This comment describes a security problem which was fixed in commit 1c954540c0eb ("staging: vchiq: avoid mixing kernel and user pointers"). The bug is fixed now so the FIXME can be removed. Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx> --- .../staging/vc04_services/interface/vchiq_arm/vchiq_arm.c | 7 ------- 1 file changed, 7 deletions(-) diff --git a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c index f500a7043805..54770a9b4735 100644 --- a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c +++ b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c @@ -999,13 +999,6 @@ static int vchiq_irq_queue_bulk_tx_rx(struct vchiq_instance *instance, userdata = &waiter->bulk_waiter; } - /* - * FIXME address space mismatch: - * args->data may be interpreted as a kernel pointer - * in create_pagelist() called from vchiq_bulk_transfer(), - * accessing kernel data instead of user space, based on the - * address. - */ status = vchiq_bulk_transfer(args->handle, NULL, args->data, args->size, userdata, args->mode, dir); -- 2.29.2