aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--drivers/media/v4l2-core/v4l2-compat-ioctl32.c79
1 files changed, 36 insertions, 43 deletions
diff --git a/drivers/media/v4l2-core/v4l2-compat-ioctl32.c b/drivers/media/v4l2-core/v4l2-compat-ioctl32.c
index c7e9d29d0e33..6c70705a48bc 100644
--- a/drivers/media/v4l2-core/v4l2-compat-ioctl32.c
+++ b/drivers/media/v4l2-core/v4l2-compat-ioctl32.c
@@ -48,7 +48,7 @@ struct v4l2_window32 {
48 48
49static int get_v4l2_window32(struct v4l2_window *kp, struct v4l2_window32 __user *up) 49static int get_v4l2_window32(struct v4l2_window *kp, struct v4l2_window32 __user *up)
50{ 50{
51 if (!access_ok(VERIFY_READ, up, sizeof(struct v4l2_window32)) || 51 if (!access_ok(VERIFY_READ, up, sizeof(*up)) ||
52 copy_from_user(&kp->w, &up->w, sizeof(up->w)) || 52 copy_from_user(&kp->w, &up->w, sizeof(up->w)) ||
53 get_user(kp->field, &up->field) || 53 get_user(kp->field, &up->field) ||
54 get_user(kp->chromakey, &up->chromakey) || 54 get_user(kp->chromakey, &up->chromakey) ||
@@ -66,7 +66,7 @@ static int get_v4l2_window32(struct v4l2_window *kp, struct v4l2_window32 __user
66 if (get_user(p, &up->clips)) 66 if (get_user(p, &up->clips))
67 return -EFAULT; 67 return -EFAULT;
68 uclips = compat_ptr(p); 68 uclips = compat_ptr(p);
69 kclips = compat_alloc_user_space(n * sizeof(struct v4l2_clip)); 69 kclips = compat_alloc_user_space(n * sizeof(*kclips));
70 kp->clips = kclips; 70 kp->clips = kclips;
71 while (--n >= 0) { 71 while (--n >= 0) {
72 if (copy_in_user(&kclips->c, &uclips->c, sizeof(uclips->c))) 72 if (copy_in_user(&kclips->c, &uclips->c, sizeof(uclips->c)))
@@ -164,14 +164,14 @@ static int __get_v4l2_format32(struct v4l2_format *kp, struct v4l2_format32 __us
164 164
165static int get_v4l2_format32(struct v4l2_format *kp, struct v4l2_format32 __user *up) 165static int get_v4l2_format32(struct v4l2_format *kp, struct v4l2_format32 __user *up)
166{ 166{
167 if (!access_ok(VERIFY_READ, up, sizeof(struct v4l2_format32))) 167 if (!access_ok(VERIFY_READ, up, sizeof(*up)))
168 return -EFAULT; 168 return -EFAULT;
169 return __get_v4l2_format32(kp, up); 169 return __get_v4l2_format32(kp, up);
170} 170}
171 171
172static int get_v4l2_create32(struct v4l2_create_buffers *kp, struct v4l2_create_buffers32 __user *up) 172static int get_v4l2_create32(struct v4l2_create_buffers *kp, struct v4l2_create_buffers32 __user *up)
173{ 173{
174 if (!access_ok(VERIFY_READ, up, sizeof(struct v4l2_create_buffers32)) || 174 if (!access_ok(VERIFY_READ, up, sizeof(*up)) ||
175 copy_from_user(kp, up, offsetof(struct v4l2_create_buffers32, format))) 175 copy_from_user(kp, up, offsetof(struct v4l2_create_buffers32, format)))
176 return -EFAULT; 176 return -EFAULT;
177 return __get_v4l2_format32(&kp->format, &up->format); 177 return __get_v4l2_format32(&kp->format, &up->format);
@@ -218,14 +218,14 @@ static int __put_v4l2_format32(struct v4l2_format *kp, struct v4l2_format32 __us
218 218
219static int put_v4l2_format32(struct v4l2_format *kp, struct v4l2_format32 __user *up) 219static int put_v4l2_format32(struct v4l2_format *kp, struct v4l2_format32 __user *up)
220{ 220{
221 if (!access_ok(VERIFY_WRITE, up, sizeof(struct v4l2_format32))) 221 if (!access_ok(VERIFY_WRITE, up, sizeof(*up)))
