LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
* [PATCH] media: media-device: fix ioctl function types
@ 2018-04-27 19:54 Sami Tolvanen
  2018-04-30 22:41 ` Kees Cook
  2018-05-07 10:45 ` Sakari Ailus
  0 siblings, 2 replies; 7+ messages in thread
From: Sami Tolvanen @ 2018-04-27 19:54 UTC (permalink / raw)
  To: Mauro Carvalho Chehab; +Cc: Kees Cook, linux-media, linux-kernel, Sami Tolvanen

This change fixes function types for media device ioctls to avoid
indirect call mismatches with Control-Flow Integrity checking.

Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
---
 drivers/media/media-device.c | 21 +++++++++++----------
 1 file changed, 11 insertions(+), 10 deletions(-)

diff --git a/drivers/media/media-device.c b/drivers/media/media-device.c
index 35e81f7c0d2f..bc5c024906e6 100644
--- a/drivers/media/media-device.c
+++ b/drivers/media/media-device.c
@@ -54,9 +54,10 @@ static int media_device_close(struct file *filp)
 	return 0;
 }
 
-static int media_device_get_info(struct media_device *dev,
-				 struct media_device_info *info)
+static long media_device_get_info(struct media_device *dev, void *arg)
 {
+	struct media_device_info *info = (struct media_device_info *)arg;
+
 	memset(info, 0, sizeof(*info));
 
 	if (dev->driver_name[0])
@@ -93,9 +94,9 @@ static struct media_entity *find_entity(struct media_device *mdev, u32 id)
 	return NULL;
 }
 
-static long media_device_enum_entities(struct media_device *mdev,
-				       struct media_entity_desc *entd)
+static long media_device_enum_entities(struct media_device *mdev, void *arg)
 {
+	struct media_entity_desc *entd = (struct media_entity_desc *)arg;
 	struct media_entity *ent;
 
 	ent = find_entity(mdev, entd->id);
@@ -146,9 +147,9 @@ static void media_device_kpad_to_upad(const struct media_pad *kpad,
 	upad->flags = kpad->flags;
 }
 
-static long media_device_enum_links(struct media_device *mdev,
-				    struct media_links_enum *links)
+static long media_device_enum_links(struct media_device *mdev, void *arg)
 {
+	struct media_links_enum *links = (struct media_links_enum *)arg;
 	struct media_entity *entity;
 
 	entity = find_entity(mdev, links->entity);
@@ -195,9 +196,9 @@ static long media_device_enum_links(struct media_device *mdev,
 	return 0;
 }
 
-static long media_device_setup_link(struct media_device *mdev,
-				    struct media_link_desc *linkd)
+static long media_device_setup_link(struct media_device *mdev, void *arg)
 {
+	struct media_link_desc *linkd = (struct media_link_desc *)arg;
 	struct media_link *link = NULL;
 	struct media_entity *source;
 	struct media_entity *sink;
@@ -225,9 +226,9 @@ static long media_device_setup_link(struct media_device *mdev,
 	return __media_entity_setup_link(link, linkd->flags);
 }
 
-static long media_device_get_topology(struct media_device *mdev,
-				      struct media_v2_topology *topo)
+static long media_device_get_topology(struct media_device *mdev, void *arg)
 {
+	struct media_v2_topology *topo = (struct media_v2_topology *)arg;
 	struct media_entity *entity;
 	struct media_interface *intf;
 	struct media_pad *pad;
-- 
2.17.0.441.gb46fe60e1d-goog

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] media: media-device: fix ioctl function types
  2018-04-27 19:54 [PATCH] media: media-device: fix ioctl function types Sami Tolvanen
@ 2018-04-30 22:41 ` Kees Cook
  2018-05-07 10:45 ` Sakari Ailus
  1 sibling, 0 replies; 7+ messages in thread
From: Kees Cook @ 2018-04-30 22:41 UTC (permalink / raw)
  To: Sami Tolvanen; +Cc: Mauro Carvalho Chehab, linux-media, LKML

On Fri, Apr 27, 2018 at 12:54 PM, Sami Tolvanen <samitolvanen@google.com> wrote:
> This change fixes function types for media device ioctls to avoid
> indirect call mismatches with Control-Flow Integrity checking.
>
> Signed-off-by: Sami Tolvanen <samitolvanen@google.com>

Thanks for sending these!

