kernel/linux.git/drivers/video/fbdev/sbuslib.c, branch v6.19.11

fbdev: Include

2025-06-16T07:06:19+00:00

Fix the compile-time warnings drivers/video/fbdev/core/cfbcopyarea.c: warning: EXPORT_SYMBOL() is used, but #include is missing drivers/video/fbdev/core/cfbfillrect.c: warning: EXPORT_SYMBOL() is used, but #include is missing drivers/video/fbdev/core/cfbimgblt.c: warning: EXPORT_SYMBOL() is used, but #include is missing drivers/video/fbdev/core/fb_ddc.c: warning: EXPORT_SYMBOL() is used, but #include is missing drivers/video/fbdev/core/fb_defio.c: warning: EXPORT_SYMBOL() is used, but #include is missing drivers/video/fbdev/core/fb_io_fops.c: warning: EXPORT_SYMBOL() is used, but #include is missing drivers/video/fbdev/core/fb_sys_fops.c: warning: EXPORT_SYMBOL() is used, but #include is missing drivers/video/fbdev/core/fbcmap.c: warning: EXPORT_SYMBOL() is used, but #include is missing drivers/video/fbdev/core/fbcon.c: warning: EXPORT_SYMBOL() is used, but #include is missing drivers/video/fbdev/core/fbmon.c: warning: EXPORT_SYMBOL() is used, but #include is missing drivers/video/fbdev/core/modedb.c: warning: EXPORT_SYMBOL() is used, but #include is missing drivers/video/fbdev/core/svgalib.c: warning: EXPORT_SYMBOL() is used, but #include is missing drivers/video/fbdev/core/syscopyarea.c: warning: EXPORT_SYMBOL() is used, but #include is missing drivers/video/fbdev/core/sysfillrect.c: warning: EXPORT_SYMBOL() is used, but #include is missing drivers/video/fbdev/core/sysimgblt.c: warning: EXPORT_SYMBOL() is used, but #include is missing drivers/video/fbdev/macmodes.c: warning: EXPORT_SYMBOL() is used, but #include is missing drivers/video/fbdev/sbuslib.c: warning: EXPORT_SYMBOL() is used, but #include is missing drivers/video/fbdev/wmt_ge_rops.c: warning: EXPORT_SYMBOL() is used, but #include is missing Signed-off-by: Thomas Zimmermann Reviewed-by: Helge Deller Fixes: a934a57a42f6 ("scripts/misc-check: check missing #include when W=1") Cc: Masahiro Yamada Cc: Nathan Chancellor Link: https://lore.kernel.org/r/20250612081738.197826-3-tzimmermann@suse.de

fbdev: Constify struct sbus_mmap_map

2024-10-15T08:07:32+00:00

'struct sbus_mmap_map' are not modified in these drivers. Constifying this structure moves some data to a read-only section, so increases overall security. Update sbusfb_mmap_helper() accordingly. On a x86_64, with allmodconfig, as an example: Before: ====== text data bss dec hex filename 2452 536 16 3004 bbc drivers/video/fbdev/bw2.o After: ===== text data bss dec hex filename 2500 483 16 2999 bb7 drivers/video/fbdev/bw2.o Signed-off-by: Christophe JAILLET Signed-off-by: Helge Deller

fbdev: Push pgprot_decrypted() into mmap implementations

2023-11-29T11:20:44+00:00

If a driver sets struct fb_ops.fb_mmap, the fbdev core automatically calls pgprot_decrypted(). But the default fb_mmap code doesn't handle pgprot_decrypted(). Move the call to pgprot_decrypted() into each drivers' fb_mmap function. This only concerns fb_mmap functions for system and DMA memory. For I/O memory, which is the default case, nothing changes. The fb_mmap for I/O-memory can later be moved into a helper as well. DRM's fbdev emulation handles pgprot_decrypted() internally via the Prime helpers. Fbdev doesn't have to do anything in this case. In cases where DRM uses deferred I/O, this patch updates fb_mmap correctly. Signed-off-by: Thomas Zimmermann Reviewed-by: Javier Martinez Canillas Link: https://patchwork.freedesktop.org/patch/msgid/20231127131655.4020-30-tzimmermann@suse.de

