[Intel-gfx] [PATCH v2] drm/i915/guc: Document that the ads blob entries only lie within the first page

[Chris Wilson]

guc_addon_create() makes the assumption that it need only kmap the
initial page in order to write all of the configuration data used by the
guc. Confusingly it also allocates many scratch pages in the same vma
and passes that to the guc. Reassure the reader that all is well with a
BUILD_BUG_ON() that we do not access outside of the kmapped page.

v2: Fix check against ads entry

Signed-off-by: Chris Wilson <chris at chris-wilson.co.uk>
Cc: Michal Wajdeczko <michal.wajdeczko at intel.com>
Cc: Joonas Lahtinen <joonas.lahtinen at linux.intel.com>
Cc: Oscar Mateo <oscar.mateo at intel.com>
Cc: Daniele Ceraolo Spurio <daniele.ceraolospurio at intel.com>
---
 drivers/gpu/drm/i915/i915_guc_submission.c | 6 ++++++
 drivers/gpu/drm/i915/i915_utils.h          | 1 +
 2 files changed, 7 insertions(+)

diff --git a/drivers/gpu/drm/i915/i915_guc_submission.c b/drivers/gpu/drm/i915/i915_guc_submission.c
index 97726fcb1230..97ac04a823aa 100644
--- a/drivers/gpu/drm/i915/i915_guc_submission.c
+++ b/drivers/gpu/drm/i915/i915_guc_submission.c
@@ -888,13 +888,17 @@ static void guc_addon_create(struct intel_guc *guc)
 		guc->ads_vma = vma;
 	}
 
+	/* Written members are assumed to be in a single page */
+	BUILD_BUG_ON(ptr_offset(blob, reg_state_buffer) > PAGE_SIZE);
 	page = i915_vma_first_page(vma);
 	blob = kmap(page);
 
 	/* GuC scheduling policies */
+	BUILD_BUG_ON(ptr_offset_end(blob, policies) > PAGE_SIZE);
 	guc_policies_init(&blob->policies);
 
 	/* MMIO reg state */
+	BUILD_BUG_ON(ptr_offset_end(blob, reg_state) > PAGE_SIZE);
 	for_each_engine(engine, dev_priv, id) {
 		blob->reg_state.mmio_white_list[engine->guc_id].mmio_start =
 			engine->mmio_base + GUC_MMIO_WHITE_LIST_START;
@@ -903,6 +907,8 @@ static void guc_addon_create(struct intel_guc *guc)
 		blob->reg_state.mmio_white_list[engine->guc_id].count = 0;
 	}
 
+	BUILD_BUG_ON(ptr_offset_end(blob, ads) > PAGE_SIZE);
+
 	/*
 	 * The GuC requires a "Golden Context" when it reinitialises
 	 * engines after a reset. Here we use the Render ring default
diff --git a/drivers/gpu/drm/i915/i915_utils.h b/drivers/gpu/drm/i915/i915_utils.h
index 94a3a3299910..2976bf9d94b4 100644
--- a/drivers/gpu/drm/i915/i915_utils.h
+++ b/drivers/gpu/drm/i915/i915_utils.h
@@ -67,6 +67,7 @@
 	((typeof(ptr))((unsigned long)(ptr) | (bits)))
 
 #define ptr_offset(ptr, member) offsetof(typeof(*(ptr)), member)
+#define ptr_offset_end(ptr, member) offsetofend(typeof(*(ptr)), member)
 
 #define fetch_and_zero(ptr) ({						\
 	typeof(*ptr) __T = *(ptr);					\
-- 
2.11.0