Reviewed-by: Kees Cook <keescook@chromium.org>

-Kees

> ---
>  drivers/media/media-device.c | 21 +++++++++++----------
>  1 file changed, 11 insertions(+), 10 deletions(-)
>
> diff --git a/drivers/media/media-device.c b/drivers/media/media-device.c
> index 35e81f7c0d2f..bc5c024906e6 100644
> --- a/drivers/media/media-device.c
> +++ b/drivers/media/media-device.c
> @@ -54,9 +54,10 @@ static int media_device_close(struct file *filp)
>         return 0;
>  }
>
> -static int media_device_get_info(struct media_device *dev,
> -                                struct media_device_info *info)
> +static long media_device_get_info(struct media_device *dev, void *arg)
>  {
> +       struct media_device_info *info = (struct media_device_info *)arg;
> +
>         memset(info, 0, sizeof(*info));
>
>         if (dev->driver_name[0])
> @@ -93,9 +94,9 @@ static struct media_entity *find_entity(struct media_device *mdev, u32 id)
>         return NULL;
>  }
>
> -static long media_device_enum_entities(struct media_device *mdev,
> -                                      struct media_entity_desc *entd)
> +static long media_device_enum_entities(struct media_device *mdev, void *arg)
>  {
> +       struct media_entity_desc *entd = (struct media_entity_desc *)arg;
>         struct media_entity *ent;
>
>         ent = find_entity(mdev, entd->id);
> @@ -146,9 +147,9 @@ static void media_device_kpad_to_upad(const struct media_pad *kpad,
>         upad->flags = kpad->flags;
>  }
>
> -static long media_device_enum_links(struct media_device *mdev,
> -                                   struct media_links_enum *links)
> +static long media_device_enum_links(struct media_device *mdev, void *arg)
>  {
> +       struct media_links_enum *links = (struct media_links_enum *)arg;
>         struct media_entity *entity;
>
>         entity = find_entity(mdev, links->entity);
> @@ -195,9 +196,9 @@ static long media_device_enum_links(struct media_device *mdev,
>         return 0;
>  }
>
> -static long media_device_setup_link(struct media_device *mdev,
> -                                   struct media_link_desc *linkd)
> +static long media_device_setup_link(struct media_device *mdev, void *arg)
>  {
> +       struct media_link_desc *linkd = (struct media_link_desc *)arg;
>         struct media_link *link = NULL;
>         struct media_entity *source;
>         struct media_entity *sink;
> @@ -225,9 +226,9 @@ static long media_device_setup_link(struct media_device *mdev,
>         return __media_entity_setup_link(link, linkd->flags);
>  }
>
> -static long media_device_get_topology(struct media_device *mdev,
> -                                     struct media_v2_topology *topo)
> +static long media_device_get_topology(struct media_device *mdev, void *arg)
>  {
> +       struct media_v2_topology *topo = (struct media_v2_topology *)arg;
>         struct media_entity *entity;
>         struct media_interface *intf;
>         struct media_pad *pad;
> --
> 2.17.0.441.gb46fe60e1d-goog
>



-- 
Kees Cook
Pixel Security

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] media: media-device: fix ioctl function types
  2018-04-27 19:54 [PATCH] media: media-device: fix ioctl function types Sami Tolvanen
  2018-04-30 22:41 ` Kees Cook
@ 2018-05-07 10:45 ` Sakari Ailus
  2018-05-07 18:09   ` [PATCH v2] " Sami Tolvanen
  1 sibling, 1 reply; 7+ messages in thread
From: Sakari Ailus @ 2018-05-07 10:45 UTC (permalink / raw)
  To: Sami Tolvanen; +Cc: Mauro Carvalho Chehab, Kees Cook, linux-media, linux-kernel

