| Age | Commit message (Collapse) | Author |
|---|
|
'struct i2c_algorithm' are not modified in these drivers.
Constifying this structure moves some data to a read-only section, so
increase overall security, especially when the structure holds some
function pointers.
More over, dvb_usb_device_properties->i2c_algo seems to only be copied in
i2c_adapter->algo, which is already a "const struct i2c_algorithm".
This is done in dvb_usb_i2c_init()
On a x86_64, with allmodconfig, as an example:
Before:
======
text data bss dec hex filename
30571 5916 36 36523 8eab drivers/media/usb/dvb-usb/af9005.o
After:
=====
text data bss dec hex filename
30667 5852 36 36555 8ecb drivers/media/usb/dvb-usb/af9005.o
Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr>
Signed-off-by: Hans Verkuil <hverkuil@xs4all.nl>
|
|
'struct usb_device_id' is not modified in these drivers.
Constifying this structure moves some data to a read-only section, so
increase overall security.
In order to do that, struct dvb_usb_device_description (in dvb-usb.h) also
needs to be updated.
On a x86_64, with allmodconfig, as an example:
Before:
======
text data bss dec hex filename
1983 4240 4 6227 1853 drivers/media/usb/dvb-usb/a800.o
After:
=====
text data bss dec hex filename
2079 4144 4 6227 1853 drivers/media/usb/dvb-usb/a800.o
Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr>
Signed-off-by: Hans Verkuil <hverkuil@xs4all.nl>
|
|
In digitv_i2c_xfer, msg is controlled by user. When msg[i].buf
is null and msg[i].len is zero, former checks on msg[i].buf would be
passed. Malicious data finally reach digitv_i2c_xfer. If accessing
msg[i].buf[0] without sanity check, null ptr deref would happen. We add
check on msg[i].len to prevent crash.
Similar commit:
commit 0ed554fd769a ("media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()")
Link: https://lore.kernel.org/linux-media/20230313095008.1039689-1-harperchen1110@gmail.com
Signed-off-by: Wei Chen <harperchen1110@gmail.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab@kernel.org>
|
|
In order to make the drivers under dvb-usb more homogeneous,
use the new macro.
Link: https://lore.kernel.org/linux-media/68de8820a361e61c25bf7402acac71b3770ff906.1648499509.git.mchehab@kernel.org
Signed-off-by: Mauro Carvalho Chehab <mchehab@kernel.org>
|
|
This makes it possible to declare dvb_usb_device_properties const.
Signed-off-by: Sean Young <sean@mess.org>
Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
|
|
The first element of the key array is not used. Remove it, and
along with it a uninitialized memory read.
This should fix the rc debug message.
Link: https://www.spinics.net/lists/kernel/msg3374861.html
Suggested-by: Phong Tran <tranmanphong@gmail.com>
Signed-off-by: Sean Young <sean@mess.org>
Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
|
|
Those documents don't really describe the driver API.
Instead, they contain development-specific information.
Yet, as the main index file describes the content of it as:
"how specific kernel subsystems work
from the point of view of a kernel developer"
It seems to be the better fit.
Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
|
|
This results in an uninitialized variable read.
Reported-by: syzbot+6bf9606ee955b646c0e1@syzkaller.appspotmail.com
Signed-off-by: Sean Young <sean@mess.org>
Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
|
|
Based on 1 normalized pattern(s):
this program is free software you can redistribute it and or modify
it under the terms of the gnu general public license as published by
the free software foundation version 2
extracted by the scancode license scanner the SPDX license identifier
GPL-2.0-only
has been chosen to replace the boilerplate/reference in 135 file(s).
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Allison Randal <allison@lohutok.net>
Cc: linux-spdx@vger.kernel.org
Link: https://lkml.kernel.org/r/20190531081036.435762997@linutronix.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
This file got renamed, but the references still point to the
old place.
Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung@kernel.org>
Acked-by: Jonathan Corbet <corbet@lwn.net>
|
|
Return an error rather than memcpy()ing beyond the end of the buffer.
Internal callers use appropriate sizes, but digitv_i2c_xfer may not.
Signed-off-by: Alyssa Milburn <amilburn@zall.org>
Cc: stable@vger.kernel.org
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
|
|
There's no sense on decoding and generating a RC key code if
there was an error on the URB control message.
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
|
|
The USB control messages require DMA to work. We cannot pass
a stack-allocated buffer, as it is not warranted that the
stack would be into a DMA enabled area.
Reviewed-by: Patrick Boettcher <patrick.boettcher@posteo.de>
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
|
|
Soon my dibcom.fr/parrot.com-address won't respond anymore.
Thus I'm replacing it. And, while being at it,
let's adapt some other (old) email-addresses as well.
Signed-off-by: Patrick Boettcher <patrick.boettcher@posteo.de>
Signed-off-by: Mauro Carvalho Chehab <mchehab@osg.samsung.com>
|
|
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
|
|
As media/dvb will be removed, move it to a proper place.
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
|
