[PATCH RFCv2 0/4] Etnaviv DRM driver again
Lucas Stach
l.stach at pengutronix.de
Thu Oct 22 01:42:46 PDT 2015
Am Donnerstag, den 22.10.2015, 09:12 +0200 schrieb Daniel Vetter:
[...]
> > > - all the array allocations aren't checked for integer overflows in
> > > gem_submit. Just use kmalloc_array or similar to get this right. That
> > > means you need to allocations in submit_create, but imo better safe than
> > > security-buggy. Similar problem in submit_reloc, but there
> > > copy_from_user will protect you since you only copy individual structs.
> > > Still a bit fragile.
> >
> > I'm not sure kmalloc_array() is the right answer there, but I'll look
> > into it - I'd really like to avoid doing lots of small kmalloc()s all
> > over the place as each one has a non-zero cost. The more we can lump
> > together, the better - but it has to be done safely.
>
> That was just my preference since I have a hard time reasonining about
> overflow checks so like to avoid them.
>
We might just get some reasonable limits on the number of allowed
objects per submit in place, like 64k buffers and relocs should be
enough for everyone. *famous last words*
Regards,
Lucas
--
Pengutronix e.K. | Lucas Stach |
Industrial Linux Solutions | http://www.pengutronix.de/ |
More information about the dri-devel
mailing list