RE: 0001-media-vb2-Fill-vb2_buffer-with-bytesused-from-user.patch; kernel version 3.10.69

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello Jeremiah,

Please find the patch  "inline"

commit 3390900680e5182998916c8fa231bc79cd84046b
Author: Sudip Jain <sudip.jain@xxxxxx>
Date:   Thu Feb 26 10:40:34 2015 +0530

    media: vb2: Fill vb2_buffer with bytesused from user
    
    In vb2_qbuf for dmabuf memory type, userside bytesused is not read to
    vb2 buffer. This leads garbage value being copied from __qbuf_dmabuf()
    back to user in __fill_v4l2_buffer().
    
    As a default case, the vb2 framework must trust the userside value,
    and also allow driver's buffer prepare function prefer modify/update
    or not to.
    
    Applied on kernel version 3.10.69
    
    Change-Id: Ieda389403898935f59c2e2994106f3e5238cfefd
    Signed-off-by: Sudip Jain <sudip.jain@xxxxxx>

diff --git a/drivers/media/v4l2-core/videobuf2-core.c b/drivers/media/v4l2-core/videobuf2-core.c
index 5e47ba4..54fe9c9 100644
--- a/drivers/media/v4l2-core/videobuf2-core.c
+++ b/drivers/media/v4l2-core/videobuf2-core.c
@@ -919,6 +919,8 @@ static void __fill_vb2_buffer(struct vb2_buffer *vb, const struct v4l2_buffer *b
                                        b->m.planes[plane].m.fd;
                                v4l2_planes[plane].length =
                                        b->m.planes[plane].length;
+                               v4l2_planes[plane].bytesused =
+                                       b->m.planes[plane].bytesused;
                                v4l2_planes[plane].data_offset =
                                        b->m.planes[plane].data_offset;
                        }
@@ -943,6 +945,7 @@ static void __fill_vb2_buffer(struct vb2_buffer *vb, const struct v4l2_buffer *b
                if (b->memory == V4L2_MEMORY_DMABUF) {
                        v4l2_planes[0].m.fd = b->m.fd;
                        v4l2_planes[0].length = b->length;
+                       v4l2_planes[0].bytesused = b->bytesused;
                        v4l2_planes[0].data_offset = 0;
                }

Thanks,
Sudip
________________________________________
From: Jeremiah Mahler [jmmahler@xxxxxxxxx]
Sent: Wednesday, February 25, 2015 11:53 PM
To: Sudip JAIN
Cc: linux-media@xxxxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx
Subject: Re: 0001-media-vb2-Fill-vb2_buffer-with-bytesused-from-user.patch

Sudip,

On Wed, Feb 25, 2015 at 03:29:22PM +0800, Sudip JAIN wrote:
> Dear Maintainer,
>
> PFA attached patch that prevents user from being returned garbage bytesused value from vb2 framework.
>
> Regards,
> Sudip Jain
>

Patches should never be submitted as attachments, they should be inline.

See Documentation/SubmittingPatches for more info.

[...]

--
- Jeremiah Mahler
--
To unsubscribe from this list: send the line "unsubscribe linux-media" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Input]     [Video for Linux]     [Gstreamer Embedded]     [Mplayer Users]     [Linux USB Devel]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Yosemite Backpacking]
  Powered by Linux