Moi,

On Fri, Apr 27, 2018 at 12:54:30PM -0700, Sami Tolvanen wrote:
> This change fixes function types for media device ioctls to avoid
> indirect call mismatches with Control-Flow Integrity checking.
> 
> Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
> ---
>  drivers/media/media-device.c | 21 +++++++++++----------
>  1 file changed, 11 insertions(+), 10 deletions(-)
> 
> diff --git a/drivers/media/media-device.c b/drivers/media/media-device.c
> index 35e81f7c0d2f..bc5c024906e6 100644
> --- a/drivers/media/media-device.c
> +++ b/drivers/media/media-device.c
> @@ -54,9 +54,10 @@ static int media_device_close(struct file *filp)
>  	return 0;
>  }
>  
> -static int media_device_get_info(struct media_device *dev,
> -				 struct media_device_info *info)
> +static long media_device_get_info(struct media_device *dev, void *arg)
>  {
> +	struct media_device_info *info = (struct media_device_info *)arg;

How about removing the cast? It's not really needed.

Same below.

> +
>  	memset(info, 0, sizeof(*info));
>  
>  	if (dev->driver_name[0])
> @@ -93,9 +94,9 @@ static struct media_entity *find_entity(struct media_device *mdev, u32 id)
>  	return NULL;
>  }
>  
> -static long media_device_enum_entities(struct media_device *mdev,
> -				       struct media_entity_desc *entd)
> +static long media_device_enum_entities(struct media_device *mdev, void *arg)
>  {
> +	struct media_entity_desc *entd = (struct media_entity_desc *)arg;
>  	struct media_entity *ent;
>  
>  	ent = find_entity(mdev, entd->id);
> @@ -146,9 +147,9 @@ static void media_device_kpad_to_upad(const struct media_pad *kpad,
>  	upad->flags = kpad->flags;
>  }
>  
> -static long media_device_enum_links(struct media_device *mdev,
> -				    struct media_links_enum *links)
> +static long media_device_enum_links(struct media_device *mdev, void *arg)
>  {
> +	struct media_links_enum *links = (struct media_links_enum *)arg;
>  	struct media_entity *entity;
>  
>  	entity = find_entity(mdev, links->entity);
> @@ -195,9 +196,9 @@ static long media_device_enum_links(struct media_device *mdev,
>  	return 0;
>  }
>  
> -static long media_device_setup_link(struct media_device *mdev,
> -				    struct media_link_desc *linkd)
> +static long media_device_setup_link(struct media_device *mdev, void *arg)
>  {
> +	struct media_link_desc *linkd = (struct media_link_desc *)arg;
>  	struct media_link *link = NULL;
>  	struct media_entity *source;
>  	struct media_entity *sink;
> @@ -225,9 +226,9 @@ static long media_device_setup_link(struct media_device *mdev,
>  	return __media_entity_setup_link(link, linkd->flags);
>  }
>  
> -static long media_device_get_topology(struct media_device *mdev,
> -				      struct media_v2_topology *topo)
> +static long media_device_get_topology(struct media_device *mdev, void *arg)
>  {
> +	struct media_v2_topology *topo = (struct media_v2_topology *)arg;
>  	struct media_entity *entity;
>  	struct media_interface *intf;
>  	struct media_pad *pad;

-- 
Sakari Ailus
e-mail: sakari.ailus@iki.fi

^ permalink raw reply	[flat|nested] 7+ messages in thread

* [PATCH v2] media: media-device: fix ioctl function types
  2018-05-07 10:45 ` Sakari Ailus
@ 2018-05-07 18:09   ` Sami Tolvanen
  2018-05-07 21:45     ` Sakari Ailus
  2018-05-08  8:08     ` Hans Verkuil
  0 siblings, 2 replies; 7+ messages in thread
From: Sami Tolvanen @ 2018-05-07 18:09 UTC (permalink / raw)
  To: Sakari Ailus
  Cc: Mauro Carvalho Chehab, Kees Cook, linux-media, linux-kernel,
	Sami Tolvanen

This change fixes function types for media device ioctls to avoid
indirect call mismatches with Control-Flow Integrity checking.

Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
---
 drivers/media/media-device.c | 21 +++++++++++----------
 1 file changed, 11 insertions(+), 10 deletions(-)

diff --git a/drivers/media/media-device.c b/drivers/media/media-device.c
index 35e81f7c0d2f1..ae59c31775557 100644
--- a/drivers/media/media-device.c
+++ b/drivers/media/media-device.c
@@ -54,9 +54,10 @@ static int media_device_close(struct file *filp)
 	return 0;
 }
 
-static int media_device_get_info(struct media_device *dev,
-				 struct media_device_info *info)
+static long media_device_get_info(struct media_device *dev, void *arg)
 {
+	struct media_device_info *info = arg;
+
 	memset(info, 0, sizeof(*info));
 
 	if (dev->driver_name[0])
@@ -93,9 +94,9 @@ static struct media_entity *find_entity(struct media_device *mdev, u32 id)
 	return NULL;
 }
 
-static long media_device_enum_entities(struct media_device *mdev,
-				       struct media_entity_desc *entd)
+static long media_device_enum_entities(struct media_device *mdev, void *arg)
 {
+	struct media_entity_desc *entd = arg;
 	struct media_entity *ent;
 
 	ent = find_entity(mdev, entd->id);
@@ -146,9 +147,9 @@ static void media_device_kpad_to_upad(const struct media_pad *kpad,
 	upad->flags = kpad->flags;
 }
 
-static long media_device_enum_links(struct media_device *mdev,
-				    struct media_links_enum *links)
+static long media_device_enum_links(struct media_device *mdev, void *arg)
 {
+	struct media_links_enum *links = arg;
 	struct media_entity *entity;
 
 	entity = find_entity(mdev, links->entity);
@@ -195,9 +196,9 @@ static long media_device_enum_links(struct media_device *mdev,
 	return 0;
 }
 
-static long media_device_setup_link(struct media_device *mdev,
-				    struct media_link_desc *linkd)
+static long media_device_setup_link(struct media_device *mdev, void *arg)
 {
+	struct media_link_desc *linkd = arg;
 	struct media_link *link = NULL;
 	struct media_entity *source;
 	struct media_entity *sink;
@@ -225,9 +226,9 @@ static long media_device_setup_link(struct media_device *mdev,
 	return __media_entity_setup_link(link, linkd->flags);
 }
 
-static long media_device_get_topology(struct media_device *mdev,
-				      struct media_v2_topology *topo)
+static long media_device_get_topology(struct media_device *mdev, void *arg)
 {
+	struct media_v2_topology *topo = arg;
 	struct media_entity *entity;
 	struct media_interface *intf;
 	struct media_pad *pad;
-- 
2.17.0.441.gb46fe60e1d-goog

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH v2] media: media-device: fix ioctl function types
  2018-05-07 18:09   ` [PATCH v2] " Sami Tolvanen
@ 2018-05-07 21:45     ` Sakari Ailus
  2018-05-08  8:08     ` Hans Verkuil
  1 sibling, 0 replies; 7+ messages in thread
From: Sakari Ailus @ 2018-05-07 21:45 UTC (permalink / raw)
  To: Sami Tolvanen; +Cc: Mauro Carvalho Chehab, Kees Cook, linux-media, linux-kernel

On Mon, May 07, 2018 at 11:09:46AM -0700, Sami Tolvanen wrote:
> This change fixes function types for media device ioctls to avoid
> indirect call mismatches with Control-Flow Integrity checking.
> 
> Signed-off-by: Sami Tolvanen <samitolvanen@google.com>

Kiitos!

Acked-by: Sakari Ailus <sakari.ailus@linux.intel.com>

-- 
Sakari Ailus
e-mail: sakari.ailus@iki.fi

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH v2] media: media-device: fix ioctl function types
  2018-05-07 18:09   ` [PATCH v2] " Sami Tolvanen
  2018-05-07 21:45     ` Sakari Ailus
@ 2018-05-08  8:08     ` Hans Verkuil
  2018-05-08  9:16       ` Sakari Ailus
  1 sibling, 1 reply; 7+ messages in thread
From: Hans Verkuil @ 2018-05-08  8:08 UTC (permalink / raw)
  To: Sami Tolvanen, Sakari Ailus
  Cc: Mauro Carvalho Chehab, Kees Cook, linux-media, linux-kernel

Hi Sami,

This is unchanged from the previous version, right? I've already added that to a
pull request.