222 return -EFAULT; 222 return -EFAULT;
223 return __put_v4l2_format32(kp, up); 223 return __put_v4l2_format32(kp, up);
224} 224}
225 225
226static int put_v4l2_create32(struct v4l2_create_buffers *kp, struct v4l2_create_buffers32 __user *up) 226static int put_v4l2_create32(struct v4l2_create_buffers *kp, struct v4l2_create_buffers32 __user *up)
227{ 227{
228 if (!access_ok(VERIFY_WRITE, up, sizeof(struct v4l2_create_buffers32)) || 228 if (!access_ok(VERIFY_WRITE, up, sizeof(*up)) ||
229 copy_to_user(up, kp, offsetof(struct v4l2_create_buffers32, format)) || 229 copy_to_user(up, kp, offsetof(struct v4l2_create_buffers32, format)) ||
230 copy_to_user(up->reserved, kp->reserved, sizeof(kp->reserved))) 230 copy_to_user(up->reserved, kp->reserved, sizeof(kp->reserved)))
231 return -EFAULT; 231 return -EFAULT;
@@ -244,7 +244,7 @@ struct v4l2_standard32 {
244static int get_v4l2_standard32(struct v4l2_standard *kp, struct v4l2_standard32 __user *up) 244static int get_v4l2_standard32(struct v4l2_standard *kp, struct v4l2_standard32 __user *up)
245{ 245{
246 /* other fields are not set by the user, nor used by the driver */ 246 /* other fields are not set by the user, nor used by the driver */
247 if (!access_ok(VERIFY_READ, up, sizeof(struct v4l2_standard32)) || 247 if (!access_ok(VERIFY_READ, up, sizeof(*up)) ||
248 get_user(kp->index, &up->index)) 248 get_user(kp->index, &up->index))
249 return -EFAULT; 249 return -EFAULT;
250 return 0; 250 return 0;
@@ -252,14 +252,14 @@ static int get_v4l2_standard32(struct v4l2_standard *kp, struct v4l2_standard32
252 252
253static int put_v4l2_standard32(struct v4l2_standard *kp, struct v4l2_standard32 __user *up) 253static int put_v4l2_standard32(struct v4l2_standard *kp, struct v4l2_standard32 __user *up)
254{ 254{
255 if (!access_ok(VERIFY_WRITE, up, sizeof(struct v4l2_standard32)) || 255 if (!access_ok(VERIFY_WRITE, up, sizeof(*up)) ||
256 put_user(kp->index, &up->index) || 256 put_user(kp->index, &up->index) ||
257 put_user(kp->id, &up->id) || 257 put_user(kp->id, &up->id) ||
258 copy_to_user(up->name, kp->name, 24) || 258 copy_to_user(up->name, kp->name, sizeof(up->name)) ||
259 copy_to_user(&up->frameperiod, &kp->frameperiod, 259 copy_to_user(&up->frameperiod, &kp->frameperiod,
260 sizeof(kp->frameperiod)) || 260 sizeof(kp->frameperiod)) ||
261 put_user(kp->framelines, &up->framelines) || 261 put_user(kp->framelines, &up->framelines) ||
262 copy_to_user(up->reserved, kp->reserved, 4 * sizeof(__u32))) 262 copy_to_user(up->reserved, kp->reserved, sizeof(kp->reserved)))
263 return -EFAULT; 263 return -EFAULT;
264 return 0; 264 return 0;
265} 265}
@@ -307,7 +307,7 @@ static int get_v4l2_plane32(struct v4l2_plane __user *up, struct v4l2_plane32 __
307 307
308 if (copy_in_user(up, up32, 2 * sizeof(__u32)) || 308 if (copy_in_user(up, up32, 2 * sizeof(__u32)) ||
309 copy_in_user(&up->data_offset, &up32->data_offset, 309 copy_in_user(&up->data_offset, &up32->data_offset,
310 sizeof(__u32))) 310 sizeof(up->data_offset)))
311 return -EFAULT; 311 return -EFAULT;
312 312
313 if (memory == V4L2_MEMORY_USERPTR) { 313 if (memory == V4L2_MEMORY_USERPTR) {
@@ -317,11 +317,11 @@ static int get_v4l2_plane32(struct v4l2_plane __user *up, struct v4l2_plane32 __
