aux_buf;
u32 aux_space; u32 aux_space;
int compatible_arg = 1; int compatible_arg = 1;
...@@ -1079,50 +1079,50 @@ static long do_video_ioctl(struct file *file, unsigned int cmd, unsigned long ar ...@@ -1079,50 +1079,50 @@ static long do_video_ioctl(struct file *file, unsigned int cmd, unsigned long ar
case VIDIOC_STREAMOFF: case VIDIOC_STREAMOFF:
case VIDIOC_S_INPUT: case VIDIOC_S_INPUT:
case VIDIOC_S_OUTPUT: case VIDIOC_S_OUTPUT:
err = alloc_userspace(sizeof(unsigned int), 0, &up_native); err = alloc_userspace(sizeof(unsigned int), 0, &new_p64);
if (!err && assign_in_user((unsigned int __user *)up_native, if (!err && assign_in_user((unsigned int __user *)new_p64,
(compat_uint_t __user *)up)) (compat_uint_t __user *)p32))
err = -EFAULT; err = -EFAULT;
compatible_arg = 0; compatible_arg = 0;
break; break;
case VIDIOC_G_INPUT: case VIDIOC_G_INPUT:
case VIDIOC_G_OUTPUT: case VIDIOC_G_OUTPUT:
err = alloc_userspace(sizeof(unsigned int), 0, &up_native); err = alloc_userspace(sizeof(unsigned int), 0, &new_p64);
compatible_arg = 0; compatible_arg = 0;
break; break;
case VIDIOC_G_EDID: case VIDIOC_G_EDID:
case VIDIOC_S_EDID: case VIDIOC_S_EDID:
err = alloc_userspace(sizeof(struct v4l2_edid), 0, &up_native); err = alloc_userspace(sizeof(struct v4l2_edid), 0, &new_p64);
if (!err) if (!err)
err = get_v4l2_edid32(up_native, up); err = get_v4l2_edid32(new_p64, p32);
compatible_arg = 0; compatible_arg = 0;
break; break;
case VIDIOC_G_FMT: case VIDIOC_G_FMT:
case VIDIOC_S_FMT: case VIDIOC_S_FMT:
case VIDIOC_TRY_FMT: case VIDIOC_TRY_FMT:
err = bufsize_v4l2_format(up, &aux_space); err = bufsize_v4l2_format(p32, &aux_space);
if (!err) if (!err)
err = alloc_userspace(sizeof(struct v4l2_format), err = alloc_userspace(sizeof(struct v4l2_format),
aux_space, &up_native); aux_space, &new_p64);
if (!err) { if (!err) {
aux_buf = up_native + sizeof(struct v4l2_format); aux_buf = new_p64 + sizeof(struct v4l2_format);
err = get_v4l2_format32(up_native, up, err = get_v4l2_format32(new_p64, p32,
aux_buf, aux_space); aux_buf, aux_space);
} }
compatible_arg = 0; compatible_arg = 0;
break; break;
case VIDIOC_CREATE_BUFS: case VIDIOC_CREATE_BUFS:
err = bufsize_v4l2_create(up, &aux_space); err = bufsize_v4l2_create(p32, &aux_space);
if (!err) if (!err)
err = alloc_userspace(sizeof(struct v4l2_create_buffers), err = alloc_userspace(sizeof(struct v4l2_create_buffers),
aux_space, &up_native); aux_space, &new_p64);
if (!err) { if (!err) {
aux_buf = up_native + sizeof(struct v4l2_create_buffers); aux_buf = new_p64 + sizeof(struct v4l2_create_buffers);
err = get_v4l2_create32(up_native, up, err = get_v4l2_create32(new_p64, p32,
aux_buf, aux_space); aux_buf, aux_space);
} }
compatible_arg = 0; compatible_arg = 0;
...@@ -1132,13 +1132,13 @@ static long do_video_ioctl(struct file *file, unsigned int cmd, unsigned long ar ...@@ -1132,13 +1132,13 @@ static long do_video_ioctl(struct file *file, unsigned int cmd, unsigned long ar
case VIDIOC_QUERYBUF: case VIDIOC_QUERYBUF:
case VIDIOC_QBUF: case VIDIOC_QBUF:
case VIDIOC_DQBUF: case VIDIOC_DQBUF:
