From: Rob Clark <robdclark@xxxxxxxxxxxx>
The UABI was already defined for pointer to 64b value, and all the
userspace users of this ioctl that I could find are already using a
uint64_t (but zeroing it out to work around kernel only copying 32b).
Unfortunately this ioctl doesn't have a length field, so out of paranoia
I restricted the change to copy 64b to the single 64b param that can be
queried.
Fixes: 78aa20fa4381 ("drm/virtio: implement context init: advertise feature to userspace")
Signed-off-by: Rob Clark <robdclark@xxxxxxxxxxxx>
---
drivers/gpu/drm/virtio/virtgpu_ioctl.c | 16 ++++++++++++----
1 file changed, 12 insertions(+), 4 deletions(-)
diff --git a/drivers/gpu/drm/virtio/virtgpu_ioctl.c b/drivers/gpu/drm/virtio/virtgpu_ioctl.c
index 0f2f3f54dbf9..0158d27d5645 100644
--- a/drivers/gpu/drm/virtio/virtgpu_ioctl.c
+++ b/drivers/gpu/drm/virtio/virtgpu_ioctl.c
@@ -269,7 +269,8 @@ static int virtio_gpu_getparam_ioctl(struct drm_device *dev, void *data,
{
struct virtio_gpu_device *vgdev = dev->dev_private;
struct drm_virtgpu_getparam *param = data;
- int value;
+ int value, ret, sz = sizeof(int);
+ uint64_t value64;
switch (param->param) {
case VIRTGPU_PARAM_3D_FEATURES:
@@ -291,13 +292,20 @@ static int virtio_gpu_getparam_ioctl(struct drm_device *dev, void *data,
value = vgdev->has_context_init ? 1 : 0;
break;
case VIRTGPU_PARAM_SUPPORTED_CAPSET_IDs:
- value = vgdev->capset_id_mask;
+ value64 = vgdev->capset_id_mask;
+ sz = sizeof(value64);
break;
default:
return -EINVAL;
}
- if (copy_to_user(u64_to_user_ptr(param->value), &value, sizeof(int)))
- return -EFAULT;
+
+ if (sz == sizeof(int)) {
+ if (copy_to_user(u64_to_user_ptr(param->value), &value, sz))
+ return -EFAULT;
+ } else {
+ if (copy_to_user(u64_to_user_ptr(param->value), &value64, sz))
+ return -EFAULT;
+ }
return 0;
}
--
2.34.1
