[PATCH] drm/amdgpu: detect buffer overflow and avoid unnecessary dereference
Huang Rui
ray.huang at amd.com
Wed May 30 11:52:27 UTC 2018
On Tue, May 29, 2018 at 06:17:59PM +0800, Evan Quan wrote:
> Change-Id: I6666d7dcf60acf524f290460d2ffe3f1f5f46354
Need a commit log even it is very short.
> Signed-off-by: Evan Quan <evan.quan at amd.com>
> ---
> drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c | 15 +++++++++------
> 1 file changed, 9 insertions(+), 6 deletions(-)
>
> diff --git a/drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c b/drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c
> index 7c5a850..5a86726 100644
> --- a/drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c
> +++ b/drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c
> @@ -1838,13 +1838,15 @@ static void gfx_v9_1_parse_ind_reg_list(int *register_list_format,
> int indirect_offset,
> int list_size,
> int *unique_indirect_regs,
> - int *unique_indirect_reg_count,
> + int unique_indirect_reg_count,
> int *indirect_start_offsets,
> - int *indirect_start_offsets_count)
> + int *indirect_start_offsets_count,
> + int max_start_offsets_count)
> {
> int idx;
>
> for (; indirect_offset < list_size; indirect_offset++) {
> + BUG_ON(*indirect_start_offsets_count >= max_start_offsets_count);
The same comments with Christian and Alex, here we would better use
WARN_ON.
With that fixed, feel free to add
Reviewed-by: Huang Rui <ray.huang at amd.com>
> indirect_start_offsets[*indirect_start_offsets_count] = indirect_offset;
> *indirect_start_offsets_count = *indirect_start_offsets_count + 1;
>
> @@ -1852,14 +1854,14 @@ static void gfx_v9_1_parse_ind_reg_list(int *register_list_format,
> indirect_offset += 2;
>
> /* look for the matching indice */
> - for (idx = 0; idx < *unique_indirect_reg_count; idx++) {
> + for (idx = 0; idx < unique_indirect_reg_count; idx++) {
> if (unique_indirect_regs[idx] ==
> register_list_format[indirect_offset] ||
> !unique_indirect_regs[idx])
> break;
> }
>
> - BUG_ON(idx >= *unique_indirect_reg_count);
> + BUG_ON(idx >= unique_indirect_reg_count);
>
> if (!unique_indirect_regs[idx])
> unique_indirect_regs[idx] = register_list_format[indirect_offset];
> @@ -1894,9 +1896,10 @@ static int gfx_v9_1_init_rlc_save_restore_list(struct amdgpu_device *adev)
> adev->gfx.rlc.reg_list_format_direct_reg_list_length,
> adev->gfx.rlc.reg_list_format_size_bytes >> 2,
> unique_indirect_regs,
> - &unique_indirect_reg_count,
> + unique_indirect_reg_count,
> indirect_start_offsets,
> - &indirect_start_offsets_count);
> + &indirect_start_offsets_count,
> + ARRAY_SIZE(indirect_start_offsets));
>
> /* enable auto inc in case it is disabled */
> tmp = RREG32(SOC15_REG_OFFSET(GC, 0, mmRLC_SRM_CNTL));
> --
> 2.7.4
>
> _______________________________________________
> amd-gfx mailing list
> amd-gfx at lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/amd-gfx
More information about the amd-gfx
mailing list