[PATCH 3.16 301/366] drm/i915/userptr: reject zero user_size

From: Ben Hutchings
Date: Sun Oct 14 2018 - 12:00:46 EST

Next message: Ben Hutchings: "[PATCH 3.16 311/366] vmxnet3: avoid assumption about invalid dma_pa in vmxnet3_set_mc()"
Previous message: Ben Hutchings: "[PATCH 3.16 314/366] drm: set FMODE_UNSIGNED_OFFSET for drm files"
In reply to: Ben Hutchings: "[PATCH 3.16 314/366] drm: set FMODE_UNSIGNED_OFFSET for drm files"
Next in thread: Ben Hutchings: "[PATCH 3.16 311/366] vmxnet3: avoid assumption about invalid dma_pa in vmxnet3_set_mc()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

3.16.60-rc1 review patch. If anyone has any objections, please let me know.

------------------

From: Matthew Auld <matthew.auld@xxxxxxxxx>

commit 20943f984967477c906522112d2b6b5a29f94684 upstream.

Operating on a zero sized GEM userptr object will lead to explosions.

Fixes: 5cc9ed4b9a7a ("drm/i915: Introduce mapping of user pages into video memory (userptr) ioctl")
Testcase: igt/gem_userptr_blits/input-checking
Signed-off-by: Matthew Auld <matthew.auld@xxxxxxxxx>
Cc: Chris Wilson <chris@xxxxxxxxxxxxxxxxxx>
Reviewed-by: Chris Wilson <chris@xxxxxxxxxxxxxxxxxx>
Signed-off-by: Chris Wilson <chris@xxxxxxxxxxxxxxxxxx>
Link: https://patchwork.freedesktop.org/patch/msgid/20180502195021.30900-1-matthew.auld@xxxxxxxxx
(cherry picked from commit c11c7bfd213495784b22ef82a69b6489f8d0092f)
Signed-off-by: Joonas Lahtinen <joonas.lahtinen@xxxxxxxxxxxxxxx>
Signed-off-by: Ben Hutchings <ben@xxxxxxxxxxxxxxx>
---
drivers/gpu/drm/i915/i915_gem_userptr.c | 3 +++
1 file changed, 3 insertions(+)

--- a/drivers/gpu/drm/i915/i915_gem_userptr.c
+++ b/drivers/gpu/drm/i915/i915_gem_userptr.c
@@ -657,6 +657,9 @@ i915_gem_userptr_ioctl(struct drm_device
I915_USERPTR_UNSYNCHRONIZED))
return -EINVAL;

+ if (!args->user_size)
+ return -EINVAL;
+
if (offset_in_page(args->user_ptr | args->user_size))
return -EINVAL;

Next message: Ben Hutchings: "[PATCH 3.16 311/366] vmxnet3: avoid assumption about invalid dma_pa in vmxnet3_set_mc()"
Previous message: Ben Hutchings: "[PATCH 3.16 314/366] drm: set FMODE_UNSIGNED_OFFSET for drm files"
In reply to: Ben Hutchings: "[PATCH 3.16 314/366] drm: set FMODE_UNSIGNED_OFFSET for drm files"
Next in thread: Ben Hutchings: "[PATCH 3.16 311/366] vmxnet3: avoid assumption about invalid dma_pa in vmxnet3_set_mc()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]