[Intel-gfx] [PATCH 1/2] drm/i915: Allow parsing of variable size child device entries from VBT

[David Weinehall]

On Fri, Jul 10, 2015 at 02:10:54PM +0300, Antti Koskipaa wrote:
> VBT version 196 increased the size of common_child_dev_config. The parser
> code assumed that the size of this structure would not change.
> 
> So now, instead of checking for smaller size, check that the VBT entry is
> not too large and memcpy only child_dev_size amount of data, leaving any
> trailing entries as zero. If this is not good enough for the future,
> we can always sprinkle extra version checks in there.
> 
> Signed-off-by: Antti Koskipaa <antti.koskipaa at linux.intel.com>
> ---
>  drivers/gpu/drm/i915/intel_bios.c | 9 +++++++--
>  1 file changed, 7 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/gpu/drm/i915/intel_bios.c b/drivers/gpu/drm/i915/intel_bios.c
> index 2ff9eb0..763a636 100644
> --- a/drivers/gpu/drm/i915/intel_bios.c
> +++ b/drivers/gpu/drm/i915/intel_bios.c
> @@ -1022,10 +1022,15 @@ parse_device_mapping(struct drm_i915_private *dev_priv,
>  		DRM_DEBUG_KMS("No general definition block is found, no devices defined.\n");
>  		return;
>  	}
> -	if (p_defs->child_dev_size < sizeof(*p_child)) {
> +	/* Historically, child_dev_size has to be at least 33 bytes in size. */
> +	if (p_defs->child_dev_size < 33) {
>  		DRM_ERROR("General definiton block child device size is too small.\n");

"definition"

>  		return;
>  	}
> +	if (p_defs->child_dev_size > sizeof(*p_child)) {
> +		DRM_ERROR("General definiton block child device size is too large.\n");

"definition"

> +		return;
> +	}
>  	/* get the block size of general definitions */
>  	block_size = get_blocksize(p_defs);
>  	/* get the number of child device */
> @@ -1070,7 +1075,7 @@ parse_device_mapping(struct drm_i915_private *dev_priv,
>  
>  		child_dev_ptr = dev_priv->vbt.child_dev + count;
>  		count++;
> -		memcpy(child_dev_ptr, p_child, sizeof(*p_child));
> +		memcpy(child_dev_ptr, p_child, p_defs->child_dev_size);
>  	}
>  	return;
>  }
> -- 
> 2.3.6
>