317 if (put_user((unsigned long)up_pln, &up->m.userptr)) 317 if (put_user((unsigned long)up_pln, &up->m.userptr))
318 return -EFAULT; 318 return -EFAULT;
319 } else if (memory == V4L2_MEMORY_DMABUF) { 319 } else if (memory == V4L2_MEMORY_DMABUF) {
320 if (copy_in_user(&up->m.fd, &up32->m.fd, sizeof(int))) 320 if (copy_in_user(&up->m.fd, &up32->m.fd, sizeof(up32->m.fd)))
321 return -EFAULT; 321 return -EFAULT;
322 } else { 322 } else {
323 if (copy_in_user(&up->m.mem_offset, &up32->m.mem_offset, 323 if (copy_in_user(&up->m.mem_offset, &up32->m.mem_offset,
324 sizeof(__u32))) 324 sizeof(up32->m.mem_offset)))
325 return -EFAULT; 325 return -EFAULT;
326 } 326 }
327 327
@@ -333,19 +333,19 @@ static int put_v4l2_plane32(struct v4l2_plane __user *up, struct v4l2_plane32 __
333{ 333{
334 if (copy_in_user(up32, up, 2 * sizeof(__u32)) || 334 if (copy_in_user(up32, up, 2 * sizeof(__u32)) ||
335 copy_in_user(&up32->data_offset, &up->data_offset, 335 copy_in_user(&up32->data_offset, &up->data_offset,
336 sizeof(__u32))) 336 sizeof(up->data_offset)))
337 return -EFAULT; 337 return -EFAULT;
338 338
339 /* For MMAP, driver might've set up the offset, so copy it back. 339 /* For MMAP, driver might've set up the offset, so copy it back.
340 * USERPTR stays the same (was userspace-provided), so no copying. */ 340 * USERPTR stays the same (was userspace-provided), so no copying. */
341 if (memory == V4L2_MEMORY_MMAP) 341 if (memory == V4L2_MEMORY_MMAP)
342 if (copy_in_user(&up32->m.mem_offset, &up->m.mem_offset, 342 if (copy_in_user(&up32->m.mem_offset, &up->m.mem_offset,
343 sizeof(__u32))) 343 sizeof(up->m.mem_offset)))
344 return -EFAULT; 344 return -EFAULT;
345 /* For DMABUF, driver might've set up the fd, so copy it back. */ 345 /* For DMABUF, driver might've set up the fd, so copy it back. */
346 if (memory == V4L2_MEMORY_DMABUF) 346 if (memory == V4L2_MEMORY_DMABUF)
347 if (copy_in_user(&up32->m.fd, &up->m.fd, 347 if (copy_in_user(&up32->m.fd, &up->m.fd,
348 sizeof(int))) 348 sizeof(up->m.fd)))
349 return -EFAULT; 349 return -EFAULT;
350 350
351 return 0; 351 return 0;
@@ -358,7 +358,7 @@ static int get_v4l2_buffer32(struct v4l2_buffer *kp, struct v4l2_buffer32 __user
358 compat_caddr_t p; 358 compat_caddr_t p;
359 int ret; 359 int ret;
360 360
361 if (!access_ok(VERIFY_READ, up, sizeof(struct v4l2_buffer32)) || 361 if (!access_ok(VERIFY_READ, up, sizeof(*up)) ||
362 get_user(kp->index, &up->index) || 362 get_user(kp->index, &up->index) ||
363 get_user(kp->type, &up->type) || 363 get_user(kp->type, &up->type) ||
364 get_user(kp->flags, &up->flags) || 364 get_user(kp->flags, &up->flags) ||
@@ -370,8 +370,7 @@ static int get_v4l2_buffer32(struct v4l2_buffer *kp, struct v4l2_buffer32 __user
370 if (get_user(kp->bytesused, &up->bytesused) || 370 if (get_user(kp->bytesused, &up->bytesused) ||
371 get_user(kp->field, &up->field) || 371 get_user(kp->field, &up->field) ||
372 get_user(kp->timestamp.tv_sec, &up->timestamp.tv_sec) || 372 get_user(kp->timestamp.tv_sec, &up->timestamp.tv_sec) ||
373 get_user(kp->timestamp.tv_usec, 373 get_user(kp->timestamp.tv_usec, &up->timestamp.tv_usec))
374 &up->timestamp.tv_usec))
375 return -EFAULT; 374 return -EFAULT;
376 375
