From: Andrzej Hajda <andrzej.hajda@intel.com>
To: Gwan-gyeong Mun <gwan-gyeong.mun@intel.com>,
intel-gfx@lists.freedesktop.org
Cc: thomas.hellstrom@linux.intel.com, jani.nikula@intel.com,
dri-devel@lists.freedesktop.org, chris@chris-wilson.co.uk,
airlied@linux.ie, matthew.auld@intel.com, mchehab@kernel.org,
nirmoy.das@intel.com
Subject: Re: [Intel-gfx] [PATCH v5 3/7] drm/i915: Check for integer truncation on scatterlist creation
Date: Mon, 25 Jul 2022 13:51:59 +0200 [thread overview]
Message-ID: <abc353e1-f9f1-2cdf-4752-06f3aa4046c9@intel.com> (raw)
In-Reply-To: <20220725092528.1281487-4-gwan-gyeong.mun@intel.com>
On 25.07.2022 11:25, Gwan-gyeong Mun wrote:
> From: Chris Wilson <chris@chris-wilson.co.uk>
>
> There is an impedance mismatch between the scatterlist API using unsigned
> int and our memory/page accounting in unsigned long. That is we may try
> to create a scatterlist for a large object that overflows returning a
> small table into which we try to fit very many pages. As the object size
> is under control of userspace, we have to be prudent and catch the
> conversion errors.
>
> To catch the implicit truncation as we switch from unsigned long into the
> scatterlist's unsigned int, we use overflows_type check and report
> E2BIG prior to the operation. This is already used in our create ioctls to
> indicate if the uABI request is simply too large for the backing store.
> Failing that type check, we have a second check at sg_alloc_table time
> to make sure the values we are passing into the scatterlist API are not
> truncated.
>
> It uses pgoff_t for locals that are dealing with page indices, in this
> case, the page count is the limit of the page index.
> And it uses safe_conversion() macro which performs a type conversion (cast)
> of an integer value into a new variable, checking that the destination is
> large enough to hold the source value.
>
> v2: Move added i915_utils's macro into drm_util header (Jani N)
> v5: Fix macros to be enclosed in parentheses for complex values
> Fix too long line warning
>
> Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
> Signed-off-by: Gwan-gyeong Mun <gwan-gyeong.mun@intel.com>
> Cc: Tvrtko Ursulin <tvrtko.ursulin@intel.com>
> Cc: Brian Welty <brian.welty@intel.com>
> Cc: Matthew Auld <matthew.auld@intel.com>
> Cc: Thomas Hellström <thomas.hellstrom@linux.intel.com>
> Reviewed-by: Nirmoy Das <nirmoy.das@intel.com>
> Reviewed-by: Mauro Carvalho Chehab <mchehab@kernel.org>
Reviewed-by: Andrzej Hajda <andrzej.hajda@intel.com>
Regards
Andrzej
next prev parent reply other threads:[~2022-07-25 11:52 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-07-25 9:25 [PATCH v5 0/7] Fixes integer overflow or integer truncation issues in page lookups, ttm place configuration and scatterlist creation Gwan-gyeong Mun
2022-07-25 9:25 ` [PATCH v5 1/7] drm: Move and add a few utility macros into drm util header Gwan-gyeong Mun
2022-07-25 11:36 ` [Intel-gfx] " Andrzej Hajda
2022-07-26 8:20 ` Gwan-gyeong Mun
2022-07-27 10:26 ` Andi Shyti
2022-08-03 14:05 ` Jani Nikula
2022-08-04 9:06 ` Andi Shyti
2022-08-09 8:31 ` Gwan-gyeong Mun
2022-07-25 9:25 ` [PATCH v5 2/7] drm/i915/gem: Typecheck page lookups Gwan-gyeong Mun
2022-07-25 11:50 ` [Intel-gfx] " Andrzej Hajda
2022-07-25 9:25 ` [PATCH v5 3/7] drm/i915: Check for integer truncation on scatterlist creation Gwan-gyeong Mun
2022-07-25 11:51 ` Andrzej Hajda [this message]
2022-07-25 9:25 ` [PATCH v5 4/7] drm/i915: Check for integer truncation on the configuration of ttm place Gwan-gyeong Mun
2022-07-25 11:53 ` [Intel-gfx] " Andrzej Hajda
2022-08-03 14:13 ` Jani Nikula
2022-07-25 9:25 ` [PATCH v5 5/7] drm/i915: Check if the size is too big while creating shmem file Gwan-gyeong Mun
2022-07-25 11:59 ` [Intel-gfx] " Andrzej Hajda
2022-07-25 9:25 ` [PATCH v5 6/7] drm/i915: Use error code as -E2BIG when the size of gem ttm object is too large Gwan-gyeong Mun
2022-07-25 12:01 ` [Intel-gfx] " Andrzej Hajda
2022-07-25 9:25 ` [PATCH v5 7/7] drm/i915: Remove truncation warning for large objects Gwan-gyeong Mun
2022-07-25 12:02 ` [Intel-gfx] " Andrzej Hajda
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=abc353e1-f9f1-2cdf-4752-06f3aa4046c9@intel.com \
--to=andrzej.hajda@intel.com \
--cc=airlied@linux.ie \
--cc=chris@chris-wilson.co.uk \
--cc=dri-devel@lists.freedesktop.org \
--cc=gwan-gyeong.mun@intel.com \
--cc=intel-gfx@lists.freedesktop.org \
--cc=jani.nikula@intel.com \
--cc=matthew.auld@intel.com \
--cc=mchehab@kernel.org \
--cc=nirmoy.das@intel.com \
--cc=thomas.hellstrom@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).