drm/i915: Sanity check the computed size and base of stolen memory
authorChris Wilson <chris@chris-wilson.co.uk>
Mon, 30 Jan 2017 13:47:21 +0000 (13:47 +0000)
committerChris Wilson <chris@chris-wilson.co.uk>
Tue, 31 Jan 2017 11:19:23 +0000 (11:19 +0000)
Just do a quick check that the stolen memory address range doesn't
overflow our chosen integer type.

v2: Add add_overflows() to utils with the promise that gcc7 can do this
better than C and then maybe it will have a proper definition in core.

Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Cc: Joonas Lahtinen <joonas.lahtinen@linux.intel.com>
Link: http://patchwork.freedesktop.org/patch/msgid/20170130134721.5159-1-chris@chris-wilson.co.uk
Reviewed-by: Joonas Lahtinen <joonas.lahtinen@linux.intel.com>
drivers/gpu/drm/i915/i915_gem_stolen.c
drivers/gpu/drm/i915/i915_utils.h

index a75de8c6ece0d081be9d64c8889c55f1a56dd30d..cba12ee90cbf388e34bfa62b199ff93853394734 100644 (file)
@@ -189,7 +189,7 @@ static dma_addr_t i915_stolen_to_dma(struct drm_i915_private *dev_priv)
                base = tom - tseg_size - ggtt->stolen_size;
        }
 
-       if (base == 0)
+       if (base == 0 || add_overflows(base, ggtt->stolen_size))
                return 0;
 
        /* make sure we don't clobber the GTT if it's within stolen memory */
index 34020873e1f6ee8a794d5e63d08aebb537b74f0e..b8ba0f2f92afc339ed832e3d0614ff907312716a 100644 (file)
 #ifndef __I915_UTILS_H
 #define __I915_UTILS_H
 
+#if GCC_VERSION >= 70000
+#define add_overflows(A, B) \
+       __builtin_add_overflow_p((A), (B), (typeof((A) + (B)))0)
+#else
+#define add_overflows(A, B) ({ \
+       typeof(A) a = (A); \
+       typeof(B) b = (B); \
+       a + b < a; \
+})
+#endif
+
 #define range_overflows(start, size, max) ({ \
        typeof(start) start__ = (start); \
        typeof(size) size__ = (size); \