media/v4l2-core: untag user pointers in videobuf_dma_contig_user_get

This patch is a part of a series that extends kernel ABI to allow to pass
tagged user pointers (with the top byte set to something else other than
0x00) as syscall arguments.

videobuf_dma_contig_user_get() uses provided user pointers for vma
lookups, which can only by done with untagged pointers.

Untag the pointers in this function.

Link: http://lkml.kernel.org/r/100436d5f8e4349a78f27b0bbb27e4801fcb946b.1563904656.git.andreyknvl@google.com
Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
Reviewed-by: Khalid Aziz <khalid.aziz@oracle.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Acked-by: Mauro Carvalho Chehab <mchehab+samsung@kernel.org>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: Eric Auger <eric.auger@redhat.com>
Cc: Felix Kuehling <Felix.Kuehling@amd.com>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Cc: Mike Rapoport <rppt@linux.ibm.com>
Cc: Vincenzo Frascino <vincenzo.frascino@arm.com>
Cc: Will Deacon <will@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
Andrey Konovalov 2019-09-25 16:48:54 -07:00 committed by Linus Torvalds
parent 4fdfae8d8f
commit e275faf367

View File

@ -157,6 +157,7 @@ static void videobuf_dma_contig_user_put(struct videobuf_dma_contig_memory *mem)
static int videobuf_dma_contig_user_get(struct videobuf_dma_contig_memory *mem, static int videobuf_dma_contig_user_get(struct videobuf_dma_contig_memory *mem,
struct videobuf_buffer *vb) struct videobuf_buffer *vb)
{ {
unsigned long untagged_baddr = untagged_addr(vb->baddr);
struct mm_struct *mm = current->mm; struct mm_struct *mm = current->mm;
struct vm_area_struct *vma; struct vm_area_struct *vma;
unsigned long prev_pfn, this_pfn; unsigned long prev_pfn, this_pfn;
@ -164,22 +165,22 @@ static int videobuf_dma_contig_user_get(struct videobuf_dma_contig_memory *mem,
unsigned int offset; unsigned int offset;
int ret; int ret;
offset = vb->baddr & ~PAGE_MASK; offset = untagged_baddr & ~PAGE_MASK;
mem->size = PAGE_ALIGN(vb->size + offset); mem->size = PAGE_ALIGN(vb->size + offset);
ret = -EINVAL; ret = -EINVAL;
down_read(&mm->mmap_sem); down_read(&mm->mmap_sem);
vma = find_vma(mm, vb->baddr); vma = find_vma(mm, untagged_baddr);
if (!vma) if (!vma)
goto out_up; goto out_up;
if ((vb->baddr + mem->size) > vma->vm_end) if ((untagged_baddr + mem->size) > vma->vm_end)
goto out_up; goto out_up;
pages_done = 0; pages_done = 0;
prev_pfn = 0; /* kill warning */ prev_pfn = 0; /* kill warning */
user_address = vb->baddr; user_address = untagged_baddr;
while (pages_done < (mem->size >> PAGE_SHIFT)) { while (pages_done < (mem->size >> PAGE_SHIFT)) {
ret = follow_pfn(vma, user_address, &this_pfn); ret = follow_pfn(vma, user_address, &this_pfn);