[PATCH 5.4 01/57] dma-buf: Fix SET_NAME ioctl uapi

From: Greg Kroah-Hartman
Date: Mon May 04 2020 - 14:02:53 EST

Next message: Greg Kroah-Hartman: "[PATCH 5.4 11/57] btrfs: transaction: Avoid deadlock due to bad initialization timing of fs_info::journal_info"
Previous message: Greg Kroah-Hartman: "[PATCH 4.19 15/37] scsi: qla2xxx: set UNLOADING before waiting for session deletion"
In reply to: Greg Kroah-Hartman: "[PATCH 5.4 00/57] 5.4.39-rc1 review"
Next in thread: Greg Kroah-Hartman: "[PATCH 5.4 11/57] btrfs: transaction: Avoid deadlock due to bad initialization timing of fs_info::journal_info"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Daniel Vetter <daniel.vetter@xxxxxxxxx>

commit a5bff92eaac45bdf6221badf9505c26792fdf99e upstream.

The uapi is the same on 32 and 64 bit, but the number isn't. Everyone
who botched this please re-read:

https://www.kernel.org/doc/html/v5.4-preprc-cpu/ioctl/botching-up-ioctls.html

Also, the type argument for the ioctl macros is for the type the void
__user *arg pointer points at, which in this case would be the
variable-sized char[] of a 0 terminated string. So this was botched in
more than just the usual ways.

Cc: Sumit Semwal <sumit.semwal@xxxxxxxxxx>
Cc: Chenbo Feng <fengc@xxxxxxxxxx>
Cc: Greg Hackmann <ghackmann@xxxxxxxxxx>
Cc: Daniel Vetter <daniel.vetter@xxxxxxxx>
Cc: linux-media@xxxxxxxxxxxxxxx
Cc: linaro-mm-sig@xxxxxxxxxxxxxxxx
Cc: minchan@xxxxxxxxxx
Cc: surenb@xxxxxxxxxx
Cc: jenhaochen@xxxxxxxxxx
Cc: Martin Liu <liumartin@xxxxxxxxxx>
Signed-off-by: Daniel Vetter <daniel.vetter@xxxxxxxxx>
Tested-by: Martin Liu <liumartin@xxxxxxxxxx>
Reviewed-by: Martin Liu <liumartin@xxxxxxxxxx>
Signed-off-by: Sumit Semwal <sumit.semwal@xxxxxxxxxx>
[sumits: updated some checkpatch fixes, corrected author email]
Link: https://patchwork.freedesktop.org/patch/msgid/20200407133002.3486387-1-daniel.vetter@xxxxxxxx
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
drivers/dma-buf/dma-buf.c | 3 ++-
include/uapi/linux/dma-buf.h | 6 ++++++
2 files changed, 8 insertions(+), 1 deletion(-)

--- a/drivers/dma-buf/dma-buf.c
+++ b/drivers/dma-buf/dma-buf.c
@@ -388,7 +388,8 @@ static long dma_buf_ioctl(struct file *f

return ret;

- case DMA_BUF_SET_NAME:
+ case DMA_BUF_SET_NAME_A:
+ case DMA_BUF_SET_NAME_B:
return dma_buf_set_name(dmabuf, (const char __user *)arg);

default:
--- a/include/uapi/linux/dma-buf.h
+++ b/include/uapi/linux/dma-buf.h
@@ -39,6 +39,12 @@ struct dma_buf_sync {

#define DMA_BUF_BASE 'b'
#define DMA_BUF_IOCTL_SYNC _IOW(DMA_BUF_BASE, 0, struct dma_buf_sync)
+
+/* 32/64bitness of this uapi was botched in android, there's no difference
+ * between them in actual uapi, they're just different numbers.
+ */
#define DMA_BUF_SET_NAME _IOW(DMA_BUF_BASE, 1, const char *)
+#define DMA_BUF_SET_NAME_A _IOW(DMA_BUF_BASE, 1, u32)
+#define DMA_BUF_SET_NAME_B _IOW(DMA_BUF_BASE, 1, u64)

#endif

Next message: Greg Kroah-Hartman: "[PATCH 5.4 11/57] btrfs: transaction: Avoid deadlock due to bad initialization timing of fs_info::journal_info"
Previous message: Greg Kroah-Hartman: "[PATCH 4.19 15/37] scsi: qla2xxx: set UNLOADING before waiting for session deletion"
In reply to: Greg Kroah-Hartman: "[PATCH 5.4 00/57] 5.4.39-rc1 review"
Next in thread: Greg Kroah-Hartman: "[PATCH 5.4 11/57] btrfs: transaction: Avoid deadlock due to bad initialization timing of fs_info::journal_info"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]