err = bufsize_v4l2_buffer(up, &aux_space); err = bufsize_v4l2_buffer(p32, &aux_space);
if (!err) if (!err)
err = alloc_userspace(sizeof(struct v4l2_buffer), err = alloc_userspace(sizeof(struct v4l2_buffer),
aux_space, &up_native); aux_space, &new_p64);
if (!err) { if (!err) {
aux_buf = up_native + sizeof(struct v4l2_buffer); aux_buf = new_p64 + sizeof(struct v4l2_buffer);
err = get_v4l2_buffer32(up_native, up, err = get_v4l2_buffer32(new_p64, p32,
aux_buf, aux_space); aux_buf, aux_space);
} }
compatible_arg = 0; compatible_arg = 0;
...@@ -1146,49 +1146,49 @@ static long do_video_ioctl(struct file *file, unsigned int cmd, unsigned long ar ...@@ -1146,49 +1146,49 @@ static long do_video_ioctl(struct file *file, unsigned int cmd, unsigned long ar
case VIDIOC_S_FBUF: case VIDIOC_S_FBUF:
err = alloc_userspace(sizeof(struct v4l2_framebuffer), 0, err = alloc_userspace(sizeof(struct v4l2_framebuffer), 0,
&up_native); &new_p64);
if (!err) if (!err)
err = get_v4l2_framebuffer32(up_native, up); err = get_v4l2_framebuffer32(new_p64, p32);
compatible_arg = 0; compatible_arg = 0;
break; break;
case VIDIOC_G_FBUF: case VIDIOC_G_FBUF:
err = alloc_userspace(sizeof(struct v4l2_framebuffer), 0, err = alloc_userspace(sizeof(struct v4l2_framebuffer), 0,
&up_native); &new_p64);
compatible_arg = 0; compatible_arg = 0;
break; break;
case VIDIOC_ENUMSTD: case VIDIOC_ENUMSTD:
err = alloc_userspace(sizeof(struct v4l2_standard), 0, err = alloc_userspace(sizeof(struct v4l2_standard), 0,
&up_native); &new_p64);
if (!err) if (!err)
err = get_v4l2_standard32(up_native, up); err = get_v4l2_standard32(new_p64, p32);
compatible_arg = 0; compatible_arg = 0;
break; break;
case VIDIOC_ENUMINPUT: case VIDIOC_ENUMINPUT:
err = alloc_userspace(sizeof(struct v4l2_input), 0, &up_native); err = alloc_userspace(sizeof(struct v4l2_input), 0, &new_p64);
if (!err) if (!err)
err = get_v4l2_input32(up_native, up); err = get_v4l2_input32(new_p64, p32);
compatible_arg = 0; compatible_arg = 0;
break; break;
case VIDIOC_G_EXT_CTRLS: case VIDIOC_G_EXT_CTRLS:
case VIDIOC_S_EXT_CTRLS: case VIDIOC_S_EXT_CTRLS:
case VIDIOC_TRY_EXT_CTRLS: case VIDIOC_TRY_EXT_CTRLS:
err = bufsize_v4l2_ext_controls(up, &aux_space); err = bufsize_v4l2_ext_controls(p32, &aux_space);
if (!err) if (!err)
err = alloc_userspace(sizeof(struct v4l2_ext_controls), err = alloc_userspace(sizeof(struct v4l2_ext_controls),
aux_space, &up_native); aux_space, &new_p64);
if (!err) { if (!err) {
aux_buf = up_native + sizeof(struct v4l2_ext_controls); aux_buf = new_p64 + sizeof(struct v4l2_ext_controls);
err = get_v4l2_ext_controls32(file, up_native, up, err = get_v4l2_ext_controls32(file, new_p64, p32,
aux_buf, aux_space); aux_buf, aux_space);
} }
compatible_arg = 0; compatible_arg = 0;
break; break;
case VIDIOC_DQEVENT: case VIDIOC_DQEVENT:
err = alloc_userspace(sizeof(struct v4l2_event), 0, &up_native); err = alloc_userspace(sizeof(struct v4l2_event), 0, &new_p64);
compatible_arg = 0; compatible_arg = 0;
break; break;
} }
