| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <7298cc55-c550-0b41-3f3c-8eebed845848@arm.com>
Date: Tue, 1 Sep 2020 20:33:29 +0100
From: Robin Murphy <robin.murphy@....com>
To: Marek Szyprowski <m.szyprowski@...sung.com>,
dri-devel@...ts.freedesktop.org, iommu@...ts.linux-foundation.org,
linaro-mm-sig@...ts.linaro.org, linux-kernel@...r.kernel.org
Cc: Christoph Hellwig <hch@....de>,
Bartlomiej Zolnierkiewicz <b.zolnierkie@...sung.com>,
linux-arm-kernel@...ts.infradead.org,
David Airlie <airlied@...ux.ie>,
Daniel Vetter <daniel@...ll.ch>,
Tomi Valkeinen <tomi.valkeinen@...com>
Subject: Re: [PATCH v9 14/32] drm: omapdrm: fix common struct sg_table related
issues
On 2020-08-26 07:32, Marek Szyprowski wrote:
> The Documentation/DMA-API-HOWTO.txt states that the dma_map_sg() function
> returns the number of the created entries in the DMA address space.
> However the subsequent calls to the dma_sync_sg_for_{device,cpu}() and
> dma_unmap_sg must be called with the original number of the entries
> passed to the dma_map_sg().
>
> struct sg_table is a common structure used for describing a non-contiguous
> memory buffer, used commonly in the DRM and graphics subsystems. It
> consists of a scatterlist with memory pages and DMA addresses (sgl entry),
> as well as the number of scatterlist entries: CPU pages (orig_nents entry)
> and DMA mapped pages (nents entry).
>
> It turned out that it was a common mistake to misuse nents and orig_nents
> entries, calling DMA-mapping functions with a wrong number of entries or
> ignoring the number of mapped entries returned by the dma_map_sg()
> function.
>
> Fix the code to refer to proper nents or orig_nents entries. This driver
> checks for a buffer contiguity in DMA address space, so it should test
> sg_table->nents entry.
>
> Signed-off-by: Marek Szyprowski <m.szyprowski@...sung.com>
> ---
> drivers/gpu/drm/omapdrm/omap_gem.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/gpu/drm/omapdrm/omap_gem.c b/drivers/gpu/drm/omapdrm/omap_gem.c
> index ff0c4b0c3fd0..a7a9a0afe2b6 100644
> --- a/drivers/gpu/drm/omapdrm/omap_gem.c
> +++ b/drivers/gpu/drm/omapdrm/omap_gem.c
> @@ -48,7 +48,7 @@ struct omap_gem_object {
> * OMAP_BO_MEM_DMA_API flag set)
> *
> * - buffers imported from dmabuf (with the OMAP_BO_MEM_DMABUF flag set)
> - * if they are physically contiguous (when sgt->orig_nents == 1)
> + * if they are physically contiguous (when sgt->nents == 1)
Hmm, if this really does mean *physically* contiguous - i.e. if buffers
might be shared between DMA-translatable and non-DMA-translatable
devices - then these changes might not be appropriate. If not and it
only actually means DMA-contiguous, then it would be good to clarify the
comments to that effect.
Can anyone familiar with omapdrm clarify what exactly the case is here?
I know that IOMMUs might be involved to some degree, and I've skimmed
the interconnect chapters of enough OMAP TRMs to be scared by the
reference to the tiler aperture in the context below :)
Robin.
> *
> * - buffers mapped through the TILER when dma_addr_cnt is not zero, in
> * which case the DMA address points to the TILER aperture
> @@ -1279,7 +1279,7 @@ struct drm_gem_object *omap_gem_new_dmabuf(struct drm_device *dev, size_t size,
> union omap_gem_size gsize;
>
> /* Without a DMM only physically contiguous buffers can be supported. */
> - if (sgt->orig_nents != 1 && !priv->has_dmm)
> + if (sgt->nents != 1 && !priv->has_dmm)
> return ERR_PTR(-EINVAL);
>
> gsize.bytes = PAGE_ALIGN(size);
> @@ -1293,7 +1293,7 @@ struct drm_gem_object *omap_gem_new_dmabuf(struct drm_device *dev, size_t size,
>
> omap_obj->sgt = sgt;
>
> - if (sgt->orig_nents == 1) {
> + if (sgt->nents == 1) {
> omap_obj->dma_addr = sg_dma_address(sgt->sgl);
> } else {
> /* Create pages list from sgt */
>
Powered by blists - more mailing lists