Hi, On Wednesday 21 September 2011 02:10 PM, Hiremath, Vaibhav wrote:
-----Original Message----- From: Taneja, Archit Sent: Friday, September 16, 2011 3:30 PM To: Hiremath, Vaibhav Cc: Valkeinen, Tomi; linux-omap@vger.kernel.org; Semwal, Sumit; linux- me...@vger.kernel.org; Taneja, Archit Subject: [PATCH 1/5] [media]: OMAP_VOUT: Fix check in reqbuf& mmap for buf_size allocation The commit 383e4f69879d11c86ebdd38b3356f6d0690fb4cc makes reqbuf and mmap prevent requesting a larger size buffer than what is allocated at kernel boot during omap_vout_probe. The requested size is compared with vout->buffer_size, this isn't correct as vout->buffer_size is later set to the size requested in reqbuf. When the video device is opened the next time, this check will prevent us to allocate a buffer which is larger than what we requested the last time. Don't use vout->buffer_size, always check with the parameters video1_bufsize or video2_bufsize. Signed-off-by: Archit Taneja<arc...@ti.com> --- drivers/media/video/omap/omap_vout.c | 10 ++++++++-- 1 files changed, 8 insertions(+), 2 deletions(-) diff --git a/drivers/media/video/omap/omap_vout.c b/drivers/media/video/omap/omap_vout.c index 95daf98..e14c82b 100644 --- a/drivers/media/video/omap/omap_vout.c +++ b/drivers/media/video/omap/omap_vout.c @@ -664,10 +664,14 @@ static int omap_vout_buffer_setup(struct videobuf_queue *q, unsigned int *count, u32 phy_addr = 0, virt_addr = 0; struct omap_vout_device *vout = q->priv_data; struct omapvideo_info *ovid =&vout->vid_info; + int vid_max_buf_size; if (!vout) return -EINVAL; + vid_max_buf_size = vout->vid == OMAP_VIDEO1 ? video1_bufsize : + video2_bufsize; + if (V4L2_BUF_TYPE_VIDEO_OUTPUT != q->type) return -EINVAL; @@ -690,7 +694,7 @@ static int omap_vout_buffer_setup(struct videobuf_queue *q, unsigned int *count, video1_numbuffers : video2_numbuffers; /* Check the size of the buffer */ - if (*size> vout->buffer_size) { + if (*size> vid_max_buf_size) {Good catch !!!v4l2_err(&vout->vid_dev->v4l2_dev, "buffer allocation mismatch [%u] [%u]\n", *size, vout->buffer_size); @@ -865,6 +869,8 @@ static int omap_vout_mmap(struct file *file, struct vm_area_struct *vma) unsigned long size = (vma->vm_end - vma->vm_start); struct omap_vout_device *vout = file->private_data; struct videobuf_queue *q =&vout->vbq; + int vid_max_buf_size = vout->vid == OMAP_VIDEO1 ? video1_bufsize : + video2_bufsize; v4l2_dbg(1, debug,&vout->vid_dev->v4l2_dev, " %s pgoff=0x%lx, start=0x%lx, end=0x%lx\n", __func__, @@ -887,7 +893,7 @@ static int omap_vout_mmap(struct file *file, struct vm_area_struct *vma) return -EINVAL; } /* Check the size of the buffer */ - if (size> vout->buffer_size) { + if (size> vid_max_buf_size) {Don't you think in case of mmap we should still check for the vout->buffer_size, since this is the size user has requested in req_buf.
Ah, you are right, the check for the maximum size should only be in the reqbuf path. vout->buffer_size would have been updated correctly at time of mmap. I'll change this back to vout->buffer_size.
Thanks, Archit
Thanks, Vaibhavv4l2_err(&vout->vid_dev->v4l2_dev, "insufficient memory [%lu] [%u]\n", size, vout->buffer_size); -- 1.7.1
-- To unsubscribe from this list: send the line "unsubscribe linux-omap" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
