diff options
| author | Daniel Vetter <[email protected]> | 2023-04-04 21:39:34 +0200 |
|---|---|---|
| committer | Daniel Vetter <[email protected]> | 2023-04-11 16:24:38 +0200 |
| commit | 6fd33a3333c7916689b8f051a185defe4dd515b0 (patch) | |
| tree | 0508254f987e6bc327fe0e90bd6f267b68b5adaf | |
| parent | 86d8740dae5a397d8344ae75f8758103c1fcba97 (diff) | |
fbmem: Reject FB_ACTIVATE_KD_TEXT from userspace
This is an oversight from dc5bdb68b5b3 ("drm/fb-helper: Fix vt
restore") - I failed to realize that nasty userspace could set this.
It's not pretty to mix up kernel-internal and userspace uapi flags
like this, but since the entire fb_var_screeninfo structure is uapi
we'd need to either add a new parameter to the ->fb_set_par callback
and fb_set_par() function, which has a _lot_ of users. Or some other
fairly ugly side-channel int fb_info. Neither is a pretty prospect.
Instead just correct the issue at hand by filtering out this
kernel-internal flag in the ioctl handling code.
Reviewed-by: Javier Martinez Canillas <[email protected]>
Acked-by: Maarten Lankhorst <[email protected]>
Signed-off-by: Daniel Vetter <[email protected]>
Fixes: dc5bdb68b5b3 ("drm/fb-helper: Fix vt restore")
Cc: Alex Deucher <[email protected]>
Cc: [email protected]
Cc: Michel Dänzer <[email protected]>
Cc: Noralf Trønnes <[email protected]>
Cc: Thomas Zimmermann <[email protected]>
Cc: Daniel Vetter <[email protected]>
Cc: Maarten Lankhorst <[email protected]>
Cc: Maxime Ripard <[email protected]>
Cc: David Airlie <[email protected]>
Cc: Daniel Vetter <[email protected]>
Cc: [email protected]
Cc: <[email protected]> # v5.7+
Cc: Bartlomiej Zolnierkiewicz <[email protected]>
Cc: Geert Uytterhoeven <[email protected]>
Cc: Nathan Chancellor <[email protected]>
Cc: Qiujun Huang <[email protected]>
Cc: Peter Rosin <[email protected]>
Cc: [email protected]
Cc: Helge Deller <[email protected]>
Cc: Sam Ravnborg <[email protected]>
Cc: Geert Uytterhoeven <[email protected]>
Cc: Samuel Thibault <[email protected]>
Cc: Tetsuo Handa <[email protected]>
Cc: Shigeru Yoshida <[email protected]>
Link: https://patchwork.freedesktop.org/patch/msgid/[email protected]
| -rw-r--r-- | drivers/video/fbdev/core/fbmem.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/drivers/video/fbdev/core/fbmem.c b/drivers/video/fbdev/core/fbmem.c index 875541ff185b..3fd95a79e4c3 100644 --- a/drivers/video/fbdev/core/fbmem.c +++ b/drivers/video/fbdev/core/fbmem.c @@ -1116,6 +1116,8 @@ static long do_fb_ioctl(struct fb_info *info, unsigned int cmd, case FBIOPUT_VSCREENINFO: if (copy_from_user(&var, argp, sizeof(var))) return -EFAULT; + /* only for kernel-internal use */ + var.activate &= ~FB_ACTIVATE_KD_TEXT; console_lock(); lock_fb_info(info); ret = fbcon_modechange_possible(info, &var); |