| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 24 May 2019 15:12:26 +0300
From: Ville Syrjälä <ville.syrjala@...ux.intel.com>
To: Brian Starkey <Brian.Starkey@....com>
Cc: "james qian wang (Arm Technology China)" <james.qian.wang@....com>,
nd <nd@....com>,
"Lowry Li (Arm Technology China)" <Lowry.Li@....com>,
"Tiannan Zhu (Arm Technology China)" <Tiannan.Zhu@....com>,
"airlied@...ux.ie" <airlied@...ux.ie>,
Liviu Dudau <Liviu.Dudau@....com>,
"Jonathan Chai (Arm Technology China)" <Jonathan.Chai@....com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"dri-devel@...ts.freedesktop.org" <dri-devel@...ts.freedesktop.org>,
"Julien Yin (Arm Technology China)" <Julien.Yin@....com>,
"Yiqi Kang (Arm Technology China)" <Yiqi.Kang@....com>,
"thomas Sun (Arm Technology China)" <thomas.Sun@....com>,
Ayan Halder <Ayan.Halder@....com>,
"sean@...rly.run" <sean@...rly.run>
Subject: Re: [PATCH] drm/komeda: Added AFBC support for komeda driver
On Fri, May 24, 2019 at 11:10:09AM +0000, Brian Starkey wrote:
> Hi,
>
> On Tue, May 21, 2019 at 09:45:58AM +0100, james qian wang (Arm Technology China) wrote:
> > On Thu, May 16, 2019 at 09:57:49PM +0800, Ayan Halder wrote:
> > > On Thu, Apr 04, 2019 at 12:06:14PM +0100, james qian wang (Arm Technology China) wrote:
> > > >
> > > > +static int
> > > > +komeda_fb_afbc_size_check(struct komeda_fb *kfb, struct drm_file *file,
> > > > + const struct drm_mode_fb_cmd2 *mode_cmd)
> > > > +{
> > > > + struct drm_framebuffer *fb = &kfb->base;
> > > > + const struct drm_format_info *info = fb->format;
> > > > + struct drm_gem_object *obj;
> > > > + u32 alignment_w = 0, alignment_h = 0, alignment_header;
> > > > + u32 n_blocks = 0, min_size = 0;
> > > > +
> > > > + obj = drm_gem_object_lookup(file, mode_cmd->handles[0]);
> > > > + if (!obj) {
> > > > + DRM_DEBUG_KMS("Failed to lookup GEM object\n");
> > > > + return -ENOENT;
> > > > + }
> > > > +
> > > > + switch (fb->modifier & AFBC_FORMAT_MOD_BLOCK_SIZE_MASK) {
> > > > + case AFBC_FORMAT_MOD_BLOCK_SIZE_32x8:
> > > > + alignment_w = 32;
> > > > + alignment_h = 8;
> > > > + break;
> > > > + case AFBC_FORMAT_MOD_BLOCK_SIZE_16x16:
> > > > + alignment_w = 16;
> > > > + alignment_h = 16;
> > > > + break;
> > > > + default:
> > > Can we have something like a warn here ?
> >
> > will add a WARN here.
> >
>
> I think it's better not to. fb->modifier comes from
> userspace, so a malicious app could spam us with WARNs, effectively
> dos-ing the system. -EINVAL should be sufficient.
Should probably check that the entire modifier+format is
actually valid. Otherwise you risk passing on a bogus
modifier deeper into the driver which may trigger
interesting bugs.
Also theoretically (however unlikely) some broken userspace
might start to depend on the ability to create framebuffers
with crap modifiers, which could later break if you change
the way you handle the modifiers. Then you're stuck between
the rock and hard place because you can't break existing
userspace but you still want to change the way modifiers
are handled in the kernel.
Best not give userspace too much rope IMO. Two ways to go about
that:
1) drm_any_plane_has_format() (assumes your .format_mod_supported()
does its job properly)
2) roll your own
--
Ville Syrjälä
Intel
Powered by blists - more mailing lists