Re: [PATCH] drm/i915: add sanity check for partial view creation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


On 29/02/16 17:11, Matthew Auld wrote:

When binding pages for a partial view we should check that the offset +
size is valid relative to the size of the gem object.

Cc: Joonas Lahtinen <joonas.lahtinen@xxxxxxxxxxxxxxx>
Signed-off-by: Matthew Auld <matthew.auld@xxxxxxxxx>
---
  drivers/gpu/drm/i915/i915_gem_gtt.c | 4 ++++
  1 file changed, 4 insertions(+)

diff --git a/drivers/gpu/drm/i915/i915_gem_gtt.c b/drivers/gpu/drm/i915/i915_gem_gtt.c
index 49e4f26..a477bb2 100644
--- a/drivers/gpu/drm/i915/i915_gem_gtt.c
+++ b/drivers/gpu/drm/i915/i915_gem_gtt.c
@@ -3500,6 +3500,10 @@ intel_partial_pages(const struct i915_ggtt_view *view,
  	struct sg_page_iter obj_sg_iter;
  	int ret = -ENOMEM;

+	if (view->params.partial.offset + view->params.partial.size >
+	    obj->pages->nents)
+		return ERR_PTR(-EINVAL);
+
obj->pages->nents is not guaranteed to be equal to number of pages but can be less than due sg entry coalescing. 

I suggest replacing with a check against "obj->base.size >> PAGE_SHIFT".


  	st = kmalloc(sizeof(*st), GFP_KERNEL);
  	if (!st)
  		goto err_st_alloc;



Regards,

Tvrtko
_______________________________________________
Intel-gfx mailing list
Intel-gfx@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/intel-gfx
[Index of Archives]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]
  Powered by Linux