On 25.07.2022 11:25, Gwan-gyeong Mun wrote:
From: Chris Wilson <[email protected]>There is an impedance mismatch between the scatterlist API using unsigned int and our memory/page accounting in unsigned long. That is we may try to create a scatterlist for a large object that overflows returning a small table into which we try to fit very many pages. As the object size is under control of userspace, we have to be prudent and catch the conversion errors. To catch the implicit truncation as we switch from unsigned long into the scatterlist's unsigned int, we use overflows_type check and report E2BIG prior to the operation. This is already used in our create ioctls to indicate if the uABI request is simply too large for the backing store. Failing that type check, we have a second check at sg_alloc_table time to make sure the values we are passing into the scatterlist API are not truncated. It uses pgoff_t for locals that are dealing with page indices, in this case, the page count is the limit of the page index. And it uses safe_conversion() macro which performs a type conversion (cast) of an integer value into a new variable, checking that the destination is large enough to hold the source value. v2: Move added i915_utils's macro into drm_util header (Jani N) v5: Fix macros to be enclosed in parentheses for complex values Fix too long line warning Signed-off-by: Chris Wilson <[email protected]> Signed-off-by: Gwan-gyeong Mun <[email protected]> Cc: Tvrtko Ursulin <[email protected]> Cc: Brian Welty <[email protected]> Cc: Matthew Auld <[email protected]> Cc: Thomas Hellström <[email protected]> Reviewed-by: Nirmoy Das <[email protected]> Reviewed-by: Mauro Carvalho Chehab <[email protected]>
Reviewed-by: Andrzej Hajda <[email protected]> Regards Andrzej
