[PATCH] drm/amdgpu: Fix size overflow
Christian König
christian.koenig at amd.com
Wed Apr 7 12:00:18 UTC 2021
Am 07.04.21 um 13:35 schrieb xinhui pan:
> ttm->num_pages is uint32. Hit overflow when << PAGE_SHIFT directly
>
> Fix: 230c079fd (drm/ttm: make num_pages uint32_t)
>
> Signed-off-by: xinhui pan <xinhui.pan at amd.com>
> ---
> drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c
> index fbaa4c148cca..01a5c487505c 100644
> --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c
> +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c
> @@ -830,7 +830,7 @@ static int amdgpu_ttm_tt_pin_userptr(struct ttm_device *bdev,
>
> /* Allocate an SG array and squash pages into it */
> r = sg_alloc_table_from_pages(ttm->sg, ttm->pages, ttm->num_pages, 0,
> - ttm->num_pages << PAGE_SHIFT,
> + ttm->num_pages * (1ULL << PAGE_SHIFT),
Good catch, but please make this ((u64)ttm->num_pages) << PAGE_SHIFT
Christian.
> GFP_KERNEL);
> if (r)
> goto release_sg;
More information about the amd-gfx
mailing list