377 if (V4L2_TYPE_IS_MULTIPLANAR(kp->type)) { 376 if (V4L2_TYPE_IS_MULTIPLANAR(kp->type)) {
@@ -391,13 +390,12 @@ static int get_v4l2_buffer32(struct v4l2_buffer *kp, struct v4l2_buffer32 __user
391 390
392 uplane32 = compat_ptr(p); 391 uplane32 = compat_ptr(p);
393 if (!access_ok(VERIFY_READ, uplane32, 392 if (!access_ok(VERIFY_READ, uplane32,
394 kp->length * sizeof(struct v4l2_plane32))) 393 kp->length * sizeof(*uplane32)))
395 return -EFAULT; 394 return -EFAULT;
396 395
397 /* We don't really care if userspace decides to kill itself 396 /* We don't really care if userspace decides to kill itself
398 * by passing a very big num_planes value */ 397 * by passing a very big num_planes value */
399 uplane = compat_alloc_user_space(kp->length * 398 uplane = compat_alloc_user_space(kp->length * sizeof(*uplane));
400 sizeof(struct v4l2_plane));
401 kp->m.planes = (__force struct v4l2_plane *)uplane; 399 kp->m.planes = (__force struct v4l2_plane *)uplane;
402 400
403 for (num_planes = 0; num_planes < kp->length; num_planes++) { 401 for (num_planes = 0; num_planes < kp->length; num_planes++) {
@@ -445,7 +443,7 @@ static int put_v4l2_buffer32(struct v4l2_buffer *kp, struct v4l2_buffer32 __user
445 int num_planes; 443 int num_planes;
446 int ret; 444 int ret;
447 445
448 if (!access_ok(VERIFY_WRITE, up, sizeof(struct v4l2_buffer32)) || 446 if (!access_ok(VERIFY_WRITE, up, sizeof(*up)) ||
449 put_user(kp->index, &up->index) || 447 put_user(kp->index, &up->index) ||
450 put_user(kp->type, &up->type) || 448 put_user(kp->type, &up->type) ||
451 put_user(kp->flags, &up->flags) || 449 put_user(kp->flags, &up->flags) ||
@@ -456,8 +454,7 @@ static int put_v4l2_buffer32(struct v4l2_buffer *kp, struct v4l2_buffer32 __user
456 put_user(kp->field, &up->field) || 454 put_user(kp->field, &up->field) ||
457 put_user(kp->timestamp.tv_sec, &up->timestamp.tv_sec) || 455 put_user(kp->timestamp.tv_sec, &up->timestamp.tv_sec) ||
458 put_user(kp->timestamp.tv_usec, &up->timestamp.tv_usec) || 456 put_user(kp->timestamp.tv_usec, &up->timestamp.tv_usec) ||
459 copy_to_user(&up->timecode, &kp->timecode, 457 copy_to_user(&up->timecode, &kp->timecode, sizeof(kp->timecode)) ||
460 sizeof(struct v4l2_timecode)) ||
461 put_user(kp->sequence, &up->sequence) || 458 put_user(kp->sequence, &up->sequence) ||
462 put_user(kp->reserved2, &up->reserved2) || 459 put_user(kp->reserved2, &up->reserved2) ||
463 put_user(kp->reserved, &up->reserved) || 460 put_user(kp->reserved, &up->reserved) ||
@@ -525,7 +522,7 @@ static int get_v4l2_framebuffer32(struct v4l2_framebuffer *kp, struct v4l2_frame
525{ 522{
526 u32 tmp; 523 u32 tmp;
527 524
528 if (!access_ok(VERIFY_READ, up, sizeof(struct v4l2_framebuffer32)) || 525 if (!access_ok(VERIFY_READ, up, sizeof(*up)) ||
529 get_user(tmp, &up->base) || 526 get_user(tmp, &up->base) ||
530 get_user(kp->capability, &up->capability) || 527 get_user(kp->capability, &up->capability) ||
531 get_user(kp->flags, &up->flags) || 528 get_user(kp->flags, &up->flags) ||
@@ -539,7 +536,7 @@ static int put_v4l2_framebuffer32(struct v4l2_framebuffer *kp, struct v4l2_frame
539{ 536{
540 u32 tmp = (u32)((unsigned long)kp->base); 537 u32 tmp = (u32)((unsigned long)kp->base);
541 538
