add poiter check for videobuf_queue_core_init().
any guys who write a v4l driver, pass a NULL pointer or a non-inintial
pointer to the first parameter such as videobuf_queue_sg_init() , it
would be crashed.
Signed-off-by: Figo.zhang <figo1802@gmail.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
The V4L2 ioctls usually return 0 when the operation was successful
and -1 in case of error. Currently VIDIOC_REQBUFS returns the
number of buffers which is redundant because this information is
available in count field of struct v4l2_requestbuffers. The
V4L2 API specification, revision 0.24 [1] explicitly specifies for
VIDIOC_REQBUFS that the return value shall be 0 on success.
The patch was tested with v4l-test 0.13 [2] with vivi driver.
References:
[1] V4L2 API specification, revision 0.24
http://v4l2spec.bytesex.org/spec/r13696.htm
[2] v4l-test: Test environment for Video For Linux Two API
http://v4l-test.sourceforge.net/
Signed-off-by: Márton Németh <nm127@freemail.hu>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
On 32-bit architectures PAGE_ALIGN() truncates 64-bit values to the 32-bit
boundary. For example:
u64 val = PAGE_ALIGN(size);
always returns a value < 4GB even if size is greater than 4GB.
The problem resides in PAGE_MASK definition (from include/asm-x86/page.h for
example):
#define PAGE_SHIFT 12
#define PAGE_SIZE (_AC(1,UL) << PAGE_SHIFT)
#define PAGE_MASK (~(PAGE_SIZE-1))
...
#define PAGE_ALIGN(addr) (((addr)+PAGE_SIZE-1)&PAGE_MASK)
The "~" is performed on a 32-bit value, so everything in "and" with
PAGE_MASK greater than 4GB will be truncated to the 32-bit boundary.
Using the ALIGN() macro seems to be the right way, because it uses
typeof(addr) for the mask.
Also move the PAGE_ALIGN() definitions out of include/asm-*/page.h in
include/linux/mm.h.
See also lkml discussion: http://lkml.org/lkml/2008/6/11/237
[akpm@linux-foundation.org: fix drivers/media/video/uvc/uvc_queue.c]
[akpm@linux-foundation.org: fix v850]
[akpm@linux-foundation.org: fix powerpc]
[akpm@linux-foundation.org: fix arm]
[akpm@linux-foundation.org: fix mips]
[akpm@linux-foundation.org: fix drivers/media/video/pvrusb2/pvrusb2-dvb.c]
[akpm@linux-foundation.org: fix drivers/mtd/maps/uclinux.c]
[akpm@linux-foundation.org: fix powerpc]
Signed-off-by: Andrea Righi <righi.andrea@gmail.com>
Cc: <linux-arch@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
vidiocgmbuf() does this:
mutex_lock(&fh->cap.vb_lock);
retval = videobuf_mmap_setup(&fh->cap, gbuffers, gbufsize,
V4L2_MEMORY_MMAP);
and videobuf_mmap_setup() then just does
mutex_lock(&q->vb_lock);
ret = __videobuf_mmap_setup(q, bcount, bsize, memory);
mutex_unlock(&q->vb_lock);
which is an obvious double-take deadlock.
This patch fixes this by having vidiocgmbuf() just call the
__videobuf_mmap_setup function instead.
Acked-by: Mauro Carvalho Chehab <mchehab@infradead.org>
Reported-by: Koos Vriezen <koos.vriezen@gmail.com>
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
drivers/media/video/v4l2-common.c:719:16: warning: Using plain integer as NULL pointer
drivers/media/video/au0828/au0828-dvb.c:122:19: warning: Using plain integer as NULL pointer
drivers/media/video/ivtv/ivtv-yuv.c:1101:22: warning: Using plain integer as NULL pointer
drivers/media/video/ivtv/ivtv-yuv.c:1102:23: warning: Using plain integer as NULL pointer
drivers/media/video/pvrusb2/pvrusb2-audio.c:78:39: warning: Using plain integer as NULL pointer
drivers/media/video/pvrusb2/pvrusb2-video-v4l.c:84:39: warning: Using plain integer as NULL pointer
drivers/media/video/pvrusb2/pvrusb2-v4l2.c:1264:9: warning: Using plain integer as NULL pointer
drivers/media/video/pvrusb2/pvrusb2-context.c:197:28: warning: Using plain integer as NULL pointer
drivers/media/video/pvrusb2/pvrusb2-cx2584x-v4l.c:126:39: warning: Using plain integer as NULL pointer
drivers/media/video/pvrusb2/pvrusb2-dvb.c:133:32: warning: Using plain integer as NULL pointer
drivers/media/video/pvrusb2/pvrusb2-dvb.c:145:31: warning: Using plain integer as NULL pointer
drivers/media/video/pvrusb2/pvrusb2-dvb.c:177:55: warning: Using plain integer as NULL pointer
drivers/media/video/videobuf-core.c💯9: warning: Using plain integer as NULL pointer
Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
videobuf-dvb were still using a function that were videobuf-dma-sg
dependent. This patch creates a generic handler for this function. This
way, videobuf-dvb can now work with all videobuf implementations.