...@@ -1196,9 +1196,9 @@ static long do_video_ioctl(struct file *file, unsigned int cmd, unsigned long ar ...@@ -1196,9 +1196,9 @@ static long do_video_ioctl(struct file *file, unsigned int cmd, unsigned long ar
return err; return err;
if (compatible_arg) if (compatible_arg)
err = native_ioctl(file, cmd, (unsigned long)up); err = native_ioctl(file, cmd, (unsigned long)p32);
else else
err = native_ioctl(file, cmd, (unsigned long)up_native); err = native_ioctl(file, cmd, (unsigned long)new_p64);
if (err == -ENOTTY) if (err == -ENOTTY)
return err; return err;
...@@ -1212,11 +1212,11 @@ static long do_video_ioctl(struct file *file, unsigned int cmd, unsigned long ar ...@@ -1212,11 +1212,11 @@ static long do_video_ioctl(struct file *file, unsigned int cmd, unsigned long ar
case VIDIOC_G_EXT_CTRLS: case VIDIOC_G_EXT_CTRLS:
case VIDIOC_S_EXT_CTRLS: case VIDIOC_S_EXT_CTRLS:
case VIDIOC_TRY_EXT_CTRLS: case VIDIOC_TRY_EXT_CTRLS:
if (put_v4l2_ext_controls32(file, up_native, up)) if (put_v4l2_ext_controls32(file, new_p64, p32))
err = -EFAULT; err = -EFAULT;
break; break;
case VIDIOC_S_EDID: case VIDIOC_S_EDID:
if (put_v4l2_edid32(up_native, up)) if (put_v4l2_edid32(new_p64, p32))
err = -EFAULT; err = -EFAULT;
break; break;
} }
...@@ -1228,46 +1228,46 @@ static long do_video_ioctl(struct file *file, unsigned int cmd, unsigned long ar ...@@ -1228,46 +1228,46 @@ static long do_video_ioctl(struct file *file, unsigned int cmd, unsigned long ar
case VIDIOC_S_OUTPUT: case VIDIOC_S_OUTPUT:
case VIDIOC_G_INPUT: case VIDIOC_G_INPUT:
case VIDIOC_G_OUTPUT: case VIDIOC_G_OUTPUT:
if (assign_in_user((compat_uint_t __user *)up, if (assign_in_user((compat_uint_t __user *)p32,
((unsigned int __user *)up_native))) ((unsigned int __user *)new_p64)))
err = -EFAULT; err = -EFAULT;
break; break;
case VIDIOC_G_FBUF: case VIDIOC_G_FBUF:
err = put_v4l2_framebuffer32(up_native, up); err = put_v4l2_framebuffer32(new_p64, p32);
break; break;
case VIDIOC_DQEVENT: case VIDIOC_DQEVENT:
err = put_v4l2_event32(up_native, up); err = put_v4l2_event32(new_p64, p32);
break; break;
case VIDIOC_G_EDID: case VIDIOC_G_EDID:
err = put_v4l2_edid32(up_native, up); err = put_v4l2_edid32(new_p64, p32);
break; break;
case VIDIOC_G_FMT: case VIDIOC_G_FMT:
case VIDIOC_S_FMT: case VIDIOC_S_FMT:
case VIDIOC_TRY_FMT: case VIDIOC_TRY_FMT:
err = put_v4l2_format32(up_native, up); err = put_v4l2_format32(new_p64, p32);
break; break;
case VIDIOC_CREATE_BUFS: case VIDIOC_CREATE_BUFS:
err = put_v4l2_create32(up_native, up); err = put_v4l2_create32(new_p64, p32);
break; break;
case VIDIOC_PREPARE_BUF: case VIDIOC_PREPARE_BUF:
case VIDIOC_QUERYBUF: case VIDIOC_QUERYBUF:
case VIDIOC_QBUF: case VIDIOC_QBUF:
case VIDIOC_DQBUF: case VIDIOC_DQBUF:
err = put_v4l2_buffer32(up_native, up); err = put_v4l2_buffer32(new_p64, p32);
break; break;
case VIDIOC_ENUMSTD: case VIDIOC_ENUMSTD:
err = put_v4l2_standard32(up_native, up); err = put_v4l2_standard32(new_p64, p32);
break; break;
case VIDIOC_ENUMINPUT: case VIDIOC_ENUMINPUT:
err = put_v4l2_input32(up_native, up); err = put_v4l2_input32(new_p64, p32);
break; break;
} }
return err; return err;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment