msm: sensor: validating the flash initialization parameters (01db0e01) · Commits · e / devices / android_kernel_xiaomi_markw

drivers/media/platform/msm/camera_v2/sensor/flash/msm_flash.c

+37 −1

Original line number	Diff line number	Diff line
		@@ -491,6 +491,42 @@ static int32_t msm_flash_init(
		return 0;
		}

		#ifdef CONFIG_COMPAT
		static int32_t msm_flash_init_prepare(
		struct msm_flash_ctrl_t *flash_ctrl,
		struct msm_flash_cfg_data_t *flash_data)
		{
		return msm_flash_init(flash_ctrl, flash_data);
		}
		#else
		static int32_t msm_flash_init_prepare(
		struct msm_flash_ctrl_t *flash_ctrl,
		struct msm_flash_cfg_data_t *flash_data)
		{
		struct msm_flash_cfg_data_t flash_data_k;
		struct msm_flash_init_info_t flash_init_info;
		int32_t i = 0;

		flash_data_k.cfg_type = flash_data->cfg_type;
		for (i = 0; i < MAX_LED_TRIGGERS; i++) {
		flash_data_k.flash_current[i] =
		flash_data->flash_current[i];
		flash_data_k.flash_duration[i] =
		flash_data->flash_duration[i];
		}

		flash_data_k.cfg.flash_init_info = &flash_init_info;
		if (copy_from_user(&flash_init_info,
		(void *)(flash_data->cfg.flash_init_info),
		sizeof(struct msm_flash_init_info_t))) {
		pr_err("%s copy_from_user failed %d\n",
		__func__, __LINE__);
		return -EFAULT;
		}
		return msm_flash_init(flash_ctrl, &flash_data_k);
		}
		#endif

		static int32_t msm_flash_low(
		struct msm_flash_ctrl_t *flash_ctrl,
		struct msm_flash_cfg_data_t *flash_data)
		@@ -592,7 +628,7 @@ static int32_t msm_flash_config(struct msm_flash_ctrl_t *flash_ctrl,

		switch (flash_data->cfg_type) {
		case CFG_FLASH_INIT:
		rc = msm_flash_init(flash_ctrl, flash_data);
		rc = msm_flash_init_prepare(flash_ctrl, flash_data);
		break;
		case CFG_FLASH_RELEASE:
		if (flash_ctrl->flash_state != MSM_CAMERA_FLASH_RELEASE) {