lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 2 Sep 2016 13:41:48 -0700
From:   Laura Abbott <labbott@...hat.com>
To:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc:     Sumit Semwal <sumit.semwal@...aro.org>,
        John Stultz <john.stultz@...aro.org>,
        Arve Hjønnevåg <arve@...roid.com>,
        Riley Andrews <riandrews@...roid.com>,
        Daniel Vetter <daniel.vetter@...ll.ch>,
        linaro-mm-sig@...ts.linaro.org, devel@...verdev.osuosl.org,
        linux-kernel@...r.kernel.org,
        Eun Taik Lee <eun.taik.lee@...sung.com>,
        Liviu Dudau <Liviu.Dudau@....com>,
        Jon Medhurst <tixy@...aro.org>,
        Mitchel Humpherys <mitchelh@...eaurora.org>,
        Jeremy Gebben <jgebben@...eaurora.org>,
        Bryan Huntsman <bryanh@...eaurora.org>,
        Android Kernel Team <kernel-team@...roid.com>,
        Chen Feng <puck.chen@...ilicon.com>,
        Brian Starkey <brian.starkey@....com>
Subject: Re: [PATCHv2 4/4] staging: android: ion: Add ioctl to query available
 heaps

On 09/01/2016 11:14 PM, Greg Kroah-Hartman wrote:
> On Thu, Sep 01, 2016 at 03:40:44PM -0700, Laura Abbott wrote:
>>
>> Ion clients currently lack a good method to determine what
>> heaps are available and what ids they map to. This leads
>> to tight coupling between user and kernel space and headaches.
>> Add a query ioctl to let userspace know the availability of
>> heaps.
>>
>> Signed-off-by: Laura Abbott <labbott@...hat.com>
>> ---
>>  drivers/staging/android/ion/ion-ioctl.c | 11 +++++++++
>>  drivers/staging/android/ion/ion.c       | 44 +++++++++++++++++++++++++++++++++
>>  drivers/staging/android/ion/ion_priv.h  |  3 +++
>>  drivers/staging/android/uapi/ion.h      | 39 +++++++++++++++++++++++++++++
>>  4 files changed, 97 insertions(+)
>>
>> diff --git a/drivers/staging/android/ion/ion-ioctl.c b/drivers/staging/android/ion/ion-ioctl.c
>> index 53b9520..e76d517 100644
>> --- a/drivers/staging/android/ion/ion-ioctl.c
>> +++ b/drivers/staging/android/ion/ion-ioctl.c
>> @@ -28,6 +28,7 @@ union ion_ioctl_arg {
>>  	struct ion_handle_data handle;
>>  	struct ion_custom_data custom;
>>  	struct ion_abi_version abi_version;
>> +	struct ion_heap_query query;
>>  };
>>
>>  static int validate_ioctl_arg(unsigned int cmd, union ion_ioctl_arg *arg)
>> @@ -38,6 +39,11 @@ static int validate_ioctl_arg(unsigned int cmd, union ion_ioctl_arg *arg)
>>  	case ION_IOC_ABI_VERSION:
>>  		ret = arg->abi_version.reserved != 0;
>>  		break;
>> +	case ION_IOC_HEAP_QUERY:
>> +		ret = arg->query.reserved0 != 0;
>> +		ret |= arg->query.reserved1 != 0;
>> +		ret |= arg->query.reserved2 != 0;
>> +		break;
>>  	default:
>>  		break;
>>  	}
>> @@ -162,6 +168,11 @@ long ion_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
>>  		data.abi_version.abi_version = ION_ABI_VERSION;
>>  		break;
>>  	}
>> +	case ION_IOC_HEAP_QUERY:
>> +	{
>> +		ret = ion_query_heaps(client, &data.query);
>> +		break;
>> +	}
>
> Minor nit, the { } aren't needed here.  Yeah, I know the other cases
> have them, but they aren't all needed there either, no need to keep
> copying bad code style :)
>

Huh, might deserve a checkpatch addition then. Never heard that one before.

>
>
>>  	default:
>>  		return -ENOTTY;
>>  	}
>> diff --git a/drivers/staging/android/ion/ion.c b/drivers/staging/android/ion/ion.c
>> index 975b48f..91b765c 100644
>> --- a/drivers/staging/android/ion/ion.c
>> +++ b/drivers/staging/android/ion/ion.c
>> @@ -1174,6 +1174,49 @@ int ion_sync_for_device(struct ion_client *client, int fd)
>>  	return 0;
>>  }
>>
>> +int ion_query_heaps(struct ion_client *client, struct ion_heap_query *query)
>> +{
>> +	struct ion_device *dev = client->dev;
>> +	struct ion_heap_data __user *buffer =
>> +		(struct ion_heap_data __user *)query->heaps;
>
> Shouldn't query be marked as __user instead of having this cast?
>

No, the query structure itself is copied into the kernel in ion_ioctl.
The sub field query->heaps is a user pointer which is marked as _u64
for compatability ala botching-ioctls.txt hence the cast.

>> +	int ret = -EINVAL, cnt = 0, max_cnt;
>> +	struct ion_heap *heap;
>> +	struct ion_heap_data hdata;
>> +
>> +	memset(&hdata, 0, sizeof(hdata));
>> +
>> +	down_read(&dev->lock);
>> +	if (!buffer) {
>> +		query->cnt = dev->heap_cnt;
>
> Wait, query is __user?
>
> I think the mixing of user/kernel pointers here isn't quite right, or I
> just really can't figure it out...
>
> And kbuild didn't seem to like this patch either :(
>
> But your first 2 patches are great, I'll queue them up later today.
>
> thanks,
>
> greg k-h
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