If this v2 has changes, then let me know asap.

Regards,

	Hans

On 05/07/2018 08:09 PM, Sami Tolvanen wrote:
> This change fixes function types for media device ioctls to avoid
> indirect call mismatches with Control-Flow Integrity checking.
> 
> Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
> ---
>  drivers/media/media-device.c | 21 +++++++++++----------
>  1 file changed, 11 insertions(+), 10 deletions(-)
> 
> diff --git a/drivers/media/media-device.c b/drivers/media/media-device.c
> index 35e81f7c0d2f1..ae59c31775557 100644
> --- a/drivers/media/media-device.c
> +++ b/drivers/media/media-device.c
> @@ -54,9 +54,10 @@ static int media_device_close(struct file *filp)
>  	return 0;
>  }
>  
> -static int media_device_get_info(struct media_device *dev,
> -				 struct media_device_info *info)
> +static long media_device_get_info(struct media_device *dev, void *arg)
>  {
> +	struct media_device_info *info = arg;
> +
>  	memset(info, 0, sizeof(*info));
>  
>  	if (dev->driver_name[0])
> @@ -93,9 +94,9 @@ static struct media_entity *find_entity(struct media_device *mdev, u32 id)
>  	return NULL;
>  }
>  
> -static long media_device_enum_entities(struct media_device *mdev,
> -				       struct media_entity_desc *entd)
> +static long media_device_enum_entities(struct media_device *mdev, void *arg)
>  {
> +	struct media_entity_desc *entd = arg;
>  	struct media_entity *ent;
>  
>  	ent = find_entity(mdev, entd->id);
> @@ -146,9 +147,9 @@ static void media_device_kpad_to_upad(const struct media_pad *kpad,
>  	upad->flags = kpad->flags;
>  }
>  
> -static long media_device_enum_links(struct media_device *mdev,
> -				    struct media_links_enum *links)
> +static long media_device_enum_links(struct media_device *mdev, void *arg)
>  {
> +	struct media_links_enum *links = arg;
>  	struct media_entity *entity;
>  
>  	entity = find_entity(mdev, links->entity);
> @@ -195,9 +196,9 @@ static long media_device_enum_links(struct media_device *mdev,
>  	return 0;
>  }
>  
> -static long media_device_setup_link(struct media_device *mdev,
> -				    struct media_link_desc *linkd)
> +static long media_device_setup_link(struct media_device *mdev, void *arg)
>  {
> +	struct media_link_desc *linkd = arg;
>  	struct media_link *link = NULL;
>  	struct media_entity *source;
>  	struct media_entity *sink;
> @@ -225,9 +226,9 @@ static long media_device_setup_link(struct media_device *mdev,
>  	return __media_entity_setup_link(link, linkd->flags);
>  }
>  
> -static long media_device_get_topology(struct media_device *mdev,
> -				      struct media_v2_topology *topo)
> +static long media_device_get_topology(struct media_device *mdev, void *arg)
>  {
> +	struct media_v2_topology *topo = arg;
>  	struct media_entity *entity;
>  	struct media_interface *intf;
>  	struct media_pad *pad;
> 

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH v2] media: media-device: fix ioctl function types
  2018-05-08  8:08     ` Hans Verkuil
@ 2018-05-08  9:16       ` Sakari Ailus
  0 siblings, 0 replies; 7+ messages in thread
From: Sakari Ailus @ 2018-05-08  9:16 UTC (permalink / raw)
  To: Hans Verkuil
  Cc: Sami Tolvanen, Mauro Carvalho Chehab, Kees Cook, linux-media,
	linux-kernel

On Tue, May 08, 2018 at 10:08:41AM +0200, Hans Verkuil wrote:
> Hi Sami,
> 
> This is unchanged from the previous version, right? I've already added that to a
> pull request.