542 if (!access_ok(VERIFY_WRITE, up, sizeof(struct v4l2_framebuffer32)) || 539 if (!access_ok(VERIFY_WRITE, up, sizeof(*up)) ||
543 put_user(tmp, &up->base) || 540 put_user(tmp, &up->base) ||
544 put_user(kp->capability, &up->capability) || 541 put_user(kp->capability, &up->capability) ||
545 put_user(kp->flags, &up->flags) || 542 put_user(kp->flags, &up->flags) ||
@@ -564,14 +561,14 @@ struct v4l2_input32 {
564 Otherwise it is identical to the 32-bit version. */ 561 Otherwise it is identical to the 32-bit version. */
565static inline int get_v4l2_input32(struct v4l2_input *kp, struct v4l2_input32 __user *up) 562static inline int get_v4l2_input32(struct v4l2_input *kp, struct v4l2_input32 __user *up)
566{ 563{
567 if (copy_from_user(kp, up, sizeof(struct v4l2_input32))) 564 if (copy_from_user(kp, up, sizeof(*up)))
568 return -EFAULT; 565 return -EFAULT;
569 return 0; 566 return 0;
570} 567}
571 568
572static inline int put_v4l2_input32(struct v4l2_input *kp, struct v4l2_input32 __user *up) 569static inline int put_v4l2_input32(struct v4l2_input *kp, struct v4l2_input32 __user *up)
573{ 570{
574 if (copy_to_user(up, kp, sizeof(struct v4l2_input32))) 571 if (copy_to_user(up, kp, sizeof(*up)))
575 return -EFAULT; 572 return -EFAULT;
576 return 0; 573 return 0;
577} 574}
@@ -619,12 +616,11 @@ static int get_v4l2_ext_controls32(struct v4l2_ext_controls *kp, struct v4l2_ext
619 unsigned int n; 616 unsigned int n;
620 compat_caddr_t p; 617 compat_caddr_t p;
621 618
622 if (!access_ok(VERIFY_READ, up, sizeof(struct v4l2_ext_controls32)) || 619 if (!access_ok(VERIFY_READ, up, sizeof(*up)) ||
623 get_user(kp->which, &up->which) || 620 get_user(kp->which, &up->which) ||
624 get_user(kp->count, &up->count) || 621 get_user(kp->count, &up->count) ||
625 get_user(kp->error_idx, &up->error_idx) || 622 get_user(kp->error_idx, &up->error_idx) ||
626 copy_from_user(kp->reserved, up->reserved, 623 copy_from_user(kp->reserved, up->reserved, sizeof(kp->reserved)))
627 sizeof(kp->reserved)))
628 return -EFAULT; 624 return -EFAULT;
629 if (kp->count == 0) { 625 if (kp->count == 0) {
630 kp->controls = NULL; 626 kp->controls = NULL;
@@ -635,11 +631,9 @@ static int get_v4l2_ext_controls32(struct v4l2_ext_controls *kp, struct v4l2_ext
635 if (get_user(p, &up->controls)) 631 if (get_user(p, &up->controls))
636 return -EFAULT; 632 return -EFAULT;
637 ucontrols = compat_ptr(p); 633 ucontrols = compat_ptr(p);
638 if (!access_ok(VERIFY_READ, ucontrols, 634 if (!access_ok(VERIFY_READ, ucontrols, kp->count * sizeof(*ucontrols)))
639 kp->count * sizeof(struct v4l2_ext_control32)))
640 return -EFAULT; 635 return -EFAULT;
641 kcontrols = compat_alloc_user_space(kp->count * 636 kcontrols = compat_alloc_user_space(kp->count * sizeof(*kcontrols));
642 sizeof(struct v4l2_ext_control));
643 kp->controls = (__force struct v4l2_ext_control *)kcontrols; 637 kp->controls = (__force struct v4l2_ext_control *)kcontrols;
644 for (n = 0; n < kp->count; n++) { 638 for (n = 0; n < kp->count; n++) {
645 u32 id; 639 u32 id;
@@ -671,7 +665,7 @@ static int put_v4l2_ext_controls32(struct v4l2_ext_controls *kp, struct v4l2_ext
671 int n = kp->count; 665 int n = kp->count;
672 compat_caddr_t p; 666 compat_caddr_t p;
673 667
674 if (!access_ok(VERIFY_WRITE, up, sizeof(struct v4l2_ext_controls32)) || 668 if (!access_ok(VERIFY_WRITE, up, sizeof(*up)) ||
