| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 28 Sep 2022 11:12:58 +0300
From: Gwan-gyeong Mun <gwan-gyeong.mun@...el.com>
To: intel-gfx@...ts.freedesktop.org
Cc: linux-kernel@...r.kernel.org, dri-devel@...ts.freedesktop.org,
mchehab@...nel.org, chris@...is-wilson.co.uk,
matthew.auld@...el.com, thomas.hellstrom@...ux.intel.com,
jani.nikula@...el.com, nirmoy.das@...el.com, airlied@...hat.com,
daniel@...ll.ch, andi.shyti@...ux.intel.com,
andrzej.hajda@...el.com, keescook@...omium.org,
mauro.chehab@...ux.intel.com, linux@...musvillemoes.dk,
vitor@...saru.org, dlatypov@...gle.com, ndesaulniers@...gle.com,
trix@...hat.com, llvm@...ts.linux.dev,
linux-hardening@...r.kernel.org, linux-sparse@...r.kernel.org,
nathan@...nel.org, gustavoars@...nel.org,
luc.vanoostenryck@...il.com
Subject: [PATCH v13 7/9] drm/i915: Check if the size is too big while creating shmem file
The __shmem_file_setup() function returns -EINVAL if size is greater than
MAX_LFS_FILESIZE. To handle the same error as other code that returns
-E2BIG when the size is too large, it add a code that returns -E2BIG when
the size is larger than the size that can be handled.
v4: If BITS_PER_LONG is 32, size > MAX_LFS_FILESIZE is always false, so it
checks only when BITS_PER_LONG is 64.
Signed-off-by: Gwan-gyeong Mun <gwan-gyeong.mun@...el.com>
Cc: Chris Wilson <chris@...is-wilson.co.uk>
Cc: Matthew Auld <matthew.auld@...el.com>
Cc: Thomas Hellström <thomas.hellstrom@...ux.intel.com>
Reviewed-by: Nirmoy Das <nirmoy.das@...el.com>
Reviewed-by: Mauro Carvalho Chehab <mchehab@...nel.org>
Reported-by: kernel test robot <lkp@...el.com>
Reviewed-by: Andrzej Hajda <andrzej.hajda@...el.com>
---
drivers/gpu/drm/i915/gem/i915_gem_shmem.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/drivers/gpu/drm/i915/gem/i915_gem_shmem.c b/drivers/gpu/drm/i915/gem/i915_gem_shmem.c
index 339b0a9cf2d0..ca30060e34ab 100644
--- a/drivers/gpu/drm/i915/gem/i915_gem_shmem.c
+++ b/drivers/gpu/drm/i915/gem/i915_gem_shmem.c
@@ -541,6 +541,20 @@ static int __create_shmem(struct drm_i915_private *i915,
drm_gem_private_object_init(&i915->drm, obj, size);
+ /* XXX: The __shmem_file_setup() function returns -EINVAL if size is
+ * greater than MAX_LFS_FILESIZE.
+ * To handle the same error as other code that returns -E2BIG when
+ * the size is too large, we add a code that returns -E2BIG when the
+ * size is larger than the size that can be handled.
+ * If BITS_PER_LONG is 32, size > MAX_LFS_FILESIZE is always false,
+ * so we only needs to check when BITS_PER_LONG is 64.
+ * If BITS_PER_LONG is 32, E2BIG checks are processed when
+ * i915_gem_object_size_2big() is called before init_object() callback
+ * is called.
+ */
+ if (BITS_PER_LONG == 64 && size > MAX_LFS_FILESIZE)
+ return -E2BIG;
+
if (i915->mm.gemfs)
filp = shmem_file_setup_with_mnt(i915->mm.gemfs, "i915", size,
flags);
--
2.37.1
Powered by blists - more mailing lists