Casting has been removed from the void pointers as I suggested. That's the
difference.

> 
> If this v2 has changes, then let me know asap.
> 
> Regards,
> 
> 	Hans
> 
> On 05/07/2018 08:09 PM, Sami Tolvanen wrote:
> > This change fixes function types for media device ioctls to avoid
> > indirect call mismatches with Control-Flow Integrity checking.
> > 
> > Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
> > ---
> >  drivers/media/media-device.c | 21 +++++++++++----------
> >  1 file changed, 11 insertions(+), 10 deletions(-)
> > 
> > diff --git a/drivers/media/media-device.c b/drivers/media/media-device.c
> > index 35e81f7c0d2f1..ae59c31775557 100644
> > --- a/drivers/media/media-device.c
> > +++ b/drivers/media/media-device.c
> > @@ -54,9 +54,10 @@ static int media_device_close(struct file *filp)
> >  	return 0;
> >  }
> >  
> > -static int media_device_get_info(struct media_device *dev,
> > -				 struct media_device_info *info)
> > +static long media_device_get_info(struct media_device *dev, void *arg)
> >  {
> > +	struct media_device_info *info = arg;
> > +
> >  	memset(info, 0, sizeof(*info));
> >  
> >  	if (dev->driver_name[0])
> > @@ -93,9 +94,9 @@ static struct media_entity *find_entity(struct media_device *mdev, u32 id)
> >  	return NULL;
> >  }
> >  
> > -static long media_device_enum_entities(struct media_device *mdev,
> > -				       struct media_entity_desc *entd)
> > +static long media_device_enum_entities(struct media_device *mdev, void *arg)
> >  {
> > +	struct media_entity_desc *entd = arg;
> >  	struct media_entity *ent;
> >  
> >  	ent = find_entity(mdev, entd->id);
> > @@ -146,9 +147,9 @@ static void media_device_kpad_to_upad(const struct media_pad *kpad,
> >  	upad->flags = kpad->flags;
> >  }
> >  
> > -static long media_device_enum_links(struct media_device *mdev,
> > -				    struct media_links_enum *links)
> > +static long media_device_enum_links(struct media_device *mdev, void *arg)
> >  {
> > +	struct media_links_enum *links = arg;
> >  	struct media_entity *entity;
> >  
> >  	entity = find_entity(mdev, links->entity);
> > @@ -195,9 +196,9 @@ static long media_device_enum_links(struct media_device *mdev,
> >  	return 0;
> >  }
> >  
> > -static long media_device_setup_link(struct media_device *mdev,
> > -				    struct media_link_desc *linkd)
> > +static long media_device_setup_link(struct media_device *mdev, void *arg)
> >  {
> > +	struct media_link_desc *linkd = arg;
> >  	struct media_link *link = NULL;
> >  	struct media_entity *source;
> >  	struct media_entity *sink;
> > @@ -225,9 +226,9 @@ static long media_device_setup_link(struct media_device *mdev,
> >  	return __media_entity_setup_link(link, linkd->flags);
> >  }
> >  
> > -static long media_device_get_topology(struct media_device *mdev,
> > -				      struct media_v2_topology *topo)
> > +static long media_device_get_topology(struct media_device *mdev, void *arg)
> >  {
> > +	struct media_v2_topology *topo = arg;
> >  	struct media_entity *entity;
> >  	struct media_interface *intf;
> >  	struct media_pad *pad;
> > 
> 

-- 
Sakari Ailus
e-mail: sakari.ailus@iki.fi

^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2018-05-08  9:16 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-04-27 19:54 [PATCH] media: media-device: fix ioctl function types Sami Tolvanen
2018-04-30 22:41 ` Kees Cook
2018-05-07 10:45 ` Sakari Ailus
2018-05-07 18:09   ` [PATCH v2] " Sami Tolvanen
2018-05-07 21:45     ` Sakari Ailus
2018-05-08  8:08     ` Hans Verkuil
2018-05-08  9:16       ` Sakari Ailus

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).