On Mon, Sep 27, 2021 at 3:22 PM Phil Elwell <phil@xxxxxxxxxxxxxxx> wrote:
> On 27/09/2021 13:26, Dan Carpenter wrote:
> > On Mon, Sep 27, 2021 at 01:36:56PM +0200, Arnd Bergmann wrote:
> >> From: Arnd Bergmann <arnd@xxxxxxxx>
> >>
> >> - if (num_pages > (SIZE_MAX - sizeof(struct pagelist) -
> >> + if ((size_t)num_pages > (SIZE_MAX - sizeof(struct pagelist) -
> >> sizeof(struct vchiq_pagelist_info)) /
> >> (sizeof(u32) + sizeof(pages[0]) +
> >> sizeof(struct scatterlist)))
> >
> > The temptation would be to declare "num_pages" as size_t instead of
> > adding this cost. But then something will complain about the
> > "pagelistinfo->num_pages = num_pages;" assignment because
> > "pagelistinfo->num_pages" is a u32.
> >
> > The next temptation is to change the SIZE_MAX to UINT_MAX. I didn't
> > do that originally because I can't test this and I was trying not to
> > break things... We probably still don't want to break things, but maybe
> > there is someone who is more familiar with this who knows if UINT_MAX is
> > okay?
>
> The VPU can't address more than 1GB directly, so UINT_MAX is more than sufficient.
Is there a macro that already defines that 1GB size, or maybe an even smaller
value that makes sense as an upper bound?
Arnd
