On Tue, Jun 22, 2021 at 08:07:12AM +0000, David Laight wrote:
From: Mauro Carvalho Chehab
Sent: 21 June 2021 14:40
As warned by smatch: drivers/media/usb/uvc/uvc_v4l2.c:911 uvc_ioctl_g_input() error: doing dma on the stack (&i) drivers/media/usb/uvc/uvc_v4l2.c:943 uvc_ioctl_s_input() error: doing dma on the stack (&i)
those two functions call uvc_query_ctrl passing a pointer to a data at the DMA stack. those are used to send URBs via usb_control_msg(). Using DMA stack is not supported and should not work anymore on modern Linux versions.
So, use a kmalloc'ed buffer.
...
- buf = kmalloc(1, GFP_KERNEL);
- if (!buf)
return -ENOMEM;
- ret = uvc_query_ctrl(chain->dev, UVC_GET_CUR, chain->selector->id, chain->dev->intfnum, UVC_SU_INPUT_SELECT_CONTROL,
&i, 1);
buf, 1);
Thought...
Is kmalloc(1, GFP_KERNEL) guaranteed to return a pointer into a cache line that will not be accessed by any other code?
(This is slightly weaker than requiring a cache-line aligned pointer - but very similar.)
Without that guarantee you can't use the returned buffer for read dma unless the memory accesses are coherent.
For USB buffers, that should be fine, we have been doing this for decades now...
thanks,
greg k-h