675 put_user(kp->which, &up->which) || 669 put_user(kp->which, &up->which) ||
676 put_user(kp->count, &up->count) || 670 put_user(kp->count, &up->count) ||
677 put_user(kp->error_idx, &up->error_idx) || 671 put_user(kp->error_idx, &up->error_idx) ||
@@ -683,8 +677,7 @@ static int put_v4l2_ext_controls32(struct v4l2_ext_controls *kp, struct v4l2_ext
683 if (get_user(p, &up->controls)) 677 if (get_user(p, &up->controls))
684 return -EFAULT; 678 return -EFAULT;
685 ucontrols = compat_ptr(p); 679 ucontrols = compat_ptr(p);
686 if (!access_ok(VERIFY_WRITE, ucontrols, 680 if (!access_ok(VERIFY_WRITE, ucontrols, n * sizeof(*ucontrols)))
687 n * sizeof(struct v4l2_ext_control32)))
688 return -EFAULT; 681 return -EFAULT;
689 682
690 while (--n >= 0) { 683 while (--n >= 0) {
@@ -721,7 +714,7 @@ struct v4l2_event32 {
721 714
722static int put_v4l2_event32(struct v4l2_event *kp, struct v4l2_event32 __user *up) 715static int put_v4l2_event32(struct v4l2_event *kp, struct v4l2_event32 __user *up)
723{ 716{
724 if (!access_ok(VERIFY_WRITE, up, sizeof(struct v4l2_event32)) || 717 if (!access_ok(VERIFY_WRITE, up, sizeof(*up)) ||
725 put_user(kp->type, &up->type) || 718 put_user(kp->type, &up->type) ||
726 copy_to_user(&up->u, &kp->u, sizeof(kp->u)) || 719 copy_to_user(&up->u, &kp->u, sizeof(kp->u)) ||
727 put_user(kp->pending, &up->pending) || 720 put_user(kp->pending, &up->pending) ||
@@ -729,7 +722,7 @@ static int put_v4l2_event32(struct v4l2_event *kp, struct v4l2_event32 __user *u
729 put_user(kp->timestamp.tv_sec, &up->timestamp.tv_sec) || 722 put_user(kp->timestamp.tv_sec, &up->timestamp.tv_sec) ||
730 put_user(kp->timestamp.tv_nsec, &up->timestamp.tv_nsec) || 723 put_user(kp->timestamp.tv_nsec, &up->timestamp.tv_nsec) ||
731 put_user(kp->id, &up->id) || 724 put_user(kp->id, &up->id) ||
732 copy_to_user(up->reserved, kp->reserved, 8 * sizeof(__u32))) 725 copy_to_user(up->reserved, kp->reserved, sizeof(kp->reserved)))
733 return -EFAULT; 726 return -EFAULT;
734 return 0; 727 return 0;
735} 728}
@@ -746,7 +739,7 @@ static int get_v4l2_edid32(struct v4l2_edid *kp, struct v4l2_edid32 __user *up)
746{ 739{
747 u32 tmp; 740 u32 tmp;
748 741
749 if (!access_ok(VERIFY_READ, up, sizeof(struct v4l2_edid32)) || 742 if (!access_ok(VERIFY_READ, up, sizeof(*up)) ||
750 get_user(kp->pad, &up->pad) || 743 get_user(kp->pad, &up->pad) ||
751 get_user(kp->start_block, &up->start_block) || 744 get_user(kp->start_block, &up->start_block) ||
752 get_user(kp->blocks, &up->blocks) || 745 get_user(kp->blocks, &up->blocks) ||
@@ -761,7 +754,7 @@ static int put_v4l2_edid32(struct v4l2_edid *kp, struct v4l2_edid32 __user *up)
761{ 754{
762 u32 tmp = (u32)((unsigned long)kp->edid); 755 u32 tmp = (u32)((unsigned long)kp->edid);
763 756
764 if (!access_ok(VERIFY_WRITE, up, sizeof(struct v4l2_edid32)) || 757 if (!access_ok(VERIFY_WRITE, up, sizeof(*up)) ||
765 put_user(kp->pad, &up->pad) || 758 put_user(kp->pad, &up->pad) ||
766 put_user(kp->start_block, &up->start_block) || 759 put_user(kp->start_block, &up->start_block) ||
767 put_user(kp->blocks, &up->blocks) || 760 put_user(kp->blocks, &up->blocks) ||
generated by cgit v1.2.2 (git 2.25.0) at 2026-01-07 05:23:29 -0500