The atomisp code needs USERPTR pointers to be page aligned, otherwise bad things (scribbling over other parts of the process' RAM) happen. Add a check to ensure this and exit VIDIOC_QBUF calls with unaligned pointers with -EINVAL. Signed-off-by: Hans de Goede <hdegoede@xxxxxxxxxx> --- Changes in v2: - Use offset_in_page() --- drivers/staging/media/atomisp/pci/atomisp_ioctl.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/drivers/staging/media/atomisp/pci/atomisp_ioctl.c b/drivers/staging/media/atomisp/pci/atomisp_ioctl.c index 7ecee39ef5a4..d0b5dacbb20a 100644 --- a/drivers/staging/media/atomisp/pci/atomisp_ioctl.c +++ b/drivers/staging/media/atomisp/pci/atomisp_ioctl.c @@ -1345,6 +1345,12 @@ static int atomisp_qbuf(struct file *file, void *fh, struct v4l2_buffer *buf) * address and reprograme out page table properly */ if (buf->memory == V4L2_MEMORY_USERPTR) { + if (offset_in_page(buf->m.userptr)) { + dev_err(isp->dev, "Error userptr is not page aligned.\n"); + ret = -EINVAL; + goto error; + } + vb = pipe->capq.bufs[buf->index]; vm_mem = vb->priv; if (!vm_mem) { -- 2.36.1