Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
MIME-Version: 1.0
References: <20200113055951.8718-1-hslester96@gmail.com> <20200121092350.466f62a8@litschi.hi.pengutronix.de>
In-Reply-To: <20200121092350.466f62a8@litschi.hi.pengutronix.de>
From:   Chuhong Yuan <hslester96@gmail.com>
Date:   Tue, 21 Jan 2020 19:59:46 +0800
Message-ID: <CANhBUQ25dp5kt3EGijLUC1LEjQon5wS8MHJqEiBNcAXSLdvjQw@mail.gmail.com>
Subject: Re: [PATCH v3] media: allegro: add missed checks in allegro_open()
To:     Michael Tretter <m.tretter@pengutronix.de>
Cc:     Pengutronix Kernel Team <kernel@pengutronix.de>,
        Mauro Carvalho Chehab <mchehab@kernel.org>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        linux-media@vger.kernel.org, devel@driverdev.osuosl.org,
        LKML <linux-kernel@vger.kernel.org>,
        Hans Verkuil <hverkuil-cisco@xs4all.nl>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk

On Tue, Jan 21, 2020 at 4:23 PM Michael Tretter
<m.tretter@pengutronix.de> wrote:
>
> On Mon, 13 Jan 2020 13:59:51 +0800, Chuhong Yuan wrote:
> > allegro_open() misses checks for v4l2_m2m_ctx_init() and results of
> > v4l2_ctrl_new* calls.
> > Add checks and error handlers to fix the problems.
> >
> > Signed-off-by: Chuhong Yuan <hslester96@gmail.com>
> > ---
> > Changes in v3:
> >   - Make code cleaner.
> >   - Add a check for handler->error.
> >
> >  .../staging/media/allegro-dvt/allegro-core.c  | 24 +++++++++++++++----
> >  1 file changed, 20 insertions(+), 4 deletions(-)
> >
> > diff --git a/drivers/staging/media/allegro-dvt/allegro-core.c b/drivers/staging/media/allegro-dvt/allegro-core.c
> > index 6f0cd0784786..e86001e42963 100644
> > --- a/drivers/staging/media/allegro-dvt/allegro-core.c
> > +++ b/drivers/staging/media/allegro-dvt/allegro-core.c
> > @@ -2270,15 +2270,12 @@ static int allegro_open(struct file *file)
> >       struct allegro_channel *channel = NULL;
> >       struct v4l2_ctrl_handler *handler;
> >       u64 mask;
> > +     int ret;
> >
> >       channel = kzalloc(sizeof(*channel), GFP_KERNEL);
> >       if (!channel)
> >               return -ENOMEM;
> >
> > -     v4l2_fh_init(&channel->fh, vdev);
> > -     file->private_data = &channel->fh;
> > -     v4l2_fh_add(&channel->fh);
> > -
> >       init_completion(&channel->completion);
> >
> >       channel->dev = dev;
> > @@ -2328,6 +2325,11 @@ static int allegro_open(struct file *file)
> >                       V4L2_CID_MIN_BUFFERS_FOR_OUTPUT,
> >                       1, 32,
> >                       1, 1);
> > +     if (handler->error != 0) {
> > +             ret = handler->error;
> > +             goto error;
> > +     }
> > +
> >       channel->fh.ctrl_handler = handler;
> >
> >       channel->mcu_channel_id = -1;
> > @@ -2341,7 +2343,21 @@ static int allegro_open(struct file *file)
> >       channel->fh.m2m_ctx = v4l2_m2m_ctx_init(dev->m2m_dev, channel,
> >                                               allegro_queue_init);
> >
> > +     if (IS_ERR(channel->fh.m2m_ctx)) {
> > +             ret = PTR_ERR(channel->fh.m2m_ctx);
> > +             goto error;
> > +     }
> > +
> > +     v4l2_fh_init(&channel->fh, vdev);
>
> This call sets channel->fh.ctrl_handler to vdev->ctrl_handler, which
> has previously been overriden by the driver to handler. Therefore, this
> patch breaks all controls. I think we should initialize channel->fh
> before setting any fields of this struct.
>

I'm not very clear about this issue.
In my second version, Hans replied that init could be moved before return 0.
I have sent this mail to him.

> Michael
>
> > +     file->private_data = &channel->fh;
> > +     v4l2_fh_add(&channel->fh);
> > +
> >       return 0;
> > +
> > +error:
> > +     v4l2_ctrl_handler_free(handler);
> > +     kfree(channel);
> > +     return ret;
> >  }
> >
> >  static int allegro_release(struct file *file)