[v5,0/4] media: v4l2-subdev: Verify arguments in v4l2_subdev_call()

Message ID	20190512201551.18724-1-jmkrzyszt@gmail.com (mailing list archive)
Headers	show Return-Path: <linux-media-owner@kernel.org> From: Janusz Krzysztofik <jmkrzyszt@gmail.com> To: Mauro Carvalho Chehab <mchehab@kernel.org> Cc: Hans Verkuil <hverkuil-cisco@xs4all.nl>, Sakari Ailus <sakari.ailus@linux.intel.com>, linux-media@vger.kernel.org, linux-kernel@vger.kernel.org, Janusz Krzysztofik <jmkrzyszt@gmail.com> Subject: [PATCH v5 0/4] media: v4l2-subdev: Verify arguments in v4l2_subdev_call() Date: Sun, 12 May 2019 22:15:47 +0200 Message-Id: <20190512201551.18724-1-jmkrzyszt@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-media-owner@vger.kernel.org Precedence: bulk
Series	media: v4l2-subdev: Verify arguments in v4l2_subdev_call() \| expand [v5,0/4] media: v4l2-subdev: Verify arguments in v4l2_subdev_call() [v5,1/4] media: v4l2-subdev: Verify arguments in v4l2_subdev_call() [v5,2/4] media: v4l2-subdev: WARN_ON invalid v4l2_subdev_call() arguments [v5,3/4] media: v4l2-subdev: Verify v4l2_subdev_call() pointer arguments [v5,4/4] media: v4l2-subdev: Verify v4l2_subdev_call() pad config argument

Message ID

20190512201551.18724-1-jmkrzyszt@gmail.com (mailing list archive)

Headers

From: Janusz Krzysztofik <jmkrzyszt@gmail.com>
To: Mauro Carvalho Chehab <mchehab@kernel.org>
Cc: Hans Verkuil <hverkuil-cisco@xs4all.nl>,
        Sakari Ailus <sakari.ailus@linux.intel.com>,
        linux-media@vger.kernel.org, linux-kernel@vger.kernel.org,
        Janusz Krzysztofik <jmkrzyszt@gmail.com>
Subject: [PATCH v5 0/4] media: v4l2-subdev: Verify arguments in
 v4l2_subdev_call()
Date: Sun, 12 May 2019 22:15:47 +0200
Message-Id: <20190512201551.18724-1-jmkrzyszt@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: linux-media-owner@vger.kernel.org
Precedence: bulk

Series

media: v4l2-subdev: Verify arguments in v4l2_subdev_call() | expand

Message

Janusz Krzysztofik May 12, 2019, 8:15 p.m. UTC

Correctness of format type (try or active) and pad ID parameters passed
to subdevice operation callbacks is now verified only for IOCTL calls.
However, those callbacks are also used by drivers, e.g., V4L2 host
interfaces.
    
Since both subdev_do_ioctl() and drivers are using v4l2_subdev_call()
macro while calling subdevice operations, move those parameter checks
from subdev_do_ioctl() to v4l2_subdev_call().  Also, add check for
non-NULL pointers, including pad config if V4L2_SUBDEV_FORMAT_tRY is
requested.  Since invalid arguments generally mean bugs, be noisy about
them.

Having that done, we can avoid taking care of those checks inside
drivers.

Janusz Krzysztofik (4):
  media: v4l2-subdev: Verify arguments in v4l2_subdev_call()
  media: v4l2-subdev: WARN_ON invalid v4l2_subdev_call() arguments
  media: v4l2-subdev: Verify v4l2_subdev_call() pointer arguments
  media: v4l2-subdev: Verify v4l2_subdev_call() pad config argument

 drivers/media/v4l2-core/v4l2-subdev.c | 257 +++++++++++++++++---------
 include/media/v4l2-subdev.h           |   6 +
 2 files changed, 179 insertions(+), 84 deletions(-)

Changelog:
v4->v5:
- a few coding style and code formatting changes,
- require CONFIG_MEDIA_CONTROLLER, not CONFIG_VIDEO_V4L2_SUBDEV_API,
  for a valid pad ID check,
- perform pad ID check only if at least one pad is configured so
  drivers which don't configure pads are not affected if built with
  CONFIG_MEDIA_CONTROLLER defined,
- issue kernel warnings on invalid parameters (new patch - 2/4),
- validate pointers before using them (new patch - 3/4).

v3->v4:
- fix 'struct' keyword missing from patch 2/2,
- fix checkpatch reported style issue in patch 2/2
Sorry for that.

v2->v3:
- add patch 2/2 with pad config check,
- adjust continuation line alignments in patch 1/2 to match those
  used in 2/2.

v1->v2:
- replace the horrible macro with a structure of wrapper functions;
  inspired by Hans' and Sakari's comments - thanks!