On 14/10/2025 13:52, Jacopo Mondi wrote:
Hi Hans
On Tue, Oct 14, 2025 at 09:05:20AM +0200, Hans Verkuil wrote:
Hi Jacopo,
On 19/08/2025 09:07, Jacopo Mondi wrote:
Since commits 7b9eb53e8591 ("media: cx18: Access v4l2_fh from file") 9ba9d11544f9 ("media: ivtv: Access v4l2_fh from file")
All the ioctl handlers access their private data structures from file *
The ivtv and cx18 drivers call the ioctl handlers from their DVB layer without a valid file *, causing invalid memory access.
The issue has been reported by smatch in "[bug report] media: cx18: Access v4l2_fh from file"
Fix this by providing wrappers for the ioctl handlers to be used by the DVB layer that do not require a valid file *.
This series should go to the fixes branch for v6.18, right? This looks like a pure regression, so I think that makes sense.
I think so, yes
BTW, why is there a Link: tag in the cx18 patch? It just links to the v1 of the patch and that doesn't add meaningful information. Linus likes Link:, but only if it really adds useful information.
Good question. I presume it's probably a copy&paste error, as it has no place in the patch.
Would you like me to resend or will you remove it ?
I would prefer a resend for these two patches, clearly marked as [PATCH for v6.18 v5 n/2] in the subject.
Normally I'd just drop the Link: tag, but it's good to have this clearly marked as a fix for v6.18.
I'll also see if I can do a quick test of these two patches with my ivtv and cx18 boards. Just to make sure there are no other corner cases lurking in these drivers.
Regards,
Hans
Regards,
Hans
Signed-off-by: Jacopo Mondi jacopo.mondi@ideasonboard.com
Changes in v4:
- Slightly adjust commit messages
- Link to v3: https://lore.kernel.org/r/20250818-cx18-v4l2-fh-v3-0-5e2f08f3cadc@ideasonboa...
Changes in v3:
- Change helpers to accept the type they're going to operate on instead of using the open_id wrapper type as suggested by Laurent
- Link to v2: https://lore.kernel.org/r/20250818-cx18-v4l2-fh-v2-0-3f53ce423663@ideasonboa...
Changes in v2:
- Add Cc: stable@vger.kernel.org per-patch
Jacopo Mondi (2): media: cx18: Fix invalid access to file * media: ivtv: Fix invalid access to file *
drivers/media/pci/cx18/cx18-driver.c | 9 +++------ drivers/media/pci/cx18/cx18-ioctl.c | 30 +++++++++++++++++++----------- drivers/media/pci/cx18/cx18-ioctl.h | 8 +++++--- drivers/media/pci/ivtv/ivtv-driver.c | 11 ++++------- drivers/media/pci/ivtv/ivtv-ioctl.c | 22 +++++++++++++++++----- drivers/media/pci/ivtv/ivtv-ioctl.h | 6 ++++-- 6 files changed, 52 insertions(+), 34 deletions(-)
base-commit: a75b8d198c55e9eb5feb6f6e155496305caba2dc change-id: 20250818-cx18-v4l2-fh-7eaa6199fdde
Best regards,