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
A spinlock is necessary for queue_cancel to work with every driver in the tree.
Otherwise a race exists between IRQ handlers removing buffers from the queue
and queue_cancel invalidating the queue.
Signed-off-by: Brandon Philips <bphilips@suse.de>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
Before the patch, there were a risk of freeing and unmapping userspace memory,
while there were pending requests.
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
There were some bugs on videobuf-vmalloc.
Basically, remap were called with a wrong parameter. Due to that, a later remap
were needed, generating the need of some hacks on videobuf-vmalloc and
videobuf-core.
This patch fixes the remap and removes the hacks.
TODO:
- V4L2_MEMORY_USERPTR is not implemented yet. This method should be
properly implemented, in order to work with a few userspace applications.
- The driver also doesn't implement V4L2_MEMORY_OVERLAY. This method is used
only by a few applications, and are becaming obsolete, due to the increment
of cpu performance. So, most apps prefer to retrieve data to an internal
buffer, doing some processing like de-interlacing.
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
__FUNCTION__ is gcc-specific, use __func__
Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com>
Signed-off-by: Michael Krufky <mkrufky@linuxtv.org>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
Add a waitqueue to wait on when there are no buffers in the buffer queue.
DQBUF waits on this queue without holding vb_lock to allow a QBUF to happen.
Once a buffer has been queued we recheck that the queue is still streaming and
wait on the new buffer's waitqueue while holding the vb_lock. The driver
should come along in a timely manner and put the buffer into its next state
finishing the DQBUF.
By implementing this waitqueue it also brings the videobuf DQBUF up to spec and
it now blocks on O_NONBLOCK even when no buffers have been queued via QBUF:
"By default VIDIOC_DQBUF blocks when no buffer is in the outgoing queue."
- V4L2 spec
Signed-off-by: Brandon Philips <bphilips@suse.de>
CC: Trent Piepho <xyzzy@speakeasy.org>
CC: Carl Karsten <carl@personnelware.com>
CC: Jonathan Corbet <corbet@lwn.net>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
The waitqueues must be woken up every time state changes.
Signed-off-by: Brandon Philips <bphilips@suse.de>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
flags used for spinlocks don't need to be initialized, except where the
compiler has no way to see, that the spin_unlock_irqrestore is only called
if the spin_lock_irqsave has been called before. Local variable
initialization doesn't have to be protected.
Signed-off-by: Guennadi Liakhovetski <g.liakhovetski@pengutronix.de>
Reviewed-by: Hans Verkuil <hverkuil@xs4all.nl>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
Make the dev member of the struct videobuf_queue of type "struct device *"
to avoid future problems. Also change the prototype of the
videobuf_queue_core_init() function.
Signed-off-by: Guennadi Liakhovetski <g.liakhovetski@pengutronix.de>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
Avoid a deadlock where DQBUF is holding the vb_lock while waiting on a QBUF
which also needs the vb_lock. Reported by Hans Verkuil <hverkuil@xs4all.nl>.
Signed-off-by: Brandon Philips <bphilips@suse.de>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
Changeset 7e65d6e8f6df removed a very bad hack on mmap(). However, the fixes
weren't considering usermap and overlay memory models. This were breaking
direct reading from /dev/video?, used mostly by mpeg aware drivers.
Thanks to Steven Toth <stoth@linuxtv.org> for reporting the issue and
bissecting it.
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
In order to videobuf_iolock to work, mmap_mapper should be called first.
Otherwise, an OOPS is generated.
On some cases, .mmap file handler used to took some time to be called. On those
situations, mmap_mmapper() were called after iolock.
This patch properly waits for mmap_mapper to be called, otherwise generating an
error.
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
After commit 19fb145799 the callers in
videobuf-core.c that already hold the lock must call
__videobuf_read_start() instead of videobuf_read_start().
Signed-off-by: Adrian Bunk <bunk@kernel.org>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
videobuf_dvb needs videobuf_read_start. The EXPORT_SYMBOL_GPL() were removed by
a previous patch. However, videobuf_dvb needs this.
This patch re-adds videobuf_read_start, doing the proper lock.
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
- Add comments to functions that require that caller hold q->lock
- Add __videobuf_mmap_free that doesn't hold q->lock for use within videobuf
- Add locking to videobuf_mmap_free
- Fix linux/drivers/media/common/saa7146_video.c which was holding lock around
videobuf_read_stop
- Add locking to functions that operate on a queue
- Add videobuf_stop to take care of stopping in both the read and stream case
TODO: bttv still has an unsafe call to videobuf_queue_is_busy
Signed-off-by: Brandon Philips <bphilips@suse.de>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
As videobuf_cgmbuf is defined only if CONFIG_VIDEO_V4L1_COMPAT is enabled,
move the EXPORT_SYMBOL_GPL declaration inside the #ifdef block. Fixes
compilation for x86_64 defconfig.
Signed-off-by: Pekka Enberg <penberg@cs.helsinki.fi>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
Breaks on any target that has copy_to_user() defined as a non-trivial
macro.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
The rest of V4L files.
There is one list_for_each+list_entry in cpia_pp.c that
wasn't changed because it expects the loop iterator to remain NULL if
the list is empty.
A bug in vivi is fixed; the 'safe' version needs to be used because the loop
deletes the list entries.
Simplify a second loop in vivi and get rid if an un-used variable in that loop.
Signed-off-by: Trent Piepho <xyzzy@speakeasy.org>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
The return value of videobuf_alloc() is unchecked but this function will
return NULL on an error. Check for NULL and make videobuf_reqbufs()
return the number of successfully allocated buffers.
Also, fix saa7146_video.c and bttv-driver.c to use this returned
buffer count.
Tested against the vivi driver. Not tested against saa7146 or bt8xx
devices.
Signed-off-by: Brandon Philips <bphilips@suse.de>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
In the past, videobuf_queue_init were used to initialize PCI DMA videobuffers.
This patch renames it, to avoid confusion with the previous kernel API, doing:
s/videobuf_queue_init/void videobuf_queue_core_init/
Also, the operations is now part of the function parameter. The function will
also add a test if this is defined, otherwise producing BUG.
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
This workaround fix a bug that happens on some SMP machines. On those machines,
videobuf_iolock is called too soon, before file .mmap handler. This patch calls
the scheduler before iolocking, allowing it to properly call the pending mmap.
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
If videobuf_read_stream reads two or more buffers it was overwriting the first one
Signed-off-by: Maxim Levitsky <maximlevitsky@gmail.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
http://thread.gmane.org/gmane.comp.video.video4linux/34978/focus=34981
Reviewed-by: Ricardo Cerqueira <v4l@cerqueira.org>
The reading/streaming fields are used for mutual exclusion of the queue and
should be protected by the queue lock.
Signed-off-by: Brandon Philips <bphilips@suse.de>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
http://thread.gmane.org/gmane.comp.video.video4linux/34978/focus=34981
Reviewed-by: Ricardo Cerqueira <v4l@cerqueira.org>
videobuf_qbuf takes q->lock, and then calls
q->ops->buf_prepare which by design in all drivers calls
videobuf_iolock which calls videobuf_dma_init_user and this
takes current->mm->mmap_sem
on the other hand if user calls mumap from other thread, sys_munmap
takes current->mm->mmap_sem and videobuf_vm_close takes q->lock
Since this can occur only for V4L2_MEMORY_MMAP buffers, take
current->mm->mmap_sem in qbuf, before q->lock, and don't take
current->mm->mmap_sem videobuf_dma_init_user for those buffers
Signed-off-by: Maxim Levitsky <maximlevitsky@gmail.com>
http://thread.gmane.org/gmane.comp.video.video4linux/34978/focus=34981
Reviewed-by: Ricardo Cerqueira <v4l@cerqueira.org>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
video-buf currently does two different tasks:
- Manages video buffers with a common code that allows
implementing all the V4L2 different modes of buffering;
- Controls memory allocations
While the first task is generic, the second were written to support PCI DMA
Scatter/Gather needs. The original approach can't even work for those
video capture hardware that don't support scatter/gather.
I did one approach to make it more generic. While the approach worked
fine for vivi driver, it were not generic enough to handle USB needs.
This patch creates two different modules, one containing the generic
video buffer handling (videobuf-core) and another with PCI DMA S/G.
After this patch, it would be simpler to write an USB video-buf and a
non-SG DMA module.
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
http://thread.gmane.org/gmane.comp.video.video4linux/34978/focus=34981
Reviewed-by: Ricardo Cerqueira <v4l@cerqueira.org>