fbdev: Remove trailing whitespaces

2023-11-29T11:20:43+00:00

Fix coding style. No functional changes. Signed-off-by: Thomas Zimmermann Reviewed-by: Javier Martinez Canillas Link: https://patchwork.freedesktop.org/patch/msgid/20231127131655.4020-29-tzimmermann@suse.de

fbdev: Explicitly include correct DT includes

2023-07-20T05:56:30+00:00

The DT of_device.h and of_platform.h date back to the separate of_platform_bus_type before it as merged into the regular platform bus. As part of that merge prepping Arm DT support 13 years ago, they "temporarily" include each other. They also include platform_device.h and of.h. As a result, there's a pretty much random mix of those include files used throughout the tree. In order to detangle these headers and replace the implicit includes with struct declarations, users need to explicitly include the correct includes. Reviewed-by: Thomas Zimmermann Signed-off-by: Rob Herring Signed-off-by: Helge Deller

fbdev: sbuslib: remove compat_alloc_user_space usage

2020-09-25T14:34:50+00:00

This is one of the last users of compat_alloc_user_space() and copy_in_user(). The actual handler is implemented in the same file and could be shared, but as I couldn't test this properly I leave the native case alone and just make a straight copy of it for the compat case, with a minimum set of modifications. Signed-off-by: Arnd Bergmann Acked-by: Daniel Vetter Signed-off-by: Sam Ravnborg Link: https://patchwork.freedesktop.org/patch/msgid/20200918100926.1447563-3-arnd@arndb.de

fbdev: sbuslib: remove unused FBIOSCURSOR32 helper

2020-09-25T14:34:50+00:00

No driver implements FBIOSCURSOR, so this function has no purpose and can be removed. Apparently it was added in linux-2.1.44 to handle compatibility for drivers/sbus/char/sunfb.c but lost its purpose when that driver got rewritten in linux-2.5.63. Signed-off-by: Arnd Bergmann Acked-by: Daniel Vetter Signed-off-by: Sam Ravnborg Link: https://patchwork.freedesktop.org/patch/msgid/20200918100926.1447563-2-arnd@arndb.de

fbdev: sbuslib: integer overflow in sbusfb_ioctl_helper()

2018-10-08T10:57:36+00:00

The "index + count" addition can overflow. Both come directly from the user. This bug leads to an information leak. Signed-off-by: Dan Carpenter Cc: Peter Malone Cc: Philippe Ombredanne Cc: Mathieu Malaterre Signed-off-by: Bartlomiej Zolnierkiewicz

fbdev: sbuslib: use checked version of put_user()

2018-10-08T10:57:36+00:00

I'm not sure why the code assumes that only the first put_user() needs an access_ok() check. I have made all the put_user() and get_user() calls checked. Signed-off-by: Dan Carpenter Cc: Philippe Ombredanne Cc: Mathieu Malaterre Cc: Peter Malone , Signed-off-by: Bartlomiej Zolnierkiewicz

fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper().

2018-03-07T13:00:34+00:00

Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper(). 'index' is defined as an int in sbusfb_ioctl_helper(). We retrieve this from the user: if (get_user(index, &c->index) || __get_user(count, &c->count) || __get_user(ured, &c->red) || __get_user(ugreen, &c->green) || __get_user(ublue, &c->blue)) return -EFAULT; and then we use 'index' in the following way: red = cmap->red[index + i] >> 8; green = cmap->green[index + i] >> 8; blue = cmap->blue[index + i] >> 8; This is a classic information leak vulnerability. 'index' should be an unsigned int, given its usage above. This patch is straight-forward; it changes 'index' to unsigned int in two switch-cases: FBIOGETCMAP_SPARC && FBIOPUTCMAP_SPARC. This patch fixes CVE-2018-6412. Signed-off-by: Peter Malone Acked-by: Mathieu Malaterre Signed-off-by: Bartlomiej Zolnierkiewicz