dri-devel.lists.freedesktop.org archive mirror
 help / color / mirror / Atom feed
From: Andrzej Hajda <andrzej.hajda@intel.com>
To: Gwan-gyeong Mun <gwan-gyeong.mun@intel.com>,
	intel-gfx@lists.freedesktop.org
Cc: thomas.hellstrom@linux.intel.com, jani.nikula@intel.com,
	dri-devel@lists.freedesktop.org, chris@chris-wilson.co.uk,
	airlied@linux.ie, matthew.auld@intel.com, mchehab@kernel.org,
	nirmoy.das@intel.com
Subject: Re: [Intel-gfx] [PATCH v5 3/7] drm/i915: Check for integer truncation on scatterlist creation
Date: Mon, 25 Jul 2022 13:51:59 +0200	[thread overview]
Message-ID: <abc353e1-f9f1-2cdf-4752-06f3aa4046c9@intel.com> (raw)
In-Reply-To: <20220725092528.1281487-4-gwan-gyeong.mun@intel.com>

On 25.07.2022 11:25, Gwan-gyeong Mun wrote:
> From: Chris Wilson <chris@chris-wilson.co.uk>
> 
> There is an impedance mismatch between the scatterlist API using unsigned
> int and our memory/page accounting in unsigned long. That is we may try
> to create a scatterlist for a large object that overflows returning a
> small table into which we try to fit very many pages. As the object size
> is under control of userspace, we have to be prudent and catch the
> conversion errors.
> 
> To catch the implicit truncation as we switch from unsigned long into the
> scatterlist's unsigned int, we use overflows_type check and report
> E2BIG prior to the operation. This is already used in our create ioctls to
> indicate if the uABI request is simply too large for the backing store.
> Failing that type check, we have a second check at sg_alloc_table time
> to make sure the values we are passing into the scatterlist API are not
> truncated.
> 
> It uses pgoff_t for locals that are dealing with page indices, in this
> case, the page count is the limit of the page index.
> And it uses safe_conversion() macro which performs a type conversion (cast)
> of an integer value into a new variable, checking that the destination is
> large enough to hold the source value.
> 
> v2: Move added i915_utils's macro into drm_util header (Jani N)
> v5: Fix macros to be enclosed in parentheses for complex values
>      Fix too long line warning
> 
> Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
> Signed-off-by: Gwan-gyeong Mun <gwan-gyeong.mun@intel.com>
> Cc: Tvrtko Ursulin <tvrtko.ursulin@intel.com>
> Cc: Brian Welty <brian.welty@intel.com>
> Cc: Matthew Auld <matthew.auld@intel.com>
> Cc: Thomas Hellström <thomas.hellstrom@linux.intel.com>
> Reviewed-by: Nirmoy Das <nirmoy.das@intel.com>
> Reviewed-by: Mauro Carvalho Chehab <mchehab@kernel.org>
Reviewed-by: Andrzej Hajda <andrzej.hajda@intel.com>

Regards
Andrzej

  reply	other threads:[~2022-07-25 11:52 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-07-25  9:25 [PATCH v5 0/7] Fixes integer overflow or integer truncation issues in page lookups, ttm place configuration and scatterlist creation Gwan-gyeong Mun
2022-07-25  9:25 ` [PATCH v5 1/7] drm: Move and add a few utility macros into drm util header Gwan-gyeong Mun
2022-07-25 11:36   ` [Intel-gfx] " Andrzej Hajda
2022-07-26  8:20     ` Gwan-gyeong Mun
2022-07-27 10:26   ` Andi Shyti
2022-08-03 14:05     ` Jani Nikula
2022-08-04  9:06       ` Andi Shyti
2022-08-09  8:31         ` Gwan-gyeong Mun
2022-07-25  9:25 ` [PATCH v5 2/7] drm/i915/gem: Typecheck page lookups Gwan-gyeong Mun
2022-07-25 11:50   ` [Intel-gfx] " Andrzej Hajda
2022-07-25  9:25 ` [PATCH v5 3/7] drm/i915: Check for integer truncation on scatterlist creation Gwan-gyeong Mun
2022-07-25 11:51   ` Andrzej Hajda [this message]
2022-07-25  9:25 ` [PATCH v5 4/7] drm/i915: Check for integer truncation on the configuration of ttm place Gwan-gyeong Mun
2022-07-25 11:53   ` [Intel-gfx] " Andrzej Hajda
2022-08-03 14:13   ` Jani Nikula
2022-07-25  9:25 ` [PATCH v5 5/7] drm/i915: Check if the size is too big while creating shmem file Gwan-gyeong Mun
2022-07-25 11:59   ` [Intel-gfx] " Andrzej Hajda
2022-07-25  9:25 ` [PATCH v5 6/7] drm/i915: Use error code as -E2BIG when the size of gem ttm object is too large Gwan-gyeong Mun
2022-07-25 12:01   ` [Intel-gfx] " Andrzej Hajda
2022-07-25  9:25 ` [PATCH v5 7/7] drm/i915: Remove truncation warning for large objects Gwan-gyeong Mun
2022-07-25 12:02   ` [Intel-gfx] " Andrzej Hajda

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=abc353e1-f9f1-2cdf-4752-06f3aa4046c9@intel.com \
    --to=andrzej.hajda@intel.com \
    --cc=airlied@linux.ie \
    --cc=chris@chris-wilson.co.uk \
    --cc=dri-devel@lists.freedesktop.org \
    --cc=gwan-gyeong.mun@intel.com \
    --cc=intel-gfx@lists.freedesktop.org \
    --cc=jani.nikula@intel.com \
    --cc=matthew.auld@intel.com \
    --cc=mchehab@kernel.org \
    --cc=nirmoy.das@intel.com \
    --cc=thomas.hellstrom@linux.intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).