[Intel-gfx] [PATCH] drm/i915: Sanity check the computed size and base of stolen memory
Joonas Lahtinen
joonas.lahtinen at linux.intel.com
Mon Jan 30 12:41:15 UTC 2017
On pe, 2017-01-27 at 17:20 +0000, Chris Wilson wrote:
> Just do a quick check that the stolen memory address range doesn't
> overflow our chosen integer type.
>
> Signed-off-by: Chris Wilson <chris at chris-wilson.co.uk>
<SNIP>
> @@ -189,7 +189,7 @@ static dma_addr_t i915_stolen_to_dma(struct drm_i915_private *dev_priv)
> base = tom - tseg_size - ggtt->stolen_size;
> }
>
> - if (base == 0)
> + if (base == 0 || base + ggtt->stolen_size <= base)
range_overflows?
Regards, Joonas
--
Joonas Lahtinen
Open Source Technology Center
Intel Corporation
More information about the Intel-gfx
mailing list