[PATCH v5] drm/fbdev-generic: prohibit potential out-of-bounds access
Thomas Zimmermann
tzimmermann at suse.de
Thu Apr 20 12:59:17 UTC 2023
Hi
Am 20.04.23 um 14:25 schrieb Geert Uytterhoeven:
> Hi Thomas,
>
> On Thu, Apr 20, 2023 at 1:10 PM Thomas Zimmermann <tzimmermann at suse.de> wrote:
>> Am 20.04.23 um 12:04 schrieb Sui Jingfeng:
>>> What will happen if the 'screen_size' is not page_size aligned and mmap
>>> will mapping in the granularity of pages ?
>>
>> You need to map at page granularity. If screen_size is not page-size
>> aligned, there's this trailing buffer that is accessible, but cannot be
>> displayed. But userspace has no direct way of knowing that, so let's
>> ignore that problem for now.
>
> Userspace can know, if fb_fix_screeninfo.smem_{start,len} match
> the actual offset and size.
Can you elaborate? How can userspace detect/compute the actually usable
space?
From grep'ing fbdev drivers, smem_len appears to be a multiple of the
pagesize. (?) screen_size is not exported and line_length in the fixed
portion. Or can line_length change between modes? In that case it should
be (yres_virtual * line_length), right?
Best regards
Thomas
>
> Gr{oetje,eeting}s,
>
> Geert
>
--
Thomas Zimmermann
Graphics Driver Developer
SUSE Software Solutions Germany GmbH
Frankenstrasse 146, 90461 Nuernberg, Germany
GF: Ivo Totev, Andrew Myers, Andrew McDonald, Boudien Moerman
HRB 36809 (AG Nuernberg)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <https://lists.freedesktop.org/archives/dri-devel/attachments/20230420/0c278050/attachment.sig>
More information about the dri-devel
mailing list