sage-
>> From: Tomasz Figa [mailto:tf...@chromium.org]
>> Sent: Tuesday, January 16, 2018 10:40 AM
>> To: Zhi, Yong
>> Cc: Linux Media Mailing List ; Sakari Ailus
>> ; Mani, Rajmohan ;
>> Cao, Bingbu
>> Subject: Re: [PATCH 1/2] media: intel-ipu3: cio2: fix
iginal Message-
> From: Tomasz Figa [mailto:tf...@chromium.org]
> Sent: Tuesday, January 16, 2018 10:40 AM
> To: Zhi, Yong
> Cc: Linux Media Mailing List ; Sakari Ailus
> ; Mani, Rajmohan ;
> Cao, Bingbu
> Subject: Re: [PATCH 1/2] media: intel-ipu3: cio2: fix a crash with ou
c: Linux Media Mailing List ; Sakari Ailus
>> ; Mani, Rajmohan
>> ; Cao, Bingbu
>> Subject: Re: [PATCH 1/2] media: intel-ipu3: cio2: fix a crash with out-of-
>> bounds access
>>
>> On Thu, Jan 4, 2018 at 11:57 AM, Yong Zhi wrote:
>> > When dmabuf is use
t: Re: [PATCH 1/2] media: intel-ipu3: cio2: fix a crash with out-of-
> bounds access
>
> On Thu, Jan 4, 2018 at 11:57 AM, Yong Zhi wrote:
> > When dmabuf is used for BLOB type frame, the frame buffers allocated
> > by gralloc will hold more pages than the valid frame data due to
&g
Hi Yong,
> -Original Message-
> From: Zhi, Yong
> Sent: Wednesday, January 03, 2018 6:57 PM
> To: linux-media@vger.kernel.org; sakari.ai...@linux.intel.com
> Cc: tf...@chromium.org; Mani, Rajmohan ; Zhi,
> Yong ; Cao, Bingbu
> Subject: [PATCH 1/2] media: intel-ip
On Thu, Jan 4, 2018 at 11:57 AM, Yong Zhi wrote:
> When dmabuf is used for BLOB type frame, the frame
> buffers allocated by gralloc will hold more pages
> than the valid frame data due to height alignment.
>
> In this case, the page numbers in sg list could exceed the
> FBPT upper limit value - m
When dmabuf is used for BLOB type frame, the frame
buffers allocated by gralloc will hold more pages
than the valid frame data due to height alignment.
In this case, the page numbers in sg list could exceed the
FBPT upper limit value - max_lops(8)*1024 to cause crash.
Limit the LOP access to the
